Report - fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip

Report Overview

Submitted URL
fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
IP
95.217.158.252
ASN
#24940 Hetzner Online GmbH
Submitted
2024-05-01 21:59:00
Access
public
Website Title
Download File - FileKnot.io
Final URL
fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ileeckut.com	unknown	2022-08-22	2022-08-22	2023-04-20	6.2 kB	60 kB	139.45.197.237
my.rtmark.net	9054	2014-10-29	2015-02-04	2024-04-30	415 B	740 B	139.45.195.8
fleraprt.com	unknown	2022-01-14	2022-01-14	2024-04-30	563 B	481 B	139.45.195.254
tzegilo.com	unknown	2022-01-14	2022-01-14	2024-04-30	394 B	20 kB	104.21.11.245
fileknot.io	unknown	2024-02-20	2024-03-06	2024-04-18	18 kB	1.2 MB	95.217.158.252
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-01	909 B	4.7 kB	142.250.74.106
waisheph.com	74994	2020-11-23	2020-12-10	2024-04-30	2.0 kB	44 kB	139.45.197.245
offerimage.com	304078	2019-06-10	2019-06-10	2024-04-30	1.3 kB	43 kB	104.22.33.172
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-30	418 B	102 kB	142.250.74.168
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-01	3.8 kB	283 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-01	medium	ileeckut.com	Sinkholed
2024-05-01	medium	ileeckut.com	Sinkholed
2024-05-01	medium	ileeckut.com	Sinkholed
2024-05-01	medium	ileeckut.com	Sinkholed
2024-05-01	medium	ileeckut.com	Sinkholed
2024-05-01	medium	ileeckut.com	Sinkholed
2024-05-01	medium	fleraprt.com	Sinkholed
2024-05-01	medium	tzegilo.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (23)

	URL	Size	First Seen	Last Seen
	fileknot.io/themes/spirit/assets/frontend/js/flickity.min.js	54 kB	2023-03-07	2024-05-15
Pretty URL fileknot.io/themes/spirit/assets/frontend/js/flickity.min.js IP 95.217.158.252 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:25 Last Seen2024-05-15 14:19:50 Times Seen5827 Hash 81a84001ccd9bdd589d1b4f187311b15 5cdf8cb0d97b5b16a5f812e1541ad387a7cb8af5 5a28889b1faf91d12eeb5b5d173c50135eefd7fdc29a951b365340cf473bd9b2 Loading...

	fileknot.io/themes/spirit/assets/frontend/js/scripts.js	112 kB	2023-03-07	2024-05-15
Pretty URL fileknot.io/themes/spirit/assets/frontend/js/scripts.js IP 95.217.158.252 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:47:38 Last Seen2024-05-15 14:19:50 Times Seen5738 Hash ccd6c308b2b8e36ae154d7bacea4240d f7d2f7195150771246dd599dbb4ff3bc2f0f2179 fc2a8bf60f1e7577697c0b457c01aeeecfd2b18ea68c93e2d374bf6d95fbe7a0 Loading...

	fileknot.io/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js	87 kB	2023-03-07	2024-05-15
Pretty URL fileknot.io/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js IP 95.217.158.252 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-05-15 21:25:04 Times Seen269000 Hash e071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Loading...

	fileknot.io/themes/spirit/assets/frontend/js/typed.min.js	3.9 kB	2023-03-07	2024-05-15
Pretty URL fileknot.io/themes/spirit/assets/frontend/js/typed.min.js IP 95.217.158.252 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:01 Last Seen2024-05-15 14:19:49 Times Seen6096 Hash 2f6185a8a32a50b2b3e04849f44359d4 0e5501588c5c0d1c9462f34b0d56c21abff5bfef 914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b Loading...

	fileknot.io/themes/spirit/assets/frontend/js/datepicker.js	21 kB	2023-03-07	2024-05-15
Pretty URL fileknot.io/themes/spirit/assets/frontend/js/datepicker.js IP 95.217.158.252 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:01 Last Seen2024-05-15 14:19:50 Times Seen6082 Hash 8cfe207a6a21c7495cfb751c761217a6 35d686a6c4ecc9946c35444ce93e110cb0e1611c 804e3c2608de23694fa71684178e2f9815115d56ee022ec770e1fcb208847acc Loading...

	fileknot.io/themes/spirit/assets/frontend/js/jquery.steps.min.js	14 kB	2023-03-07	2024-05-15
Pretty URL fileknot.io/themes/spirit/assets/frontend/js/jquery.steps.min.js IP 95.217.158.252 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:25 Last Seen2024-05-15 14:19:50 Times Seen5898 Hash 4c5e9f4e84d32b7df69af7420b355e03 14e1e287ec98e8cc0a992ee996783b0c42f9ec0f c9459a9e11e4c63fb7a30d2a644e80b733fc9599302ef3da8142cbe8f9d9333d Loading...

	fileknot.io/themes/spirit/assets/frontend/js/countdown.min.js	5.3 kB	2023-03-07	2024-05-15
Pretty URL fileknot.io/themes/spirit/assets/frontend/js/countdown.min.js IP 95.217.158.252 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-15 19:56:52 Times Seen8897 Hash 5d3ff3c3fbaa67cc639501f44eeb07be bd66e4cd58de09c198e7abc77fa4c883955d189e 2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f Loading...

	fileknot.io/themes/spirit/assets/frontend/js/cookiealert.js	1.8 kB	2023-03-07	2024-05-15
Pretty URL fileknot.io/themes/spirit/assets/frontend/js/cookiealert.js IP 95.217.158.252 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:47:38 Last Seen2024-05-15 14:19:50 Times Seen5527 Hash 81279e22c8ece9e1d0536a402484daa3 911797507fb12d4f451d5900e32db96ad697c401 5c6237178e88ab7f1c6e26c9e99547e58782450b8f2a182129448ff4d99e89ab Loading...

	www.googletagmanager.com/gtag/js?id=G-TKMKCMZF46	305 kB	2024-05-01	2024-05-01
Pretty URL www.googletagmanager.com/gtag/js?id=G-TKMKCMZF46 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-01 23:59:01 Last Seen2024-05-01 23:59:01 Times Seen2 Hash c3753765627b2fc36976f10bb2622bc8 751015f574072af27273a261872bca5ebbab02cb 77aa97d865a66a74dd3999b52d5070a1447b0af055b43d1407d6d03e2c3ecaaa Loading...

	fileknot.io/themes/spirit/assets/frontend/js/jquery.dataTables.min.js	70 kB	2023-03-07	2024-05-15
Pretty URL fileknot.io/themes/spirit/assets/frontend/js/jquery.dataTables.min.js IP 95.217.158.252 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-15 21:26:40 Times Seen7819 Hash 737f853e9fd6a31d62f5028e88663c9f cf144f2ab49f53a69fbfe10d3588fc23437d2736 6c3ca64b7acfdd29b3ca6f1b9b46696369abd462d4546182085c347f72211841 Loading...

	ileeckut.com/400/7407089	84 kB	2024-05-01	2024-05-01
Pretty URL ileeckut.com/400/7407089 IP 139.45.197.237 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-01 23:59:01 Last Seen2024-05-01 23:59:01 Times Seen1 Hash 62291f6aaa5d92da0bc90b8bc1e7c1b4 dd0dbfc08fa851d51c02abd524e61eeb3ab909b2 ec218cb0381e4cfa8943e339b545eeaded50675fd6e260a40d008e9271fccf8d Loading...

	fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip	44 B	2023-03-07	2024-05-15
Pretty URL fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip IP 95.217.158.252 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:28:01 Last Seen2024-05-15 14:19:49 Times Seen3162 Hash 21d884540875fb4d2b8f280c541d092c 9f2a58bb4ff1897269b2df54e333ce35d4435b91 8f75c65a00382bae7799a76f3517023df9a72035e9b469e95469b028d4bd0d0a Loading...

	fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip	66 kB	2024-04-28	2024-05-02
Pretty URL fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip IP 95.217.158.252 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-28 16:17:41 Last Seen2024-05-02 10:45:38 Times Seen301 Hash 3184d77ccfcc303c619b772ee7f6dcdd 57876ac43d229241a2d0bee432a593d4c64902da 4c86dba67bb979d2b101547877684486c8becf17354118d0d353e54055336162 Loading...

	fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip	446 B	2024-04-28	2024-05-02
Pretty URL fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip IP 95.217.158.252 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-28 16:17:41 Last Seen2024-05-02 10:45:38 Times Seen301 Hash 25b7775618b6bfb802e10b20091fb375 f2abdda35de77386fe7296ee753d18b981b9983f 3068c80781573ef694810e0bf56798160b94e2b8d88a066875e7364ee5a16f79 Loading...

	fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip	66 kB	2024-04-28	2024-05-02
Pretty URL fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip IP 95.217.158.252 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-28 16:17:41 Last Seen2024-05-02 10:45:38 Times Seen301 Hash 52908443376f1a0c66cefafb0595a097 0ffea36102f86abcb5ecedae7530cf495d8d4264 4106dc7c1325147ea948cf0eaa8629c94ce7b404b5aa3f749a6a048a615feb80 Loading...

	fileknot.io/themes/spirit/assets/frontend/js/granim.min.js	11 kB	2023-03-07	2024-05-15
Pretty URL fileknot.io/themes/spirit/assets/frontend/js/granim.min.js IP 95.217.158.252 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:25 Last Seen2024-05-15 14:19:50 Times Seen5752 Hash 2c16a9a724563fc0c306abb5bdeb03fe 90c2032537714e66059a3eaa150b93f3c9c80163 997a15cf01d5118cb0106587f441c32de2074c8dc12d85cf7c7dc430e2ee342e Loading...

	fileknot.io/themes/spirit/assets/frontend/js/smooth-scroll.min.js	6.0 kB	2023-03-07	2024-05-15
Pretty URL fileknot.io/themes/spirit/assets/frontend/js/smooth-scroll.min.js IP 95.217.158.252 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:25 Last Seen2024-05-15 14:19:50 Times Seen5443 Hash b67e171349c4716dd7bb15c018a2c8c1 60b204148c0eed83b06043897d1cbd54709eab66 8daef829c397c41e42a1f9faffc25aa4834334e5305805419933a1b44b6c1e30 Loading...

	fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip	230 B	2024-04-28	2024-05-02
Pretty URL fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip IP 95.217.158.252 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-28 16:17:41 Last Seen2024-05-02 10:45:38 Times Seen301 Hash fe42b6254222d0e7ef3e653f5e968b98 989610db93efb589ff19d6b4aa0b383202d2f79a 4dababfba79bac3e86ddfaddb7f4aea2475c8bb09528043ec1cdb56fc9fe3ad2 Loading...

	fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip	939 B	2024-05-01	2024-05-01
Pretty URL fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip IP 95.217.158.252 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-01 23:59:01 Last Seen2024-05-01 23:59:01 Times Seen1 Hash f3f519603692d0a748cf7ce55a84e88a 9ed88f998fd87e4c459fb51e3e40571124c23bfb 165da10967f8a4b9fd085d04159043ad3ba70abd943f5dea646dd3f08e5a7795 Loading...

	fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip	292 B	2023-03-07	2024-05-15
Pretty URL fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip IP 95.217.158.252 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:28:01 Last Seen2024-05-15 14:19:50 Times Seen3263 Hash f6038f840321581380bcf8e68fbec2ed 9c64ca84baabd04b9994597b90882d8ec7158ba2 fc7d223cc022e6a00869dea89642667579b0ca033afb07bb0070c7b7a0fd23c3 Loading...

	waisheph.com/tag.min.js	90 kB	2024-05-01	2024-05-02
Pretty URL waisheph.com/tag.min.js IP 139.45.197.245 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-01 20:08:18 Last Seen2024-05-02 10:44:40 Times Seen148 Hash c0a42ca809f297868c31761277b7842e 1f0e3a25517ada67fb5b3dd0e9cbe862f0c2a2c1 0e70cf781ca7063e40c103f3de35456c9955174b862ec1a26fca448fd08a4953 Loading...

	tzegilo.com/stattag.js	19 kB	2024-02-10	2024-05-15
Pretty URL tzegilo.com/stattag.js IP 104.21.11.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-10 03:00:18 Last Seen2024-05-15 20:30:49 Times Seen1754 Hash 70ebd404c2e1e7bad13998538b56887c 86e57af8ba3cfc2c004da3311835f6b54ba6d848 d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f Loading...

	fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip	153 B	2024-03-07	2024-05-12
Pretty URL fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip IP 95.217.158.252 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-07 09:03:54 Last Seen2024-05-12 05:06:42 Times Seen697 Hash 2f8e34754769a9136ce16a2ee12451ab 6799b20c800840a8f87a98cb1b84015720dc3848 738a950160ecdc566f5780fa72c0f011844b2828fdb354d9657ed9aa91820806 Loading...

HTTP Transactions (57)

URL IP Response Size

fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip

95.217.158.252

200 OK

53 kB

URL HEAD HTTP/1.1
fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type
HTML document, ASCII text, with very long lines (56359)
Size
53 kB (53285 bytes)
Hash
089924af123327cfbbc7db0e26a38aaf
9e9bcc0762a8b5e8aae484ec13ed81b9d2eaaf6d
515e81927f4613b434a48bd6c53ed779a3ba8704e31b1d0bf65c371fe83f8222

HTTP Headers

GET /9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1; expires=Thu, 02-May-2024 21:58:32 GMT; Max-Age=86400; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, no-cache, private
Date: Wed, 01 May 2024 21:58:33 GMT
Content-Encoding: gzip

fileknot.io/themes/spirit/assets/frontend/css/bootstrap.min.css

95.217.158.252

200 OK

77 kB

URL GET HTTP/1.1
fileknot.io/themes/spirit/assets/frontend/css/bootstrap.min.css
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type
ASCII text, with very long lines (65324)
Size
77 kB (76917 bytes)
Hash
bc48830f50049b0cbbe3dd417755a347
e5cdb6545f9b4bce4eeda78f64a714e2de4d0e09
7d56baeec9679114562cdc56d3f28cb9a43263cada11b1f64809851e7a8b1419

HTTP Headers

GET /themes/spirit/assets/frontend/css/bootstrap.min.css HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 21:58:33 GMT
Content-Type: text/css
Content-Length: 76917
Last-Modified: Mon, 28 Sep 2020 15:26:44 GMT
Connection: keep-alive
ETag: "5f7200b4-12c75"
Accept-Ranges: bytes

fileknot.io/themes/spirit/assets/frontend/css/stack-interface.css

95.217.158.252

200 OK

3.1 kB

URL GET HTTP/1.1
fileknot.io/themes/spirit/assets/frontend/css/stack-interface.css
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type
Unicode text, UTF-8 text
Size
3.1 kB (3082 bytes)
Hash
6406d626f8bfc1e6815698bfecf9a2f8
a918901be3ab1b9bb4ce9980db521eb4731bb82b
f620d1bf10d3f45a7b19edd4f863090c5dd5031411918508493634c4018e81b7

HTTP Headers

GET /themes/spirit/assets/frontend/css/stack-interface.css HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 21:58:33 GMT
Content-Type: text/css
Content-Length: 3082
Last-Modified: Mon, 28 Sep 2020 15:26:44 GMT
Connection: keep-alive
ETag: "5f7200b4-c0a"
Accept-Ranges: bytes

fileknot.io/themes/spirit/assets/frontend/css/jquery.steps.css

95.217.158.252

200 OK

5.6 kB

URL GET HTTP/1.1
fileknot.io/themes/spirit/assets/frontend/css/jquery.steps.css
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type
ASCII text
Size
5.6 kB (5638 bytes)
Hash
a0ed38e9ba9498867df1f62407377def
6d2278f924b80328695e8fe5213b252ae499fc77
70110803124af60b1e1dc1ea3c0408353947b4a0d7000f47873c85287de875d5

HTTP Headers

GET /themes/spirit/assets/frontend/css/jquery.steps.css HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 21:58:33 GMT
Content-Type: text/css
Content-Length: 5638
Last-Modified: Mon, 28 Sep 2020 15:26:44 GMT
Connection: keep-alive
ETag: "5f7200b4-1606"
Accept-Ranges: bytes

fileknot.io/themes/spirit/assets/frontend/css/cookiealert.css

95.217.158.252

200 OK

12 kB

URL GET HTTP/1.1
fileknot.io/themes/spirit/assets/frontend/css/cookiealert.css
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type
ASCII text, with very long lines (11486), with CRLF line terminators
Size
12 kB (12369 bytes)
Hash
3d2946aeae3cc8f43e2acf82ea029bd4
c25a0bd445ff9e6034d34e8f388f5565515a2783
705d9fc8952ac3bf3d9300e3d9ea6753284cdd920c34be0213ec8bc862df7a28

HTTP Headers

GET /themes/spirit/assets/frontend/css/cookiealert.css HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 21:58:33 GMT
Content-Type: text/css
Content-Length: 12369
Last-Modified: Mon, 28 Sep 2020 15:26:44 GMT
Connection: keep-alive
ETag: "5f7200b4-3051"
Accept-Ranges: bytes

fileknot.io/themes/spirit/assets/frontend/css/socicon.css

95.217.158.252

200 OK

9.3 kB

URL GET HTTP/1.1
fileknot.io/themes/spirit/assets/frontend/css/socicon.css
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type
ASCII text
Size
9.3 kB (9283 bytes)
Hash
b23fff7d228bbe8796ad8b3d280e3401
1a9861031bda4d3c1cb58564107d8b777982750b
17beb90ae4f385180d6b7d184dcb640ccd2a360e4ee03af0254c83b00ef87202

HTTP Headers

GET /themes/spirit/assets/frontend/css/socicon.css HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 21:58:33 GMT
Content-Type: text/css
Content-Length: 9283
Last-Modified: Mon, 28 Sep 2020 15:26:44 GMT
Connection: keep-alive
ETag: "5f7200b4-2443"
Accept-Ranges: bytes

fileknot.io/themes/spirit/assets/frontend/css/lightbox.min.css

95.217.158.252

200 OK

3.7 kB

URL GET HTTP/1.1
fileknot.io/themes/spirit/assets/frontend/css/lightbox.min.css
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type
ASCII text
Size
3.7 kB (3668 bytes)
Hash
40cab6b747df96a8a66f5c0ac4e034dd
85dd24bc614fb1ecaeb873f4e686213aa53927c3
798da60d899fcd9aa5074834d88b63c398dd72af5711ed48d7f68dde8dc8db5e

HTTP Headers

GET /themes/spirit/assets/frontend/css/lightbox.min.css HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 21:58:33 GMT
Content-Type: text/css
Content-Length: 3668
Last-Modified: Mon, 28 Sep 2020 15:26:46 GMT
Connection: keep-alive
ETag: "5f7200b6-e54"
Accept-Ranges: bytes

fileknot.io/themes/spirit/assets/frontend/css/flickity.css

95.217.158.252

200 OK

2.4 kB

URL GET HTTP/1.1
fileknot.io/themes/spirit/assets/frontend/css/flickity.css
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type
ASCII text
Size
2.4 kB (2392 bytes)
Hash
5439695b076327f53edcda86d192856b
d938327051f0bf044bc65b68721ad3193bd2ef12
1709404c1e9beb94953cc95fcc3477e7cb4213e03bfe9bbe0f8a37877c1c6e42

HTTP Headers

GET /themes/spirit/assets/frontend/css/flickity.css HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 21:58:33 GMT
Content-Type: text/css
Content-Length: 2392
Last-Modified: Mon, 28 Sep 2020 15:26:44 GMT
Connection: keep-alive
ETag: "5f7200b4-958"
Accept-Ranges: bytes

fileknot.io/themes/spirit/assets/frontend/css/custom.css

95.217.158.252

200 OK

8.9 kB

URL GET HTTP/1.1
fileknot.io/themes/spirit/assets/frontend/css/custom.css
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type
assembler source, ASCII text, with CRLF line terminators
Size
8.9 kB (8939 bytes)
Hash
2d34677dcb97822f9aba5b99bda85a5b
a379d63073cb978f7ca8393040f3f709556cc202
e42f4e33f6ac2e2a576bb83e540cf63ef44ac4fc01495d08a47697991b1f5458

HTTP Headers

GET /themes/spirit/assets/frontend/css/custom.css HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 21:58:33 GMT
Content-Type: text/css
Content-Length: 8939
Last-Modified: Thu, 30 Mar 2023 04:27:22 GMT
Connection: keep-alive
ETag: "64250faa-22eb"
Accept-Ranges: bytes

fileknot.io/themes/spirit/assets/frontend/css/theme/red.css

95.217.158.252

200 OK

201 kB

URL GET HTTP/1.1
fileknot.io/themes/spirit/assets/frontend/css/theme/red.css
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type
assembler source, ASCII text
Size
201 kB (200780 bytes)
Hash
9cff116a152b3c016fa75940add96a21
89d1dec321e84a767467a7cb96ec61e621b84a2a
5768e1eaa7d32942d474a1fe8177ec8a40de3302b912108f807c849e76ead99c

HTTP Headers

GET /themes/spirit/assets/frontend/css/theme/red.css HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 21:58:33 GMT
Content-Type: text/css
Content-Length: 200780
Last-Modified: Fri, 09 Jun 2023 18:00:30 GMT
Connection: keep-alive
ETag: "648368be-3104c"
Accept-Ranges: bytes

fileknot.io/themes/spirit/assets/frontend/css/font-awesome.min.css

95.217.158.252

200 OK

59 kB

URL GET HTTP/1.1
fileknot.io/themes/spirit/assets/frontend/css/font-awesome.min.css
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type
ASCII text, with very long lines (58929)
Size
59 kB (59115 bytes)
Hash
66e407beb68fdbb8bacd87d91ddf7829
5ed55601e30871fb757dc4b78a40a432f9a3600b
eb98a660b34391ce502005c6b8553af83defcf0832489134efb499498051d1d9

HTTP Headers

GET /themes/spirit/assets/frontend/css/font-awesome.min.css HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 21:58:33 GMT
Content-Type: text/css
Content-Length: 59115
Last-Modified: Mon, 28 Sep 2020 15:26:44 GMT
Connection: keep-alive
ETag: "5f7200b4-e6eb"
Accept-Ranges: bytes

fileknot.io/themes/spirit/assets/frontend/js/flickity.min.js

95.217.158.252

200 OK

54 kB

URL GET HTTP/1.1
fileknot.io/themes/spirit/assets/frontend/js/flickity.min.js
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type
JavaScript source, ASCII text, with very long lines (32032)
Size
54 kB (53861 bytes)
Hash
81a84001ccd9bdd589d1b4f187311b15
5cdf8cb0d97b5b16a5f812e1541ad387a7cb8af5
5a28889b1faf91d12eeb5b5d173c50135eefd7fdc29a951b365340cf473bd9b2

HTTP Headers

GET /themes/spirit/assets/frontend/js/flickity.min.js HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 21:58:33 GMT
Content-Type: application/javascript
Content-Length: 53861
Last-Modified: Mon, 28 Sep 2020 15:26:40 GMT
Connection: keep-alive
ETag: "5f7200b0-d265"
Accept-Ranges: bytes

fileknot.io/themes/spirit/assets/frontend/css/iconsmind.css

95.217.158.252

200 OK

96 kB

URL GET HTTP/1.1
fileknot.io/themes/spirit/assets/frontend/css/iconsmind.css
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type
ASCII text
Size
96 kB (96447 bytes)
Hash
39aa385af1cfd640bac73a09de3ac9fe
6d17dff21d04138cd8ab3ef9dfe1eae79994834c
0909de268b3276cb7464acb2f86701f62974a893dd374312908a3f8efc363438

HTTP Headers

GET /themes/spirit/assets/frontend/css/iconsmind.css HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 21:58:33 GMT
Content-Type: text/css
Content-Length: 96447
Last-Modified: Mon, 28 Sep 2020 15:26:44 GMT
Connection: keep-alive
ETag: "5f7200b4-178bf"
Accept-Ranges: bytes

fileknot.io/themes/spirit/assets/frontend/css/theme.css

95.217.158.252

200 OK

197 kB

URL GET HTTP/1.1
fileknot.io/themes/spirit/assets/frontend/css/theme.css
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type
assembler source, ASCII text
Size
197 kB (197018 bytes)
Hash
dffe46f9563b1df7e079ff40aed68bd6
f6886f1e4383bbc4bcfac1b036b71a6130930758
a9a7db4665ab3edea2abe8c718413e32f7448bcea298fcba7276b545c8d85416

HTTP Headers

GET /themes/spirit/assets/frontend/css/theme.css HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 21:58:33 GMT
Content-Type: text/css
Content-Length: 197018
Last-Modified: Tue, 28 Mar 2023 19:55:48 GMT
Connection: keep-alive
ETag: "64234644-3019a"
Accept-Ranges: bytes

fileknot.io/themes/spirit/assets/frontend/js/typed.min.js

95.217.158.252

200 OK

3.9 kB

URL GET HTTP/1.1
fileknot.io/themes/spirit/assets/frontend/js/typed.min.js
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type
JavaScript source, ASCII text, with very long lines (3949), with no line terminators
Size
3.9 kB (3949 bytes)
Hash
2f6185a8a32a50b2b3e04849f44359d4
0e5501588c5c0d1c9462f34b0d56c21abff5bfef
914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b

HTTP Headers

GET /themes/spirit/assets/frontend/js/typed.min.js HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 21:58:33 GMT
Content-Type: application/javascript
Content-Length: 3949
Last-Modified: Mon, 28 Sep 2020 15:26:40 GMT
Connection: keep-alive
ETag: "5f7200b0-f6d"
Accept-Ranges: bytes

fileknot.io/themes/spirit/assets/frontend/js/datepicker.js

95.217.158.252

200 OK

21 kB

URL GET HTTP/1.1
fileknot.io/themes/spirit/assets/frontend/js/datepicker.js
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type
JavaScript source, ASCII text, with very long lines (12692), with CRLF line terminators
Size
21 kB (20975 bytes)
Hash
8cfe207a6a21c7495cfb751c761217a6
35d686a6c4ecc9946c35444ce93e110cb0e1611c
804e3c2608de23694fa71684178e2f9815115d56ee022ec770e1fcb208847acc

HTTP Headers

GET /themes/spirit/assets/frontend/js/datepicker.js HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 21:58:33 GMT
Content-Type: application/javascript
Content-Length: 20975
Last-Modified: Mon, 28 Sep 2020 15:26:40 GMT
Connection: keep-alive
ETag: "5f7200b0-51ef"
Accept-Ranges: bytes

fileknot.io/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js

95.217.158.252

200 OK

87 kB

URL GET HTTP/1.1
fileknot.io/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type
JavaScript source, ASCII text, with very long lines (32030)
Size
87 kB (86709 bytes)
Hash
e071abda8fe61194711cfc2ab99fe104
f647a6d37dc4ca055ced3cf64bbc1f490070acba
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

HTTP Headers

GET /themes/spirit/assets/frontend/js/jquery-3.1.1.min.js HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 21:58:33 GMT
Content-Type: application/javascript
Content-Length: 86709
Last-Modified: Mon, 28 Sep 2020 15:26:40 GMT
Connection: keep-alive
ETag: "5f7200b0-152b5"
Accept-Ranges: bytes

fileknot.io/themes/spirit/assets/frontend/js/jquery.steps.min.js

95.217.158.252

200 OK

14 kB

URL GET HTTP/1.1
fileknot.io/themes/spirit/assets/frontend/js/jquery.steps.min.js
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type
JavaScript source, ASCII text, with very long lines (13686)
Size
14 kB (13857 bytes)
Hash
4c5e9f4e84d32b7df69af7420b355e03
14e1e287ec98e8cc0a992ee996783b0c42f9ec0f
c9459a9e11e4c63fb7a30d2a644e80b733fc9599302ef3da8142cbe8f9d9333d

HTTP Headers

GET /themes/spirit/assets/frontend/js/jquery.steps.min.js HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 21:58:33 GMT
Content-Type: application/javascript
Content-Length: 13857
Last-Modified: Mon, 28 Sep 2020 15:26:40 GMT
Connection: keep-alive
ETag: "5f7200b0-3621"
Accept-Ranges: bytes

fileknot.io/themes/spirit/assets/frontend/js/jquery.dataTables.min.js

95.217.158.252

200 OK

70 kB

URL GET HTTP/1.1
fileknot.io/themes/spirit/assets/frontend/js/jquery.dataTables.min.js
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type
JavaScript source, ASCII text, with very long lines (768)
Size
70 kB (69604 bytes)
Hash
737f853e9fd6a31d62f5028e88663c9f
cf144f2ab49f53a69fbfe10d3588fc23437d2736
6c3ca64b7acfdd29b3ca6f1b9b46696369abd462d4546182085c347f72211841

HTTP Headers

GET /themes/spirit/assets/frontend/js/jquery.dataTables.min.js HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 21:58:33 GMT
Content-Type: application/javascript
Content-Length: 69604
Last-Modified: Mon, 28 Sep 2020 15:26:40 GMT
Connection: keep-alive
ETag: "5f7200b0-10fe4"
Accept-Ranges: bytes

fileknot.io/themes/spirit/assets/frontend/js/granim.min.js

95.217.158.252

200 OK

11 kB

URL GET HTTP/1.1
fileknot.io/themes/spirit/assets/frontend/js/granim.min.js
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type
JavaScript source, ASCII text, with very long lines (10573)
Size
11 kB (10634 bytes)
Hash
2c16a9a724563fc0c306abb5bdeb03fe
90c2032537714e66059a3eaa150b93f3c9c80163
997a15cf01d5118cb0106587f441c32de2074c8dc12d85cf7c7dc430e2ee342e

HTTP Headers

GET /themes/spirit/assets/frontend/js/granim.min.js HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 21:58:33 GMT
Content-Type: application/javascript
Content-Length: 10634
Last-Modified: Mon, 28 Sep 2020 15:26:40 GMT
Connection: keep-alive
ETag: "5f7200b0-298a"
Accept-Ranges: bytes

fileknot.io/themes/spirit/assets/frontend/js/smooth-scroll.min.js

95.217.158.252

200 OK

6.0 kB

URL GET HTTP/1.1
fileknot.io/themes/spirit/assets/frontend/js/smooth-scroll.min.js
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type
JavaScript source, ASCII text, with very long lines (4887)
Size
6.0 kB (6006 bytes)
Hash
b67e171349c4716dd7bb15c018a2c8c1
60b204148c0eed83b06043897d1cbd54709eab66
8daef829c397c41e42a1f9faffc25aa4834334e5305805419933a1b44b6c1e30

HTTP Headers

GET /themes/spirit/assets/frontend/js/smooth-scroll.min.js HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 21:58:33 GMT
Content-Type: application/javascript
Content-Length: 6006
Last-Modified: Mon, 28 Sep 2020 15:26:40 GMT
Connection: keep-alive
ETag: "5f7200b0-1776"
Accept-Ranges: bytes

fileknot.io/themes/spirit/assets/frontend/js/countdown.min.js

95.217.158.252

200 OK

5.3 kB

URL GET HTTP/1.1
fileknot.io/themes/spirit/assets/frontend/js/countdown.min.js
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type
JavaScript source, ASCII text, with very long lines (4136)
Size
5.3 kB (5339 bytes)
Hash
5d3ff3c3fbaa67cc639501f44eeb07be
bd66e4cd58de09c198e7abc77fa4c883955d189e
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f

HTTP Headers

GET /themes/spirit/assets/frontend/js/countdown.min.js HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 21:58:33 GMT
Content-Type: application/javascript
Content-Length: 5339
Last-Modified: Mon, 28 Sep 2020 15:26:40 GMT
Connection: keep-alive
ETag: "5f7200b0-14db"
Accept-Ranges: bytes

fileknot.io/themes/spirit/assets/frontend/js/cookiealert.js

95.217.158.252

200 OK

1.8 kB

URL GET HTTP/1.1
fileknot.io/themes/spirit/assets/frontend/js/cookiealert.js
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
1.8 kB (1836 bytes)
Hash
81279e22c8ece9e1d0536a402484daa3
911797507fb12d4f451d5900e32db96ad697c401
5c6237178e88ab7f1c6e26c9e99547e58782450b8f2a182129448ff4d99e89ab

HTTP Headers

GET /themes/spirit/assets/frontend/js/cookiealert.js HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 21:58:33 GMT
Content-Type: application/javascript
Content-Length: 1836
Last-Modified: Mon, 28 Sep 2020 15:26:40 GMT
Connection: keep-alive
ETag: "5f7200b0-72c"
Accept-Ranges: bytes

fileknot.io/themes/spirit/assets/frontend/js/scripts.js

95.217.158.252

200 OK

112 kB

URL GET HTTP/1.1
fileknot.io/themes/spirit/assets/frontend/js/scripts.js
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type
JavaScript source, ASCII text, with very long lines (914)
Size
112 kB (111905 bytes)
Hash
ccd6c308b2b8e36ae154d7bacea4240d
f7d2f7195150771246dd599dbb4ff3bc2f0f2179
fc2a8bf60f1e7577697c0b457c01aeeecfd2b18ea68c93e2d374bf6d95fbe7a0

HTTP Headers

GET /themes/spirit/assets/frontend/js/scripts.js HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 21:58:33 GMT
Content-Type: application/javascript
Content-Length: 111905
Last-Modified: Wed, 14 Oct 2020 17:17:02 GMT
Connection: keep-alive
ETag: "5f87328e-1b521"
Accept-Ranges: bytes

fileknot.io/cache/themes/spirit/logo.png

95.217.158.252

200 OK

6.3 kB

URL GET HTTP/1.1
fileknot.io/cache/themes/spirit/logo.png
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type
PNG image data, 431 x 85, 8-bit colormap, non-interlaced
Size
6.3 kB (6349 bytes)
Hash
0ab8013080ccdd0222f01ead7d6156d9
120d7ed83eba2f0af0b9e956c312dedcc34e00a0
55808b2db6733b9637842fdcd84a95fbd204b0b3fc8d7ba39ae24285efd99e44

HTTP Headers

GET /cache/themes/spirit/logo.png HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 21:58:33 GMT
Content-Type: image/png
Content-Length: 6349
Last-Modified: Wed, 22 Feb 2023 11:40:31 GMT
Connection: keep-alive
ETag: "63f5ff2f-18cd"
Accept-Ranges: bytes

fileknot.io/cache/themes/spirit/logo_inverse.png

95.217.158.252

200 OK

6.3 kB

URL GET HTTP/1.1
fileknot.io/cache/themes/spirit/logo_inverse.png
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type
PNG image data, 431 x 85, 8-bit colormap, non-interlaced
Size
6.3 kB (6349 bytes)
Hash
0ab8013080ccdd0222f01ead7d6156d9
120d7ed83eba2f0af0b9e956c312dedcc34e00a0
55808b2db6733b9637842fdcd84a95fbd204b0b3fc8d7ba39ae24285efd99e44

HTTP Headers

GET /cache/themes/spirit/logo_inverse.png HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 21:58:33 GMT
Content-Type: image/png
Content-Length: 6349
Last-Modified: Wed, 22 Feb 2023 11:40:31 GMT
Connection: keep-alive
ETag: "63f5ff2f-18cd"
Accept-Ranges: bytes

www.googletagmanager.com/gtag/js?id=G-TKMKCMZF46

142.250.74.168

200 OK

102 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-TKMKCMZF46
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
102 kB (101603 bytes)
Hash
c3753765627b2fc36976f10bb2622bc8
751015f574072af27273a261872bca5ebbab02cb
77aa97d865a66a74dd3999b52d5070a1447b0af055b43d1407d6d03e2c3ecaaa

HTTP Headers

GET /gtag/js?id=G-TKMKCMZF46 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 May 2024 21:58:33 GMT
expires: Wed, 01 May 2024 21:58:33 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101603
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.106

200 OK

812 B

URL GET HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
gzip compressed data, max compression
Size
812 B (812 bytes)
Hash
0a7a11d3740ad40763d864d0e4cbaad5
8eb176e3c303e433de8e7862679ec81a950055f7
0995f0dcc5ef038daeba045bb2a3e86a0d4ed6942768ef814b5b819402fb9747

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 01 May 2024 21:58:33 GMT
date: Wed, 01 May 2024 21:58:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fileknot.io/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631

95.217.158.252

200 OK

4.3 kB

URL GET HTTP/1.1
fileknot.io/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type
Web Open Font Format (Version 2), TrueType, length 4292, version 1.0
Size
4.3 kB (4292 bytes)
Hash
ae072782b361d2afdbf43db08d3cfb73
f3db2e65b53d97491672f8631e21d6d05905cc88
31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b

HTTP Headers

GET /themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631 HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/themes/spirit/assets/frontend/css/stack-interface.css
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 21:58:34 GMT
Content-Type: application/octet-stream
Content-Length: 4292
Last-Modified: Mon, 28 Sep 2020 15:26:44 GMT
Connection: keep-alive
ETag: "5f7200b4-10c4"
Accept-Ranges: bytes

fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i

142.250.74.106

200 OK

2.7 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
gzip compressed data, max compression
Size
2.7 kB (2655 bytes)
Hash
ae6195fbc0f6e10a9d4cb2504c6fcc52
11da97dc9a755b548ffd890761cbfb8f8052c6aa
07c05db5638a81c2e184215d04947eb857f86403a1df56e1e8e33c7116f69d07

HTTP Headers

GET /css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 01 May 2024 21:58:33 GMT
date: Wed, 01 May 2024 21:58:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fileknot.io
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:35:00 GMT
expires: Fri, 25 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 588214
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fileknot.io
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:35:00 GMT
expires: Fri, 25 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 588214
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fileknot.io
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:35:00 GMT
expires: Fri, 25 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 588214
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip

95.217.158.252

200 OK

0 B

URL HEAD HTTP/1.1
fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, no-cache, private
Date: Wed, 01 May 2024 21:58:34 GMT
Content-Encoding: gzip

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fileknot.io
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:35:00 GMT
expires: Fri, 25 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 588214
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fileknot.io
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:35:00 GMT
expires: Fri, 25 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 588214
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2

216.58.207.227

200 OK

19 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19280, version 1.0
Size
19 kB (19280 bytes)
Hash
386fb59be54b2d819064af98e57cc226
9e2d14d736be97ec84bfca3513558450cd6e3249
b4855cc8ec721cbaf27f3c907345e101b1524858221c14faa79df34cb2f84991

HTTP Headers

GET /s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fileknot.io
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19280
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 Apr 2024 01:22:45 GMT
expires: Sun, 27 Apr 2025 01:22:45 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:02:23 GMT
content-type: font/woff2
age: 419749
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fileknot.io/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2

95.217.158.252

200 OK

80 kB

URL GET HTTP/1.1
fileknot.io/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type
Web Open Font Format (Version 2), TrueType, length 80148, version 331.17301
Size
80 kB (80148 bytes)
Hash
c500da19d776384ba69573ae6fe274e7
6290834672aba86d5b6c1c73b30b57c9c53996f7
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

HTTP Headers

GET /themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2 HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/themes/spirit/assets/frontend/css/font-awesome.min.css
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 21:58:34 GMT
Content-Type: application/octet-stream
Content-Length: 80148
Last-Modified: Mon, 28 Sep 2020 15:26:42 GMT
Connection: keep-alive
ETag: "5f7200b2-13914"
Accept-Ranges: bytes

waisheph.com/tag.min.js

139.45.197.245

200 OK

28 kB

URL GET HTTP/2
waisheph.com/tag.min.js
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectwaisheph.com
FingerprintA9:8B:DF:A0:A2:80:A9:70:4A:F5:46:4A:EB:8E:00:E7:82:98:AC:8E
ValidityTue, 19 Mar 2024 01:27:24 GMT - Mon, 17 Jun 2024 01:27:23 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
28 kB (28334 bytes)
Hash
c0a42ca809f297868c31761277b7842e
1f0e3a25517ada67fb5b3dd0e9cbe862f0c2a2c1
0e70cf781ca7063e40c103f3de35456c9955174b862ec1a26fca448fd08a4953

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: waisheph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:58:34 GMT
content-type: text/javascript; charset=utf-8
content-length: 28334
content-encoding: br
x-trace-id: 05cf784dfe977ee065ee95e50cc5ad6b
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Wed, 01 May 2024 17:48:07 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 16516, version 1.0
Size
16 kB (16516 bytes)
Hash
02ea59496b25ec14db0cd442451bf9f7
4266d37e1db030954b04cd1cf3ec06591d75fcab
dc0387c80ff53df47ca7ec19db75224fdb90a230f6cb06605563590b9791bf95

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fileknot.io
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16516
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:54:39 GMT
expires: Sat, 26 Apr 2025 05:54:39 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:02:21 GMT
content-type: font/woff2
age: 489835
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip

95.217.158.252

200 OK

0 B

URL HEAD HTTP/1.1
fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, no-cache, private
Date: Wed, 01 May 2024 21:58:34 GMT
Content-Encoding: gzip

fileknot.io/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png

95.217.158.252

200 OK

2.1 kB

URL GET HTTP/1.1
fileknot.io/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type
PNG image data, 180 x 180, 4-bit colormap, non-interlaced
Size
2.1 kB (2085 bytes)
Hash
6c858040fc1bae4bf08173c7bf46fad5
92a564975d224636ab27d77eef8700fd526afe1b
a8b209bd8fd6f2f688cce4bccbc133aa88e23aae70406862163f9aa91b55f0b7

HTTP Headers

GET /themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 21:58:34 GMT
Content-Type: image/png
Content-Length: 2085
Last-Modified: Wed, 22 Feb 2023 11:30:48 GMT
Connection: keep-alive
ETag: "63f5fce8-825"
Accept-Ranges: bytes

ileeckut.com/400/7407089

139.45.197.237

200 OK

32 kB

URL GET HTTP/2
ileeckut.com/400/7407089
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectileeckut.com
FingerprintB1:AC:C7:3A:07:6E:43:60:70:8E:FB:AC:6E:FE:4A:C4:7B:0F:F9:ED
ValidityMon, 04 Mar 2024 05:21:31 GMT - Sun, 02 Jun 2024 05:21:30 GMT

File type
gzip compressed data, max speed, from Unix
Size
32 kB (32474 bytes)
Hash
9c9e6c36aba4166dab047fbd62ad88e4
28e123a69428441196f9a25b8f5064424d4651ac
8915efaa48d897a39dcd9a81938baf52e029879383a4528bda0f1682db8ef244

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /400/7407089 HTTP/1.1
Host: ileeckut.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:58:34 GMT
content-type: application/javascript
x-trace-id: d18908985c9f067735a834b8d0a077b5
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=03004f20bc6a44fcf6571185ecd63db4; expires=Thu, 01 May 2025 21:58:34 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

my.rtmark.net/gid.js

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
d261b613088b909ebabd5c87846fb505
449a2d80e6772f67d4ee8f28730e0aa7b64387f9
52e398ab54db0f4df7c24142098b249653ef25b579559799d6cf39ccb2ba960b

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fileknot.io
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:58:34 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://fileknot.io
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=08004fb29cc3489bfed54d3132e4466b; expires=Thu, 01 May 2025 21:58:34 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ileeckut.com/500/7407089?excludes=&oaid=08004fb29cc3489bfed54d3132e4466b&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Ffileknot.io%2F9cdcd8b8d78887fb%2FExtracurricularActivities-1.166-pc.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0

139.45.197.237

200 OK

0 B

URL GET HTTP/2
ileeckut.com/500/7407089?excludes=&oaid=08004fb29cc3489bfed54d3132e4466b&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Ffileknot.io%2F9cdcd8b8d78887fb%2FExtracurricularActivities-1.166-pc.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectileeckut.com
FingerprintB1:AC:C7:3A:07:6E:43:60:70:8E:FB:AC:6E:FE:4A:C4:7B:0F:F9:ED
ValidityMon, 04 Mar 2024 05:21:31 GMT - Sun, 02 Jun 2024 05:21:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /500/7407089?excludes=&oaid=08004fb29cc3489bfed54d3132e4466b&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Ffileknot.io%2F9cdcd8b8d78887fb%2FExtracurricularActivities-1.166-pc.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 HTTP/1.1
Host: ileeckut.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://fileknot.io/
Origin: https://fileknot.io
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:58:34 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://fileknot.io
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

waisheph.com/?rb=Is4eL-LrYR1O6KCtA6jLuBL9rEWLZ27cV1Q1LKYGFiTBd8--SsWD6PfrhFDGce5TslYcoE15_Aw7052hIgxARScgf5fRRWOwAQVf-e2Ss8CpmJ6vcCUs0veWEwmZbmHGULY9JPDJI0gHOQO91mpP2nnsGzanITrBbNZPInxQmA3Ranr-duoDHXiEec20bpChd4IPxf43S2SKX8rhrT3FtlGCVvVjmT6A-qhgKAiBp3TZ_crFhorwbZj9VSlC33JbzQ13tg%3D%3D&request_ab2=0&zoneid=7407084&js_build=iclick-v1.788.2-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=2&pl=https%3A%2F%2Ffileknot.io%2F9cdcd8b8d78887fb%2FExtracurricularActivities-1.166-pc.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.2-auto&navlng=en-US&pnt=0&pnrc=0&bs=d0b697f6-36bd-4b1d-bc1c-f2905f7757b3&wasm=1&userId=08004fb29cc3489bfed54d3132e4466b&m=link

139.45.197.245

200 OK

11 kB

URL GET HTTP/2
waisheph.com/?rb=Is4eL-LrYR1O6KCtA6jLuBL9rEWLZ27cV1Q1LKYGFiTBd8--SsWD6PfrhFDGce5TslYcoE15_Aw7052hIgxARScgf5fRRWOwAQVf-e2Ss8CpmJ6vcCUs0veWEwmZbmHGULY9JPDJI0gHOQO91mpP2nnsGzanITrBbNZPInxQmA3Ranr-duoDHXiEec20bpChd4IPxf43S2SKX8rhrT3FtlGCVvVjmT6A-qhgKAiBp3TZ_crFhorwbZj9VSlC33JbzQ13tg%3D%3D&request_ab2=0&zoneid=7407084&js_build=iclick-v1.788.2-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=2&pl=https%3A%2F%2Ffileknot.io%2F9cdcd8b8d78887fb%2FExtracurricularActivities-1.166-pc.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.2-auto&navlng=en-US&pnt=0&pnrc=0&bs=d0b697f6-36bd-4b1d-bc1c-f2905f7757b3&wasm=1&userId=08004fb29cc3489bfed54d3132e4466b&m=link
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectwaisheph.com
FingerprintA9:8B:DF:A0:A2:80:A9:70:4A:F5:46:4A:EB:8E:00:E7:82:98:AC:8E
ValidityTue, 19 Mar 2024 01:27:24 GMT - Mon, 17 Jun 2024 01:27:23 GMT

File type
gzip compressed data, max speed, from Unix
Size
11 kB (11016 bytes)
Hash
f2c88d7ce83bb7e445cbec9917d0d7f9
5c89f18369bad8a109985bdb60e445de04cbd107
c2c6c4407ffc3ec5b7a78c21f622f45061f9734dd9226f502ec5b3e747e1a708

HTTP Headers

GET /?rb=Is4eL-LrYR1O6KCtA6jLuBL9rEWLZ27cV1Q1LKYGFiTBd8--SsWD6PfrhFDGce5TslYcoE15_Aw7052hIgxARScgf5fRRWOwAQVf-e2Ss8CpmJ6vcCUs0veWEwmZbmHGULY9JPDJI0gHOQO91mpP2nnsGzanITrBbNZPInxQmA3Ranr-duoDHXiEec20bpChd4IPxf43S2SKX8rhrT3FtlGCVvVjmT6A-qhgKAiBp3TZ_crFhorwbZj9VSlC33JbzQ13tg%3D%3D&request_ab2=0&zoneid=7407084&js_build=iclick-v1.788.2-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=2&pl=https%3A%2F%2Ffileknot.io%2F9cdcd8b8d78887fb%2FExtracurricularActivities-1.166-pc.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.2-auto&navlng=en-US&pnt=0&pnrc=0&bs=d0b697f6-36bd-4b1d-bc1c-f2905f7757b3&wasm=1&userId=08004fb29cc3489bfed54d3132e4466b&m=link HTTP/1.1
Host: waisheph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fileknot.io/
Origin: https://fileknot.io
DNT: 1
Connection: keep-alive
Cookie: OAID=00804fd912404b53ec7cce7da783baae; oaidts=1714600714
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:58:34 GMT
content-type: application/json
x-trace-id: 44401663cbe76ff922d89ddebda26378
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://fileknot.io
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=08004fb29cc3489bfed54d3132e4466b; expires=Thu, 01 May 2025 21:58:34 GMT; path=/; secure; SameSite=None
oaidts=1714600714; expires=Thu, 01 May 2025 21:58:34 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 08 May 2024 21:58:34 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

waisheph.com/5/7407084/?oo=1&aab=1

139.45.197.245

200 OK

1.4 kB

URL GET HTTP/2
waisheph.com/5/7407084/?oo=1&aab=1
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectwaisheph.com
FingerprintA9:8B:DF:A0:A2:80:A9:70:4A:F5:46:4A:EB:8E:00:E7:82:98:AC:8E
ValidityTue, 19 Mar 2024 01:27:24 GMT - Mon, 17 Jun 2024 01:27:23 GMT

File type
gzip compressed data, max speed, from Unix
Size
1.4 kB (1408 bytes)
Hash
a9991d1c3c502550ecd9cb58087c013e
9e2f71a343fc08fb435f38f28cf4b990a4f8bbd0
ce30ce0ee0ed955150660cb4c512fec01581af9e23027ae592d9ebc7fc6cf325

HTTP Headers

GET /5/7407084/?oo=1&aab=1 HTTP/1.1
Host: waisheph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fileknot.io
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:58:34 GMT
content-type: application/json
x-trace-id: f1789210faa24e5e09137906bdb6899a
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://fileknot.io
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=00804fd912404b53ec7cce7da783baae; expires=Thu, 01 May 2025 21:58:34 GMT; path=/; secure; SameSite=None
oaidts=1714600714; expires=Thu, 01 May 2025 21:58:34 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

offerimage.com/www/images/cf947832fe6353d6f477fd764ce28f9a.jpg

104.22.33.172

200 OK

10 kB

URL GET HTTP/2
offerimage.com/www/images/cf947832fe6353d6f477fd764ce28f9a.jpg
IP
104.22.33.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectofferimage.com
Fingerprint5C:87:DE:3A:1B:66:15:11:B1:75:B6:AC:AF:F9:A6:EF:5E:7F:80:72
ValidityFri, 05 Apr 2024 23:50:04 GMT - Thu, 04 Jul 2024 23:50:03 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3
Size
10 kB (10346 bytes)
Hash
cf947832fe6353d6f477fd764ce28f9a
88926fe6b1aebbcf54c6f4a73d6b1acdcc24e62c
7cdbbe00ac6c19037fb12d41947902ce403b0590128977dfc813d78b2e0e96fb

HTTP Headers

GET /www/images/cf947832fe6353d6f477fd764ce28f9a.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 May 2024 21:58:35 GMT
content-type: image/jpeg
content-length: 10346
cache-control: max-age=86400
cf-bgj: h2pri
etag: "66074aa8-286a"
expires: Thu, 02 May 2024 19:25:25 GMT
last-modified: Fri, 29 Mar 2024 23:11:36 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 9190
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d308a53e1a92cd-CPH
X-Firefox-Spdy: h2

ileeckut.com/impression/BhtYDnOqz1-P89GYGu1asAlLUGUNjGSvGAfuKayZjbtUfgZ63dcM7bXbT4_i2TuH9x-g0Qg1RW4_EaNNQQe8o0khSJedWL-SF0QftMYtxryZqMFR5Hs5AnxuiHGJSF6yxo28nHGSo107yk5LyGxIlH8uv23bWg1y8roWsKy8P_ngwPH1A2nYzQhG46FvbcLDbesaPZHABEV2V_56RsycX7k0QgVYf6D17xsDARt_X3I46aebtFudncFjYEa2mca_YjeO-gRmkaxWg2ppGxf-wZtYxayCdcAGg8fA40Ws3M-uimAbbKI02UXNnlrUyuFxQPc81RV9WZRBbu2B1j8pRx9PYmCulnVEbenj-7NQvRnsADqXnXWAMgvwB5TDECMWBz5HtI8ti7AE5ns30CbQNj-l04w5JQtYgs2WC5s6zKb7fWamK5_8MVRnhxJ6176bHMmqRRXvVl51jarz5QWadm-PSsoKtkLvmWUFLB0Pszw28Xp1KWmVtoLtlXWcQynJNxnyPTmLU6bPrcTqqQZ2ieWPOgTamAOOQPOhucLn0Oz43D-wkdz-_ynYoNwJeJ9eZYU8sv5hAK1wfdOeyAwJfWgsBFYMMvQakHKrChd9-8E0fPaN6o0i4haGMxpnQmcRQ_duGFi4MwUoBMcAEZC7YKC01J2stI06Psat2XnYNk-H6u_RQdBlspSy5bqT87Ea3FzEKcHe4Ce-ZOncLcxXYdY5RN1xbHnmTajosNfFemRpGaUlFMskkNOEmlQUHU3Ckaltrf8wUuqQAHUwk3XxPmFx75KPZNuQmT9Sifz1reorEZCDziHdWvfCvFY2lfXYNeXGxbYlzO66JEQufpuY4OQIKXk=?_z=7407089&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Ffileknot.io%2F9cdcd8b8d78887fb%2FExtracurricularActivities-1.166-pc.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0

139.45.197.237

200 OK

43 B

URL GET HTTP/2
ileeckut.com/impression/BhtYDnOqz1-P89GYGu1asAlLUGUNjGSvGAfuKayZjbtUfgZ63dcM7bXbT4_i2TuH9x-g0Qg1RW4_EaNNQQe8o0khSJedWL-SF0QftMYtxryZqMFR5Hs5AnxuiHGJSF6yxo28nHGSo107yk5LyGxIlH8uv23bWg1y8roWsKy8P_ngwPH1A2nYzQhG46FvbcLDbesaPZHABEV2V_56RsycX7k0QgVYf6D17xsDARt_X3I46aebtFudncFjYEa2mca_YjeO-gRmkaxWg2ppGxf-wZtYxayCdcAGg8fA40Ws3M-uimAbbKI02UXNnlrUyuFxQPc81RV9WZRBbu2B1j8pRx9PYmCulnVEbenj-7NQvRnsADqXnXWAMgvwB5TDECMWBz5HtI8ti7AE5ns30CbQNj-l04w5JQtYgs2WC5s6zKb7fWamK5_8MVRnhxJ6176bHMmqRRXvVl51jarz5QWadm-PSsoKtkLvmWUFLB0Pszw28Xp1KWmVtoLtlXWcQynJNxnyPTmLU6bPrcTqqQZ2ieWPOgTamAOOQPOhucLn0Oz43D-wkdz-_ynYoNwJeJ9eZYU8sv5hAK1wfdOeyAwJfWgsBFYMMvQakHKrChd9-8E0fPaN6o0i4haGMxpnQmcRQ_duGFi4MwUoBMcAEZC7YKC01J2stI06Psat2XnYNk-H6u_RQdBlspSy5bqT87Ea3FzEKcHe4Ce-ZOncLcxXYdY5RN1xbHnmTajosNfFemRpGaUlFMskkNOEmlQUHU3Ckaltrf8wUuqQAHUwk3XxPmFx75KPZNuQmT9Sifz1reorEZCDziHdWvfCvFY2lfXYNeXGxbYlzO66JEQufpuY4OQIKXk=?_z=7407089&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Ffileknot.io%2F9cdcd8b8d78887fb%2FExtracurricularActivities-1.166-pc.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectileeckut.com
FingerprintB1:AC:C7:3A:07:6E:43:60:70:8E:FB:AC:6E:FE:4A:C4:7B:0F:F9:ED
ValidityMon, 04 Mar 2024 05:21:31 GMT - Sun, 02 Jun 2024 05:21:30 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impression/BhtYDnOqz1-P89GYGu1asAlLUGUNjGSvGAfuKayZjbtUfgZ63dcM7bXbT4_i2TuH9x-g0Qg1RW4_EaNNQQe8o0khSJedWL-SF0QftMYtxryZqMFR5Hs5AnxuiHGJSF6yxo28nHGSo107yk5LyGxIlH8uv23bWg1y8roWsKy8P_ngwPH1A2nYzQhG46FvbcLDbesaPZHABEV2V_56RsycX7k0QgVYf6D17xsDARt_X3I46aebtFudncFjYEa2mca_YjeO-gRmkaxWg2ppGxf-wZtYxayCdcAGg8fA40Ws3M-uimAbbKI02UXNnlrUyuFxQPc81RV9WZRBbu2B1j8pRx9PYmCulnVEbenj-7NQvRnsADqXnXWAMgvwB5TDECMWBz5HtI8ti7AE5ns30CbQNj-l04w5JQtYgs2WC5s6zKb7fWamK5_8MVRnhxJ6176bHMmqRRXvVl51jarz5QWadm-PSsoKtkLvmWUFLB0Pszw28Xp1KWmVtoLtlXWcQynJNxnyPTmLU6bPrcTqqQZ2ieWPOgTamAOOQPOhucLn0Oz43D-wkdz-_ynYoNwJeJ9eZYU8sv5hAK1wfdOeyAwJfWgsBFYMMvQakHKrChd9-8E0fPaN6o0i4haGMxpnQmcRQ_duGFi4MwUoBMcAEZC7YKC01J2stI06Psat2XnYNk-H6u_RQdBlspSy5bqT87Ea3FzEKcHe4Ce-ZOncLcxXYdY5RN1xbHnmTajosNfFemRpGaUlFMskkNOEmlQUHU3Ckaltrf8wUuqQAHUwk3XxPmFx75KPZNuQmT9Sifz1reorEZCDziHdWvfCvFY2lfXYNeXGxbYlzO66JEQufpuY4OQIKXk=?_z=7407089&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Ffileknot.io%2F9cdcd8b8d78887fb%2FExtracurricularActivities-1.166-pc.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 HTTP/1.1
Host: ileeckut.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/
Cookie: OAID=08004fb29cc3489bfed54d3132e4466b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:58:44 GMT
content-type: image/gif
content-length: 43
x-trace-id: 80826d6fab269326c55116f52a1e6136
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ileeckut.com/500/7407089?excludes=20657502&oaid=08004fb29cc3489bfed54d3132e4466b&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Ffileknot.io%2F9cdcd8b8d78887fb%2FExtracurricularActivities-1.166-pc.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0

139.45.197.237

200 OK

0 B

URL OPTIONS HTTP/2
ileeckut.com/500/7407089?excludes=20657502&oaid=08004fb29cc3489bfed54d3132e4466b&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Ffileknot.io%2F9cdcd8b8d78887fb%2FExtracurricularActivities-1.166-pc.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectileeckut.com
FingerprintB1:AC:C7:3A:07:6E:43:60:70:8E:FB:AC:6E:FE:4A:C4:7B:0F:F9:ED
ValidityMon, 04 Mar 2024 05:21:31 GMT - Sun, 02 Jun 2024 05:21:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /500/7407089?excludes=20657502&oaid=08004fb29cc3489bfed54d3132e4466b&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Ffileknot.io%2F9cdcd8b8d78887fb%2FExtracurricularActivities-1.166-pc.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 HTTP/1.1
Host: ileeckut.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://fileknot.io/
Origin: https://fileknot.io
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:58:44 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://fileknot.io
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

139.45.197.237

200 OK

22 kB

URL OPTIONS HTTP/2
ileeckut.com/500/7407089?excludes=20657502&oaid=08004fb29cc3489bfed54d3132e4466b&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Ffileknot.io%2F9cdcd8b8d78887fb%2FExtracurricularActivities-1.166-pc.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectileeckut.com
FingerprintB1:AC:C7:3A:07:6E:43:60:70:8E:FB:AC:6E:FE:4A:C4:7B:0F:F9:ED
ValidityMon, 04 Mar 2024 05:21:31 GMT - Sun, 02 Jun 2024 05:21:30 GMT

File type
gzip compressed data, max speed, from Unix
Size
22 kB (22446 bytes)
Hash
e686579a3dcdd76f4d2d774220fa47c6
de5af43b633b26814571731f075d8fa0d9ccf98e
8e2731eaf99edef54396af067ec4a2ccb918c1729412dd53f0643587b45bbb41

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /500/7407089?excludes=20657502&oaid=08004fb29cc3489bfed54d3132e4466b&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Ffileknot.io%2F9cdcd8b8d78887fb%2FExtracurricularActivities-1.166-pc.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 HTTP/1.1
Host: ileeckut.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://fileknot.io
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/
Cookie: OAID=08004fb29cc3489bfed54d3132e4466b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:58:44 GMT
content-type: application/javascript
x-trace-id: 85061cd7e41b2bc343496aaf8ecc390f
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://fileknot.io
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=08004fb29cc3489bfed54d3132e4466b; expires=Thu, 01 May 2025 21:58:44 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

offerimage.com/www/images/cf947832fe6353d6f477fd764ce28f9a.jpg

104.22.33.172

200 OK

10 kB

URL GET HTTP/2
offerimage.com/www/images/cf947832fe6353d6f477fd764ce28f9a.jpg
IP
104.22.33.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectofferimage.com
Fingerprint5C:87:DE:3A:1B:66:15:11:B1:75:B6:AC:AF:F9:A6:EF:5E:7F:80:72
ValidityFri, 05 Apr 2024 23:50:04 GMT - Thu, 04 Jul 2024 23:50:03 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3
Size
10 kB (10346 bytes)
Hash
cf947832fe6353d6f477fd764ce28f9a
88926fe6b1aebbcf54c6f4a73d6b1acdcc24e62c
7cdbbe00ac6c19037fb12d41947902ce403b0590128977dfc813d78b2e0e96fb

HTTP Headers

GET /www/images/cf947832fe6353d6f477fd764ce28f9a.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 01 May 2024 21:58:45 GMT
content-type: image/jpeg
content-length: 10346
cache-control: max-age=86400
cf-bgj: h2pri
etag: "66074aa8-286a"
expires: Thu, 02 May 2024 19:25:25 GMT
last-modified: Fri, 29 Mar 2024 23:11:36 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 9200
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d308e3a92d92cd-CPH
X-Firefox-Spdy: h2

ileeckut.com/impression/QeIxeWNHToI-kjOopKI8q7VP3foflcXXJYrCMbAMrUA9kPxP9P-dMJw2ZnusqZwWL7dCT3v2tgZBbLs1aLLRDVDZQ0Vc9a0dzQd09bvYsvEYcr_yFZn2xRiAwTJLCGx615DvQQUHj7CHVzDmmNf8I2sa6lZcCnJ9urcDCvo8Us_7E8Hr12Fki9G1g_mZ-6Fs0Snv42njnzZuPyBda-jPuF_Cc6aRYpKe7dbuk0YmLkxydph3ulaU-FfQlVF0SGiBmrW5021rhWCc1VqCyLl7Vb3mCFxhjhzIOeTPOj4hW_fT0IF3wSYQdCeioZ5J4PFSsHL3w0_iZ7fLO7vDIb--wAq20TSURajAHAfciPMCYDcxnLITJVej9429Fea7L9RPm50mPlhc-PtgxHStUh8ZHxGIcJFsja1wwzVKaLtMishCLY5DDI97nWKT5CmzN7CMNUNitmukM3dDPA0rCyhFH9ie37SrwDqZMbK833hHQkRvxFbMvTQ9jV2jgBSPwv8dA1lLGcMDnNlqU1sfcwK6XWLJJnKwKxrzingVusWflfUSwPzMUQHVnGs1iiTQE0k5PaZQ2vMxVrzyn7nWS-vBa_pe4LKb2s1hCg0wTvJatfbBXz7sfKQR1hL6T9a6H6IR9I4qbUXC8pN55Wj5SUkSDsFvOGYYoU9FEXL14ltJw0Mbrg13TO4YGN3nj3BOQdImz8LZdTp-ApsswGqnHiBQAW4RGBy3gMcIxtmpgxV8ohqe5zsXwvtEf-ul60BWfoSJ8Y3y79klCCnqibIB5FFxV3DM41IoAplAZBKjLTikeBHV5oin27eGx5r_w19GuP8ECyo-CWlQFVR8DKY2AvFUkI2GFNo=?_z=7407089&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Ffileknot.io%2F9cdcd8b8d78887fb%2FExtracurricularActivities-1.166-pc.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0

139.45.197.237

200 OK

43 B

URL GET HTTP/2
ileeckut.com/impression/QeIxeWNHToI-kjOopKI8q7VP3foflcXXJYrCMbAMrUA9kPxP9P-dMJw2ZnusqZwWL7dCT3v2tgZBbLs1aLLRDVDZQ0Vc9a0dzQd09bvYsvEYcr_yFZn2xRiAwTJLCGx615DvQQUHj7CHVzDmmNf8I2sa6lZcCnJ9urcDCvo8Us_7E8Hr12Fki9G1g_mZ-6Fs0Snv42njnzZuPyBda-jPuF_Cc6aRYpKe7dbuk0YmLkxydph3ulaU-FfQlVF0SGiBmrW5021rhWCc1VqCyLl7Vb3mCFxhjhzIOeTPOj4hW_fT0IF3wSYQdCeioZ5J4PFSsHL3w0_iZ7fLO7vDIb--wAq20TSURajAHAfciPMCYDcxnLITJVej9429Fea7L9RPm50mPlhc-PtgxHStUh8ZHxGIcJFsja1wwzVKaLtMishCLY5DDI97nWKT5CmzN7CMNUNitmukM3dDPA0rCyhFH9ie37SrwDqZMbK833hHQkRvxFbMvTQ9jV2jgBSPwv8dA1lLGcMDnNlqU1sfcwK6XWLJJnKwKxrzingVusWflfUSwPzMUQHVnGs1iiTQE0k5PaZQ2vMxVrzyn7nWS-vBa_pe4LKb2s1hCg0wTvJatfbBXz7sfKQR1hL6T9a6H6IR9I4qbUXC8pN55Wj5SUkSDsFvOGYYoU9FEXL14ltJw0Mbrg13TO4YGN3nj3BOQdImz8LZdTp-ApsswGqnHiBQAW4RGBy3gMcIxtmpgxV8ohqe5zsXwvtEf-ul60BWfoSJ8Y3y79klCCnqibIB5FFxV3DM41IoAplAZBKjLTikeBHV5oin27eGx5r_w19GuP8ECyo-CWlQFVR8DKY2AvFUkI2GFNo=?_z=7407089&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Ffileknot.io%2F9cdcd8b8d78887fb%2FExtracurricularActivities-1.166-pc.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectileeckut.com
FingerprintB1:AC:C7:3A:07:6E:43:60:70:8E:FB:AC:6E:FE:4A:C4:7B:0F:F9:ED
ValidityMon, 04 Mar 2024 05:21:31 GMT - Sun, 02 Jun 2024 05:21:30 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impression/QeIxeWNHToI-kjOopKI8q7VP3foflcXXJYrCMbAMrUA9kPxP9P-dMJw2ZnusqZwWL7dCT3v2tgZBbLs1aLLRDVDZQ0Vc9a0dzQd09bvYsvEYcr_yFZn2xRiAwTJLCGx615DvQQUHj7CHVzDmmNf8I2sa6lZcCnJ9urcDCvo8Us_7E8Hr12Fki9G1g_mZ-6Fs0Snv42njnzZuPyBda-jPuF_Cc6aRYpKe7dbuk0YmLkxydph3ulaU-FfQlVF0SGiBmrW5021rhWCc1VqCyLl7Vb3mCFxhjhzIOeTPOj4hW_fT0IF3wSYQdCeioZ5J4PFSsHL3w0_iZ7fLO7vDIb--wAq20TSURajAHAfciPMCYDcxnLITJVej9429Fea7L9RPm50mPlhc-PtgxHStUh8ZHxGIcJFsja1wwzVKaLtMishCLY5DDI97nWKT5CmzN7CMNUNitmukM3dDPA0rCyhFH9ie37SrwDqZMbK833hHQkRvxFbMvTQ9jV2jgBSPwv8dA1lLGcMDnNlqU1sfcwK6XWLJJnKwKxrzingVusWflfUSwPzMUQHVnGs1iiTQE0k5PaZQ2vMxVrzyn7nWS-vBa_pe4LKb2s1hCg0wTvJatfbBXz7sfKQR1hL6T9a6H6IR9I4qbUXC8pN55Wj5SUkSDsFvOGYYoU9FEXL14ltJw0Mbrg13TO4YGN3nj3BOQdImz8LZdTp-ApsswGqnHiBQAW4RGBy3gMcIxtmpgxV8ohqe5zsXwvtEf-ul60BWfoSJ8Y3y79klCCnqibIB5FFxV3DM41IoAplAZBKjLTikeBHV5oin27eGx5r_w19GuP8ECyo-CWlQFVR8DKY2AvFUkI2GFNo=?_z=7407089&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Ffileknot.io%2F9cdcd8b8d78887fb%2FExtracurricularActivities-1.166-pc.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 HTTP/1.1
Host: ileeckut.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/
Cookie: OAID=08004fb29cc3489bfed54d3132e4466b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:58:47 GMT
content-type: image/gif
content-length: 43
x-trace-id: 7c9c02773be800eba4e69740eca970e6
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

offerimage.com/www/images/a368485e6d4cb8b3e1b228dc600929f3.jpg

104.22.33.172

200 OK

21 kB

URL GET HTTP/2
offerimage.com/www/images/a368485e6d4cb8b3e1b228dc600929f3.jpg
IP
104.22.33.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectofferimage.com
Fingerprint5C:87:DE:3A:1B:66:15:11:B1:75:B6:AC:AF:F9:A6:EF:5E:7F:80:72
ValidityFri, 05 Apr 2024 23:50:04 GMT - Thu, 04 Jul 2024 23:50:03 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3
Size
21 kB (21083 bytes)
Hash
a368485e6d4cb8b3e1b228dc600929f3
b8f9248c98f42be3ce720f259e9b630a3a59aa9e
417355bf36dbf4ff229fa738f053fbe9eff746222f16986e2f06372ba49ea227

HTTP Headers

GET /www/images/a368485e6d4cb8b3e1b228dc600929f3.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 01 May 2024 21:58:48 GMT
content-type: image/jpeg
content-length: 21083
cache-control: max-age=86400
cf-bgj: h2pri
etag: "660e6bdb-525b"
expires: Thu, 02 May 2024 20:07:44 GMT
last-modified: Thu, 04 Apr 2024 08:59:07 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 6664
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d308f63c6b92cd-CPH
X-Firefox-Spdy: h2

fileknot.io/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png

95.217.158.252

200 OK

414 B

URL GET HTTP/1.1
fileknot.io/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png
IP
95.217.158.252:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerLet's Encrypt
Subjectfileknot.io
FingerprintD2:98:0A:BE:2B:5A:E3:EF:FA:02:67:E6:AE:F2:B4:BF:45:15:1F:46
ValidityWed, 06 Mar 2024 03:50:03 GMT - Tue, 04 Jun 2024 03:50:02 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
414 B (414 bytes)
Hash
d6cf4209c9507b36a1a4cda6df75dbf3
c83e9be8d522521a03b1c0fe019bbc353d72b6da
5ae1208c61d318ef771c3a8e297edf1e1df1c768cfae2dba35399ee78919559b

HTTP Headers

GET /themes/spirit/assets/frontend/img/favicon/favicon-16x16.png HTTP/1.1
Host: fileknot.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Cookie: filehosting=6udrr42gr6oi32s43f1h4cqbl1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 21:58:34 GMT
Content-Type: image/png
Content-Length: 414
Last-Modified: Wed, 22 Feb 2023 11:30:49 GMT
Connection: keep-alive
ETag: "63f5fce9-19e"
Accept-Ranges: bytes

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=255bf54a-8ff6-4205-a750-5168897fc42a

139.45.195.254

200 OK

12 B

URL POST HTTP/1.1
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=255bf54a-8ff6-4205-a750-5168897fc42a
IP
139.45.195.254:443
ASN
#9002 RETN Limited

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerSectigo Limited
Subjectfleraprt.com
Fingerprint32:DB:C5:24:21:ED:1D:C3:40:C3:46:9F:CF:EE:98:4D:72:29:4C:3C
ValidityTue, 09 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
6949f52318584a4b51c719a9b84a7287
9fbd870c6afd4bdd6fbbd87f52df2c81dd23e905
72603096ec3515dbc615ab8837fd1b15e91ee827bc7af41d71c9882b08699375

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=255bf54a-8ff6-4205-a750-5168897fc42a HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1436
Origin: https://fileknot.io
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Wed, 01 May 2024 21:58:34 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://fileknot.io
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

tzegilo.com/stattag.js

104.21.11.245

200 OK

19 kB

URL GET HTTP/2
tzegilo.com/stattag.js
IP
104.21.11.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://fileknot.io/9cdcd8b8d78887fb/ExtracurricularActivities-1.166-pc.zip
Certificate
IssuerGoogle Trust Services LLC
Subjecttzegilo.com
Fingerprint28:2E:D0:DF:04:78:60:5A:D2:5B:1F:EA:59:80:9C:2F:89:C1:9D:D1
ValiditySat, 30 Mar 2024 15:54:48 GMT - Fri, 28 Jun 2024 15:54:47 GMT

File type
JavaScript source, ASCII text, with very long lines (18486)
Size
19 kB (19136 bytes)
Hash
70ebd404c2e1e7bad13998538b56887c
86e57af8ba3cfc2c004da3311835f6b54ba6d848
d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fileknot.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 May 2024 21:58:34 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:13 GMT
etag: W/"65c37cc1-4ac0"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6403
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GFOliVQ6dsAdUJIwG31z%2FTHP9V98tW5uh5HQwvYn2kMHAcXEt1O1QACKykdrTy%2B6r2j16G0r1%2FYv2jfJOettQRB%2FPZ99qbg%2Fxic%2FmiXDu%2Fq8wqd3iK3Fx%2BrVLzw6Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d308a2db5eb51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML