Report - bowfile.com/a5fc

Report Overview

Visited public
2023-12-02 18:24:04
Tags
URL
bowfile.com/a5fc
Finishing URL
bowfile.com/a5fc
IP / ASN
172.67.205.230
#13335 CLOUDFLARENET
Title
Last.Train.Home-Repack.part1.rar - BowFile

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-02 07:32:34	430 B	86 kB	142.250.74.168
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-02 07:24:06	2.8 kB	217 kB	142.250.74.99
glersakr.com	93793	2021-07-05	2021-07-09 09:47:15	2023-11-21 16:14:55	1.9 kB	34 kB	139.45.197.239
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2023-12-01 20:22:46	467 B	740 B	139.45.195.8
cameesse.net	unknown	2023-10-18	2023-10-18 14:31:33	2023-12-01 19:13:59	4.7 kB	177 kB	139.45.197.242
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-02 07:17:09	937 B	22 kB	142.250.74.106
bowfile.com	168411	2021-05-16	2021-05-16 15:02:27	2023-11-25 19:30:03	15 kB	1.6 MB	172.67.205.230
purinediarize.com	unknown	2023-09-20	2023-09-20 14:47:17	2023-11-17 23:27:20	423 B	1.5 kB	23.109.248.183
waust.at	38137	unknown	2016-01-28 19:24:33	2023-12-02 14:01:18	397 B	14 kB	104.26.5.7
t.dtscout.com	11951	2013-11-01	2017-01-30 05:52:42	2023-12-02 14:01:20	969 B	3.7 kB	141.101.120.10
interbuzznews.com	237501	2018-07-24	2018-08-10 18:24:14	2023-12-01 19:14:00	5.8 kB	97 kB	139.45.197.154

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-02	medium	cameesse.net	Sinkholed
2023-12-02	medium	cameesse.net	Sinkholed
2023-12-02	medium	cameesse.net	Sinkholed
2023-12-02	medium	cameesse.net	Sinkholed
2023-12-02	medium	cameesse.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (30)

	URL	From	Size	First Seen	Last Seen
	www.googletagmanager.com/gtag/js?id=G-G45GX6EFX2	ScriptElement	246 kB	2023-12-02	2023-12-02
Pretty URL www.googletagmanager.com/gtag/js?id=G-G45GX6EFX2 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-02 19:24 Last Seen2023-12-02 19:24 Times Seen1 Hash 82024e5622caf7428bebd6b244781e00 fdcc8a1c24c82d5757c50c2f523123ba2d6b7ba1 8bbb7a841873c446857faf5ed620faeac0c07874a8febda3f20970869a9cec30 Loading...

	t.dtscout.com/i/?l=https%3A%2F%2Fbowfile.com%2Fa5fc&j=	ScriptElement	2.1 kB	2023-03-07	2025-05-09
Pretty URL t.dtscout.com/i/?l=https%3A%2F%2Fbowfile.com%2Fa5fc&j= IP 141.101.120.10 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-09 06:37 Times Seen3857 Hash 51bd741af3fcc4984d1a753eebfa1141 534664acf69cbbb5c9b97c96b63dd37bdc580da2 3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c Loading...

	unknown	DomTimer	355 B	2023-10-16	2024-08-21
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-10-16 21:14 Last Seen2024-08-21 04:29 Times Seen13 Hash 25edcbdd58418ab8ff7347497015306a ce6c9b14faa7a313c4f33d9d8e364fb866023ece bbe2daa47380b3b293e40b64b32a75782bab3691c2ca34d1269b32c9729abed5 Loading...

	bowfile.com/a5fc	ScriptElement	88 B	2023-03-07	2025-05-09
Pretty URL bowfile.com/a5fc IP 172.67.205.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29 Last Seen2025-05-09 06:37 Times Seen317 Hash e45d6b2855e5f98b74fb823618e45b75 d8010e7b1fe268e7c5aa821a25f784609d51b407 08688c8ce526ce14578665924c88d53d01f370b5746970bf1535eb338133a5f1 Loading...

	bowfile.com/themes/spirit/assets/frontend/js/typed.min.js	ScriptElement	3.9 kB	2023-03-07	2025-05-09
Pretty URL bowfile.com/themes/spirit/assets/frontend/js/typed.min.js IP 172.67.205.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-09 08:33 Times Seen3901 Hash 2f6185a8a32a50b2b3e04849f44359d4 0e5501588c5c0d1c9462f34b0d56c21abff5bfef 914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b Loading...

	bowfile.com/themes/spirit/assets/frontend/js/granim.min.js	ScriptElement	11 kB	2023-03-07	2025-05-09
Pretty URL bowfile.com/themes/spirit/assets/frontend/js/granim.min.js IP 172.67.205.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-09 08:33 Times Seen1216 Hash 714368d20c70f8c91b0a596e128dac07 563954ec3a896fc129d014f01836245829f6d01d e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3 Loading...

	bowfile.com/a5fc	ScriptElement	59 kB	2023-10-22	2024-08-21
Pretty URL bowfile.com/a5fc IP 172.67.205.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-22 14:10 Last Seen2024-08-21 03:51 Times Seen13 Hash 6f58fc9758ba5ea898ae5979db2b2ba4 15fc3c9355f760f935882ba5eb66bfb3a1f3319c f0422994b3c59738009173e0b04cd9daf0609665355f77ec58ff893bcfdab8a5 Loading...

	waust.at/c.js	ScriptElement	13 kB	2023-03-08	2025-04-19
Pretty URL waust.at/c.js IP 104.26.5.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:33 Last Seen2025-04-19 11:15 Times Seen420 Hash 45bfa6dedd6f7a9ce980b168e0350ad0 82c6b381da9abd8cb3db22ba4868287fe4e976f1 856420e1f59d0096185cdaac909fa54a9f596f52255d7a5f1ac502403f61d3ab Loading...

	bowfile.com/a5fc	ScriptElement	446 B	2023-10-22	2024-08-21
Pretty URL bowfile.com/a5fc IP 172.67.205.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-22 14:10 Last Seen2024-08-21 03:51 Times Seen13 Hash 93433760b5d6fa93329cb252e8d0ff73 238918abe2620ddab2488aeb19fd2178790b6a0c 899ac83107be7c7ce3bb8f9db8d46f24887b2dd5a8b67734cbbd6bfd9c02a313 Loading...

	bowfile.com/themes/spirit/assets/frontend/js/datepicker.js	ScriptElement	21 kB	2023-03-07	2025-05-09
Pretty URL bowfile.com/themes/spirit/assets/frontend/js/datepicker.js IP 172.67.205.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29 Last Seen2025-05-09 06:37 Times Seen290 Hash 614058ddc049738b0905aed77acb29d0 694985606c2a3b482156035b1a1bb79aacf757e6 b6919dd92f8162e9d8b6642769217b9472c5bf423cdf82df50301a8af50ee53a Loading...

	cameesse.net/27/b7af9eee900df9a8aa2af9ad8ee46174	ScriptElement	413 kB	2023-11-24	2024-08-20
Pretty URL cameesse.net/27/b7af9eee900df9a8aa2af9ad8ee46174 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-24 13:48 Last Seen2024-08-20 18:04 Times Seen548 Hash 1dc3ebe1459db3cde0597b21156f2665 0e5a8c7b79a34f4fffaeab7c7eb4f3a19b0d75f6 1a3f7f2cfe5fba958e9df1a38c0980aab5bb21225601ea849f9e6df4afe09f2e Loading...

	bowfile.com/themes/spirit/assets/frontend/js/scripts.js	ScriptElement	67 kB	2023-03-07	2025-05-09
Pretty URL bowfile.com/themes/spirit/assets/frontend/js/scripts.js IP 172.67.205.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29 Last Seen2025-05-09 06:37 Times Seen273 Hash 97096667b5bfc5bf6326cc0e5fb724ee e957d5ef30b7a4e807a13c0e39483607d8f74855 02945e324e7c86a1ee921da7d8fa596a9c11878ccfe839ac70f8badcb674d522 Loading...

	bowfile.com/a5fc	ScriptElement	2.0 kB	2024-08-20	2024-08-20
Pretty URL bowfile.com/a5fc IP 172.67.205.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:02 Last Seen2024-08-20 17:02 Times Seen1 Hash 3675c605a46f5336f5a2319f0e318e1a c224998d4fe2d1e757b9c184f217d94d20d52a53 5813afef860bdef406d6954131945be2f298291055d3fbbaccade425096f8573 Loading...

	bowfile.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js	ScriptElement	6.0 kB	2023-03-07	2025-05-09
Pretty URL bowfile.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js IP 172.67.205.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-09 08:33 Times Seen1214 Hash c9e3a210d83398f301b3a7049c259676 8e227bb40fe120841829a7fef0ffeb091d179a91 aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805 Loading...

	interbuzznews.com/?l=kzHKSWcZinJTibQ&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3032564163%26z%3D6649610%26b%3D19427765%26c%3D7595353%26var%3D%26varid%3D0%26d%3Dhttp%253A%252F%252Fsinglewomenmeet.com%252Fbase.php%253Fc%253D3576%2526key%253D6878efbd7e6d318c378b17a4469f5644%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DBmPITzlQtoYbqzIgztvummayxTge68WWyhnwBBZyvuGtc4ME26-3y2zyvSDRYGFIdu9myVnbbOZj2Xd3YDJxYvrrZG63DRc-MIvE1Neevd_sTEM7kEf7BKYK5TJWTlfbBeqdF3-YAu5tR0NcqA5NgUvJisz2nkUg0gGTWYqjyhUMCB4ieMZjG9hHrJiXbARCeWOSDNbDwf_vdxb57ziEaG79b1AUBYpkc3vfa52-b7k_7wFVSZlh1N8lXWk5WEQ09JWbt12Y-1_Y96zHT7aI2WkK3exKkLdUNq9AYkaQV3NRuAEiyAPI-iyUdVBdVql0slr3WaeQiULPaXs75wmUaDM6tEY0GKngeT3uXxPjKUcrhcsINTTazc7dme0VpFfj0EM_VA0XvRDQEtKTVkNzJIkuZxWqsHW-EQqYN_eHlmMV4EKpEZU53r0JWsBZ9cxYOkWhlglY-1AhSox9SWuAxf5E9DtQ7yaulr5vz6pBNYBcbhDjyjx3102yK2giWK-aQ8i9p1i72cJehlWrIfLxZ2xnI5-vCGfIoWdCPBNtBsRYZpIwpOe50frdzl4wTGyE31vG7tCBt77SUQk64N4uNSS7fGchR1JHSnka8XlzMhiHdYBeFHK9VMvdTUu7MKcLsd_eFMBI17ecLxDSTshhIjFBMsOi-LTkg3QLPsrWJS4%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3D21d17c4b-6c69-4ee8-9f75-f5287526c10e%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fbowfile.com%252Fa5fc%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D1024%26wfc%3D1%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL interbuzznews.com/?l=kzHKSWcZinJTibQ&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3032564163%26z%3D6649610%26b%3D19427765%26c%3D7595353%26var%3D%26varid%3D0%26d%3Dhttp%253A%252F%252Fsinglewomenmeet.com%252Fbase.php%253Fc%253D3576%2526key%253D6878efbd7e6d318c378b17a4469f5644%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DBmPITzlQtoYbqzIgztvummayxTge68WWyhnwBBZyvuGtc4ME26-3y2zyvSDRYGFIdu9myVnbbOZj2Xd3YDJxYvrrZG63DRc-MIvE1Neevd_sTEM7kEf7BKYK5TJWTlfbBeqdF3-YAu5tR0NcqA5NgUvJisz2nkUg0gGTWYqjyhUMCB4ieMZjG9hHrJiXbARCeWOSDNbDwf_vdxb57ziEaG79b1AUBYpkc3vfa52-b7k_7wFVSZlh1N8lXWk5WEQ09JWbt12Y-1_Y96zHT7aI2WkK3exKkLdUNq9AYkaQV3NRuAEiyAPI-iyUdVBdVql0slr3WaeQiULPaXs75wmUaDM6tEY0GKngeT3uXxPjKUcrhcsINTTazc7dme0VpFfj0EM_VA0XvRDQEtKTVkNzJIkuZxWqsHW-EQqYN_eHlmMV4EKpEZU53r0JWsBZ9cxYOkWhlglY-1AhSox9SWuAxf5E9DtQ7yaulr5vz6pBNYBcbhDjyjx3102yK2giWK-aQ8i9p1i72cJehlWrIfLxZ2xnI5-vCGfIoWdCPBNtBsRYZpIwpOe50frdzl4wTGyE31vG7tCBt77SUQk64N4uNSS7fGchR1JHSnka8XlzMhiHdYBeFHK9VMvdTUu7MKcLsd_eFMBI17ecLxDSTshhIjFBMsOi-LTkg3QLPsrWJS4%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3D21d17c4b-6c69-4ee8-9f75-f5287526c10e%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fbowfile.com%252Fa5fc%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D1024%26wfc%3D1%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 IP 139.45.197.154 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 08:35 Times Seen4634906 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	bowfile.com/a5fc	ScriptElement	57 B	2023-03-07	2025-05-09
Pretty URL bowfile.com/a5fc IP 172.67.205.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:06 Last Seen2025-05-09 08:24 Times Seen9610 Hash 2a2781f9bb6302c2f96df0d1e96ef524 796bb90146495848c0c479533c367edadb94f1a9 1b60af0ce49d65e8b1006457c16883d60e53a0054bb157c57c3b03a82ee9964d Loading...

	bowfile.com/a5fc	ScriptElement	1.0 kB	2024-08-20	2024-08-20
Pretty URL bowfile.com/a5fc IP 172.67.205.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:02 Last Seen2024-08-20 17:02 Times Seen1 Hash 35e91714f1e8b7f42ba974e2f99e9051 9afdfb3b8982c4b6d15b2348a2e48d0f51e3d794 57c2af63545beb63bd48e3cc7c90c06bb1e5b9d246f67cb9419cd0f4797ed034 Loading...

	bowfile.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js	ScriptElement	87 kB	2023-03-07	2025-05-09
Pretty URL bowfile.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js IP 172.67.205.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19 Last Seen2025-05-09 08:33 Times Seen1887 Hash 5b5a269bd363e0886c17d855c2aab241 042dd055cd289215835a58507c9531f808e1648a 1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e Loading...

	bowfile.com/a5fc	ScriptElement	1.1 kB	2023-10-16	2025-05-09
Pretty URL bowfile.com/a5fc IP 172.67.205.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-16 21:14 Last Seen2025-05-09 06:37 Times Seen26 Hash 53e701ec493253580703994552edbb1a 9777d1fbe8dc3ec4a3ea8505a7384e689c745369 c2b1ac602413df4a7a6f3364680af37cb54b27f8afd553d1d91811969a06a2ef Loading...

	t.dtscout.com/pv/?_a=v&_h=bowfile.com&_ss=as1ys0041p&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=6t2o&_cb=_dtspv.c	ScriptElement	52 B	2024-08-20	2024-08-20
Pretty URL t.dtscout.com/pv/?_a=v&_h=bowfile.com&_ss=as1ys0041p&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=6t2o&_cb=_dtspv.c IP 141.101.120.10 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:02 Last Seen2024-08-20 17:02 Times Seen1 Hash 07edd3c8c8cc5c39b441cdb92b0b5d94 0a951fcb45c9f8f1de029b0b761dd0a6485c3c41 30b70eb2a60827ec82dc93ef60d0aa92669f80a65a82b9e5abf3a6f98eb66048 Loading...

	bowfile.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js	ScriptElement	70 kB	2023-03-07	2025-05-09
Pretty URL bowfile.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js IP 172.67.205.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-09 08:33 Times Seen1222 Hash 6fda19caa29287e6f584f0557fdeb6d4 40f58160090cd1f022704ee1352b343adb9e73b9 8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f Loading...

	bowfile.com/themes/spirit/assets/frontend/js/cookiealert.js	ScriptElement	935 B	2023-03-07	2025-03-19
Pretty URL bowfile.com/themes/spirit/assets/frontend/js/cookiealert.js IP 172.67.205.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35 Last Seen2025-03-19 05:48 Times Seen29 Hash 1c791617ad60e006d8b38817d1074a27 81ed3e6c7226ce51184fcb8ff6b61133278c96a6 4bfe55163fe5f7b2b54961753a79ce8f5bd8d76886479e78be996177ef9a16a6 Loading...

	bowfile.com/themes/spirit/assets/frontend/js/flickity.min.js	ScriptElement	54 kB	2023-03-07	2025-05-09
Pretty URL bowfile.com/themes/spirit/assets/frontend/js/flickity.min.js IP 172.67.205.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-09 08:33 Times Seen1217 Hash 8c1e666176ac7bdce67d58b45823ffac 75947e4316427ce0c5e33300aeb4dc4d7d54dd09 c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6 Loading...

	bowfile.com/themes/spirit/assets/frontend/js/jquery.steps.min.js	ScriptElement	14 kB	2023-03-07	2025-05-09
Pretty URL bowfile.com/themes/spirit/assets/frontend/js/jquery.steps.min.js IP 172.67.205.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-09 08:33 Times Seen1227 Hash 0eef6fe46d14f860d5666d2c7b13a564 7ab5f7deaca2f71efbc3bf9f5ba27b89d4697dbe 95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843 Loading...

	bowfile.com/themes/spirit/assets/frontend/js/countdown.min.js	ScriptElement	5.4 kB	2023-03-07	2025-05-09
Pretty URL bowfile.com/themes/spirit/assets/frontend/js/countdown.min.js IP 172.67.205.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-09 08:33 Times Seen1455 Hash 76a923d3d69255c45cd24bf9b100244f eb3c96f9901692f1a03500ea632963a16afdb985 8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5 Loading...

	bowfile.com/a5fc	ScriptElement	67 B	2023-03-07	2025-05-09
Pretty URL bowfile.com/a5fc IP 172.67.205.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:28 Last Seen2025-05-09 06:37 Times Seen26 Hash 55c20c5cce7b67af7998b5db93974ef6 2577fe5855ae58f662735e6277b898b22b8092b8 da05550f0c39c7f6384caa33bd40f80ef005407f3336e7bc4e1f80fd4341dccf Loading...

	bowfile.com/a5fc	ScriptElement	153 B	2023-03-07	2025-05-09
Pretty URL bowfile.com/a5fc IP 172.67.205.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:28 Last Seen2025-05-09 06:37 Times Seen26 Hash fcac8932c958dcd66ad3026ff21cbb63 e11ee4fb499b3b47ff57119b9ed02c399a82bc4d 88bb5609315f9ea92a0efcc106793ef6844d0d99c1c60437cc22f5ac4e2da670 Loading...

	purinediarize.com/thCy7IY0Xno3OiInW/55183	ScriptElement	5 B	2023-03-07	2025-05-09
Pretty URL purinediarize.com/thCy7IY0Xno3OiInW/55183 IP 23.109.248.183 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14 Last Seen2025-05-09 08:24 Times Seen5994 Hash f7a2939527fd9e68723da600e96d76bd a9e717b6364d2895ee0a716050db32ca0ef1bb42 d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a Loading...

	glersakr.com/tag.min.js	ScriptElement	81 kB	2023-12-02	2023-12-04
Pretty URL glersakr.com/tag.min.js IP 139.45.197.239 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-02 19:24 Last Seen2023-12-04 21:52 Times Seen70 Hash fb7eb4b07c3e717cad649d3afa99ca57 ba3a9cdd70a5f99c0ed8a032d79a08a6edb673d2 e6aa84f006f03b6a1cf7f3a082a3d7470943d3f29253cc4b0d1ee0f3e2cc76ee Loading...

	cameesse.net/1?z=6649610	ScriptElement	43 kB	2023-12-02	2023-12-02
Pretty URL cameesse.net/1?z=6649610 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-02 19:24 Last Seen2023-12-02 19:24 Times Seen1 Hash bdb509ee2869798b07afb5aa799f20d2 792e7482b4fdb5f5856218c6474002b859cba46c f07f9445e1c0ec8fe9daa20f9b1d1570c9a4f992dcbd2c5a77645b48d62920d9 Loading...

HTTP Transactions (52)

URL IP Response Size

bowfile.com/lg.png

172.67.205.230

200 OK

806 kB

URL GET HTTP/3
bowfile.com/lg.png
IP
172.67.205.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectbowfile.com
FingerprintEC:7E:59:5C:5B:DD:A7:5D:20:C2:E0:F9:FC:C2:B7:38:83:BB:87:19
ValidityThu, 16 Nov 2023 00:08:33 GMT - Wed, 14 Feb 2024 00:08:32 GMT

File type
PNG image data, 4804 x 1043, 8-bit/color RGBA, non-interlaced\012- data
Size
806 kB (806415 bytes)
Hash
1b63e25741f3459f3adf825eabad3c8f
6f8e62a04b5daac82158f1a44ca132ed11fa102f
0654449cc73d1f0ea7c0929fffc64d6e6fcdbcab55c0293cd35deaf6a0a55f57

HTTP Headers

GET /lg.png HTTP/1.1
Host: bowfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/a5fc
Cookie: filehosting=hik21juim75185c7m46ul6i07i
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 02 Dec 2023 18:23:44 GMT
content-type: image/png
content-length: 806415
last-modified: Wed, 19 May 2021 00:28:32 GMT
etag: "60a45bb0-c4e0f"
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 5381
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ri9xqTRak%2BmHZeONTnkE1NUD4GKe9WMzQatZkP8TSh91BS7A85l1yGBVQYCoa%2F2%2FaCMRXn1fRz1feIZlE%2Fo3sdKhs653OmHcRapL8qSqRSJArSP6WCTG6XiZA7UsKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f59a4d8be4b4ed-OSL
alt-svc: h3=":443"; ma=86400

bowfile.com/themes/spirit/assets/frontend/js/cookiealert.js

172.67.205.230

200 OK

938 B

URL GET HTTP/3
bowfile.com/themes/spirit/assets/frontend/js/cookiealert.js
IP
172.67.205.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectbowfile.com
FingerprintEC:7E:59:5C:5B:DD:A7:5D:20:C2:E0:F9:FC:C2:B7:38:83:BB:87:19
ValidityThu, 16 Nov 2023 00:08:33 GMT - Wed, 14 Feb 2024 00:08:32 GMT

File type
ASCII text, with very long lines (376)
Size
938 B (938 bytes)
Hash
1c791617ad60e006d8b38817d1074a27
81ed3e6c7226ce51184fcb8ff6b61133278c96a6
4bfe55163fe5f7b2b54961753a79ce8f5bd8d76886479e78be996177ef9a16a6

HTTP Headers

GET /themes/spirit/assets/frontend/js/cookiealert.js HTTP/1.1
Host: bowfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/a5fc
Cookie: filehosting=hik21juim75185c7m46ul6i07i
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 02 Dec 2023 18:23:44 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-bgj: minify
cf-polished: origSize=1836
etag: W/"5f8bebc0-72c"
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 5381
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwsGVXsLwKX5ngwdZVw9JFBJxSUDPdUoP4GKh%2FN7vy%2B9eVnf85lzT8s64yYHKkEGeRCnBVonoDNd07oN0%2Flo9JjvtErQFEt1h6XcwMRQkgRbvwTR7hiLi%2FtyDxZ%2BLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f59a4dcc34b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

purinediarize.com/thCy7IY0Xno3OiInW/55183

23.109.248.183

200 OK

25 B

URL GET HTTP/1.1
purinediarize.com/thCy7IY0Xno3OiInW/55183
IP
23.109.248.183:443
ASN
#7979 SERVERS-COM

Requested by
https://bowfile.com/a5fc
Certificate
IssuerLet's Encrypt
Subjectpurinediarize.com
Fingerprint7C:C0:BF:93:6F:49:9B:7D:AA:5C:13:46:F3:13:61:C7:9B:49:7F:B8
ValidityTue, 28 Nov 2023 23:54:08 GMT - Mon, 26 Feb 2024 23:54:07 GMT

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
f7a2939527fd9e68723da600e96d76bd
a9e717b6364d2895ee0a716050db32ca0ef1bb42
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a

HTTP Headers

GET /thCy7IY0Xno3OiInW/55183 HTTP/1.1
Host: purinediarize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Dec 2023 18:23:44 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://bowfile.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2BWXVBJ%2BEAHqFVQXz0Za%2FgIyntH6wL7aZU0NtLTPRtMvlNJgiCqLpFuGYp4k9R414NvJGs5fKhfmRNUz8JRkPfvvTtc8MFa3Gll86LfiKf4LDMwvnOrwmOIxlyWnbSKipwt6u%2F5mzsZhKkvRNGFUjnXUwF8t7ZbSFXxUiMmAn5STsa7NcuxId1iDmr96zNnkOGyC5VXF4jf9NG7cvyiIizsswC3Fwm4Qfr5k6rLEQ6OqEI4SsOUngarftGrmg5e3sB7KS6f%2F97HG%2BcIVO0aklIrX8n9wNBjE5s; expires=Sun, 03-Dec-2023 18:23:44 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Sun, 03-Dec-2023 18:23:44 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

www.googletagmanager.com/gtag/js?id=G-G45GX6EFX2

142.250.74.168

200 OK

86 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-G45GX6EFX2
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (3034)
Size
86 kB (85526 bytes)
Hash
82024e5622caf7428bebd6b244781e00
fdcc8a1c24c82d5757c50c2f523123ba2d6b7ba1
8bbb7a841873c446857faf5ed620faeac0c07874a8febda3f20970869a9cec30

HTTP Headers

GET /gtag/js?id=G-G45GX6EFX2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 02 Dec 2023 18:23:44 GMT
expires: Sat, 02 Dec 2023 18:23:44 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85526
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

bowfile.com/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2

172.67.205.230

200 OK

80 kB

URL GET HTTP/3
bowfile.com/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2
IP
172.67.205.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectbowfile.com
FingerprintEC:7E:59:5C:5B:DD:A7:5D:20:C2:E0:F9:FC:C2:B7:38:83:BB:87:19
ValidityThu, 16 Nov 2023 00:08:33 GMT - Wed, 14 Feb 2024 00:08:32 GMT

File type
Web Open Font Format (Version 2), TrueType, length 80148, version 331.17301\012- data
Size
80 kB (80148 bytes)
Hash
c500da19d776384ba69573ae6fe274e7
6290834672aba86d5b6c1c73b30b57c9c53996f7
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

HTTP Headers

GET /themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2 HTTP/1.1
Host: bowfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/themes/spirit/assets/frontend/css/font-awesome.min.css
Cookie: filehosting=hik21juim75185c7m46ul6i07i
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 02 Dec 2023 18:23:44 GMT
content-type: font/woff2
content-length: 80148
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
etag: "5f8bebc0-13914"
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 7115
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWM9bCNTdb49H5DEKGlmmGcI42DzjZArdK0cWsPG1nqyDJAtN2Nt84C51O0VGAHEh5PPVZYUgWTPW2PFrYueSaqUWYYkP%2BfobyEz8s22EqIn7j0ujWB%2Fa2r%2B8G6lcg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f59a50df1bb4ed-OSL
alt-svc: h3=":443"; ma=86400

bowfile.com/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631

172.67.205.230

200 OK

4.3 kB

URL GET HTTP/3
bowfile.com/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631
IP
172.67.205.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectbowfile.com
FingerprintEC:7E:59:5C:5B:DD:A7:5D:20:C2:E0:F9:FC:C2:B7:38:83:BB:87:19
ValidityThu, 16 Nov 2023 00:08:33 GMT - Wed, 14 Feb 2024 00:08:32 GMT

File type
Web Open Font Format (Version 2), TrueType, length 4292, version 1.0\012- data
Size
4.3 kB (4292 bytes)
Hash
ae072782b361d2afdbf43db08d3cfb73
f3db2e65b53d97491672f8631e21d6d05905cc88
31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b

HTTP Headers

GET /themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631 HTTP/1.1
Host: bowfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/themes/spirit/assets/frontend/css/stack-interface.css
Cookie: filehosting=hik21juim75185c7m46ul6i07i
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 02 Dec 2023 18:23:44 GMT
content-type: font/woff2
content-length: 4292
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
etag: "5f8bebc0-10c4"
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 7115
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2BxOwIJZFEvKwlCGp7XDok%2FXto08YTNIXjoLgvQP%2FyUEuKCSEM7kDYUgSFcEpYuE1z7Pi4AZaltz2n1tjFuia5Zo%2FADCn4XbnETuutLXAIYGoXEW%2FjNKV%2F24jU4uww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f59a50ff51b4ed-OSL
alt-svc: h3=":443"; ma=86400

bowfile.com/themes/spirit/assets/frontend/css/socicon.css

172.67.205.230

200 OK

2.1 kB

URL GET HTTP/3
bowfile.com/themes/spirit/assets/frontend/css/socicon.css
IP
172.67.205.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectbowfile.com
FingerprintEC:7E:59:5C:5B:DD:A7:5D:20:C2:E0:F9:FC:C2:B7:38:83:BB:87:19
ValidityThu, 16 Nov 2023 00:08:33 GMT - Wed, 14 Feb 2024 00:08:32 GMT

File type
ASCII text, with very long lines (7641), with no line terminators
Size
2.1 kB (2119 bytes)
Hash
07e4b8874a00408fb4997bca9a7625aa
2c078c0e6d9ee142156a80296d763b013099bcbc
bcb499166a81c2c68de921f186c95ed6c29859acf2a07422c15ddb1f4b9e7686

HTTP Headers

GET /themes/spirit/assets/frontend/css/socicon.css HTTP/1.1
Host: bowfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/a5fc
Cookie: filehosting=hik21juim75185c7m46ul6i07i
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 02 Dec 2023 18:23:44 GMT
content-type: text/css
cache-control: public, max-age=14400
cf-bgj: minify
cf-polished: origSize=9838
etag: W/"5f8bebbe-266e"
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6152
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhaiTINX7ck1BkjgsvE%2B%2BoOoKkaC842hBxkwoX%2F6s%2FK%2F9TDuhTQYGVlCJih1h%2BzNjPF9SlIMxoWViIj1YuOvQ%2BaxMrXY26q%2BCvuThb5ZJnk8vZrFH%2BOKwdwTR87GOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f59a4d5bb4b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bowfile.com/themes/spirit/assets/frontend/css/bootstrap.min.css

172.67.205.230

200 OK

13 kB

URL GET HTTP/3
bowfile.com/themes/spirit/assets/frontend/css/bootstrap.min.css
IP
172.67.205.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectbowfile.com
FingerprintEC:7E:59:5C:5B:DD:A7:5D:20:C2:E0:F9:FC:C2:B7:38:83:BB:87:19
ValidityThu, 16 Nov 2023 00:08:33 GMT - Wed, 14 Feb 2024 00:08:32 GMT

File type
ASCII text, with very long lines (65319), with CRLF line terminators
Size
13 kB (13287 bytes)
Hash
9b67b9ffbfcbe226a8c413fa740fd91c
7837bd0c312897e46311aaf472947f3e23d75df2
2642f94894419d1cebdc4a010b9380a7403063dd6d28ea8a80bd5ebd01186732

HTTP Headers

GET /themes/spirit/assets/frontend/css/bootstrap.min.css HTTP/1.1
Host: bowfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/a5fc
Cookie: filehosting=hik21juim75185c7m46ul6i07i
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 02 Dec 2023 18:23:44 GMT
content-type: text/css
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
vary: Accept-Encoding
etag: W/"5f8bebbe-12c7a"
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 6152
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hSptt1PxZJMC0SZV0BTfDa5bWJINTnhqgFtghPvSZ3IdFwkhSqIVPk9ygDjHaC0t8dUKxkyVNs92b1AW4jf%2BnmxQxNQDcuKuzhszSuyBHZTKiGMMZmSvDOFEf4vJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f59a4d5bafb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bowfile.com/themes/spirit/assets/frontend/css/lightbox.min.css

172.67.205.230

200 OK

1.4 kB

URL GET HTTP/3
bowfile.com/themes/spirit/assets/frontend/css/lightbox.min.css
IP
172.67.205.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectbowfile.com
FingerprintEC:7E:59:5C:5B:DD:A7:5D:20:C2:E0:F9:FC:C2:B7:38:83:BB:87:19
ValidityThu, 16 Nov 2023 00:08:33 GMT - Wed, 14 Feb 2024 00:08:32 GMT

File type
ASCII text, with CRLF line terminators
Size
1.4 kB (1384 bytes)
Hash
30265c8089a8f3e871d0873ef6a5b944
2804a2fe5a6a956626ce6a46adf6b1a0676ee13d
f9f33dca7f9a5a735a0a03502993e0a092df81d820beb1ed4071e4611a9630ed

HTTP Headers

GET /themes/spirit/assets/frontend/css/lightbox.min.css HTTP/1.1
Host: bowfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/a5fc
Cookie: filehosting=hik21juim75185c7m46ul6i07i
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 02 Dec 2023 18:23:44 GMT
content-type: text/css
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
vary: Accept-Encoding
etag: W/"5f8bebbe-f31"
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 6152
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QwSxp8YT5dmAjtjcIhi6vecLcaWv0xjHVdolVfAorJ7LkA2InJAZeXM2Jz0cCnG0o6qZGCjs3%2BFU4p20U0mOFEm%2FqUiQNjp5fi1%2B6kSrPu%2Fii%2FUuGEtlqwdyFJshiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f59a4d5bb8b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.99

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bowfile.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 14:58:12 GMT
expires: Thu, 28 Nov 2024 14:58:12 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
age: 271532
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.99

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bowfile.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 14:58:12 GMT
expires: Thu, 28 Nov 2024 14:58:12 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
age: 271532
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.99

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bowfile.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 14:58:12 GMT
expires: Thu, 28 Nov 2024 14:58:12 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
age: 271532
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.99

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bowfile.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 14:58:12 GMT
expires: Thu, 28 Nov 2024 14:58:12 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
age: 271532
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

bowfile.com/a5fc

172.67.205.230

200 OK

0 B

URL HEAD HTTP/3
bowfile.com/a5fc
IP
172.67.205.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectbowfile.com
FingerprintEC:7E:59:5C:5B:DD:A7:5D:20:C2:E0:F9:FC:C2:B7:38:83:BB:87:19
ValidityThu, 16 Nov 2023 00:08:33 GMT - Wed, 14 Feb 2024 00:08:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /a5fc HTTP/1.1
Host: bowfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/a5fc
Cookie: filehosting=hik21juim75185c7m46ul6i07i
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 02 Dec 2023 18:23:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, no-cache, public
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYdxF967JiOST%2FPv%2Flb1PYKd%2B%2F158Sfj1F5LPb16QwTo1Z%2Fvi1Wtn1DmMZmc8ObDgVgVllsl%2Fwa55wp3Jdk6vMYSYviLkBm9XxMoBldrRkjnobdxLcf13ABEeo5pIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f59a509ed6b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/opensans/v36/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2

142.250.74.99

200 OK

19 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19308, version 1.0\012- data
Size
19 kB (19308 bytes)
Hash
0d17dc102f6109715e0d74d9e267cbd7
204a106f9eb8c74953d411f200196c544ed87300
883bd0f053cde78238a0881291e4b6647acd9b3fa73808db5ac83d286bb4b44e

HTTP Headers

GET /s/opensans/v36/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bowfile.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Nov 2023 23:43:32 GMT
expires: Tue, 26 Nov 2024 23:43:32 GMT
cache-control: public, max-age=31536000
age: 412812
last-modified: Thu, 14 Sep 2023 01:04:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

glersakr.com/tag.min.js

139.45.197.239

200 OK

26 kB

URL GET HTTP/2
glersakr.com/tag.min.js
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://bowfile.com/a5fc
Certificate
IssuerLet's Encrypt
Subjectglersakr.com
Fingerprint78:DE:BA:CB:7A:B7:A3:A1:D3:F5:58:84:3A:44:AD:2A:DB:14:6E:68
ValiditySat, 07 Oct 2023 07:22:12 GMT - Fri, 05 Jan 2024 07:22:11 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
26 kB (25611 bytes)
Hash
fb7eb4b07c3e717cad649d3afa99ca57
ba3a9cdd70a5f99c0ed8a032d79a08a6edb673d2
e6aa84f006f03b6a1cf7f3a082a3d7470943d3f29253cc4b0d1ee0f3e2cc76ee

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: glersakr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 02 Dec 2023 18:23:45 GMT
content-type: text/javascript; charset=utf-8
content-length: 25611
content-encoding: br
x-trace-id: 9a4bb7dbfa6a3b3ae0441b70a3dd0f98
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Sat, 02 Dec 2023 17:34:56 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

bowfile.com/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png

172.67.205.230

200 OK

849 B

URL GET HTTP/3
bowfile.com/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png
IP
172.67.205.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectbowfile.com
FingerprintEC:7E:59:5C:5B:DD:A7:5D:20:C2:E0:F9:FC:C2:B7:38:83:BB:87:19
ValidityThu, 16 Nov 2023 00:08:33 GMT - Wed, 14 Feb 2024 00:08:32 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
849 B (849 bytes)
Hash
9e2e5a1b5f9de6f65f38c2013f54d6e3
7e3697b34eae30aff6f1fc47d24fda12cb23f1ef
c46d0b0563620af19dd7ad1689b965ef9156c26e537ce81723f828a8b4845b89

HTTP Headers

GET /themes/spirit/assets/frontend/img/favicon/favicon-16x16.png HTTP/1.1
Host: bowfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/a5fc
Cookie: filehosting=hik21juim75185c7m46ul6i07i; _ga_G45GX6EFX2=GS1.1.1701541430.1.0.1701541430.0.0.0; _ga=GA1.1.725084394.1701541430
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 02 Dec 2023 18:23:45 GMT
content-type: image/png
content-length: 849
last-modified: Sat, 22 May 2021 00:41:54 GMT
etag: "60a85352-351"
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 7116
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lfOfEB5TSvwRgYzKvCKmVkSA1yk%2Bx5RS4uWqHddvk6Z7R3NM8rK6Oyjv7RLgbtf0raMLjYw6UES6VZ5KBsfzzA4VpMPxk1FuE7BiO%2FX7AMCPfAUn66FhDzrhjya0UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f59a54fbb2b4ed-OSL
alt-svc: h3=":443"; ma=86400

bowfile.com/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png

172.67.205.230

200 OK

36 kB

URL GET HTTP/3
bowfile.com/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png
IP
172.67.205.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectbowfile.com
FingerprintEC:7E:59:5C:5B:DD:A7:5D:20:C2:E0:F9:FC:C2:B7:38:83:BB:87:19
ValidityThu, 16 Nov 2023 00:08:33 GMT - Wed, 14 Feb 2024 00:08:32 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
36 kB (35486 bytes)
Hash
ff48e5c8d20ea41f385c3bed9208c520
e21f83f2c37160693d6f6abc0cb3c28d781b51c9
0654a8a641a7c7c3bd80abf11fd69edf42d98a69880c707681e5963efbabe072

HTTP Headers

GET /themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png HTTP/1.1
Host: bowfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/a5fc
Cookie: filehosting=hik21juim75185c7m46ul6i07i; _ga_G45GX6EFX2=GS1.1.1701541430.1.0.1701541430.0.0.0; _ga=GA1.1.725084394.1701541430
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 02 Dec 2023 18:23:45 GMT
content-type: image/png
content-length: 35486
last-modified: Sat, 22 May 2021 00:41:55 GMT
etag: "60a85353-8a9e"
cache-control: public, max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2T%2B8dOAsawf8Cs9%2F8bl5xZUE68vkJ6mINvukfd21uor6Vsl8OkQrczSo5r1t%2FasRHOZdCbsVUU6sdVEV8PW2tsPMrx4%2BIvXp4unaKSa7VWZW%2B55Cetm0e8zcxXOEjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f59a54fbadb4ed-OSL
alt-svc: h3=":443"; ma=86400

bowfile.com/themes/spirit/assets/frontend/css/stack-interface.css

172.67.205.230

200 OK

981 B

URL GET HTTP/3
bowfile.com/themes/spirit/assets/frontend/css/stack-interface.css
IP
172.67.205.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectbowfile.com
FingerprintEC:7E:59:5C:5B:DD:A7:5D:20:C2:E0:F9:FC:C2:B7:38:83:BB:87:19
ValidityThu, 16 Nov 2023 00:08:33 GMT - Wed, 14 Feb 2024 00:08:32 GMT

File type
ASCII text, with very long lines (1667), with no line terminators
Size
981 B (981 bytes)
Hash
d2acd427ba6054b822fe2b23d2049f1b
727871cf01841eb42ab2218d9d4ca7df529a3d0d
dc3e1c7f25f8898edf9bba53c1cf0730271371e373bdd4dad4535cecedf85ba3

HTTP Headers

GET /themes/spirit/assets/frontend/css/stack-interface.css HTTP/1.1
Host: bowfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/a5fc
Cookie: filehosting=hik21juim75185c7m46ul6i07i
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 02 Dec 2023 18:23:44 GMT
content-type: text/css
cache-control: public, max-age=14400
cf-bgj: minify
cf-polished: origSize=3160
etag: W/"5f8bebbe-c58"
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6152
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0opiBLQjZaKiYVKpQSJiGROguSBt2y8KLXqVeDy4F5zp8zREntxEqLXL5q1W9Wjw3cASomi7ykgWtlDruCkoINSI1Gp69pcMUh5V3pXTT1vAv1NfMoMWqirR%2FQltQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f59a4d5bb3b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

my.rtmark.net/gid.js?userId=8e91ab473ad54ae0a7aa30af2b540771

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=8e91ab473ad54ae0a7aa30af2b540771
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://bowfile.com/a5fc
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintE8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42
ValiditySat, 07 Oct 2023 15:22:00 GMT - Fri, 05 Jan 2024 15:21:59 GMT

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
488dce9dd75091c0cc943a5d539acc2d
133a25a095535e5c88ecfe199b5902b1872b29c8
997d442e237a69951df3096e71b05ec5219eb811591d66e6b696edbc2785aeed

HTTP Headers

GET /gid.js?userId=8e91ab473ad54ae0a7aa30af2b540771 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bowfile.com
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 02 Dec 2023 18:23:45 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://bowfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=8e91ab473ad54ae0a7aa30af2b540771; expires=Sun, 01 Dec 2024 18:23:45 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

cameesse.net/9?z=6649610&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fbowfile.com%2Fa5fc&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&oaid=8e91ab473ad54ae0a7aa30af2b540771

139.45.197.242

200 OK

0 B

URL POST HTTP/2
cameesse.net/9?z=6649610&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fbowfile.com%2Fa5fc&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&oaid=8e91ab473ad54ae0a7aa30af2b540771
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://bowfile.com/a5fc
Certificate
IssuerLet's Encrypt
Subjectcameesse.net
Fingerprint95:AE:4C:29:A9:9F:0C:04:38:32:00:81:30:07:95:A7:F8:B0:77:D6
ValidityWed, 18 Oct 2023 10:27:53 GMT - Tue, 16 Jan 2024 10:27:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /9?z=6649610&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fbowfile.com%2Fa5fc&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&oaid=8e91ab473ad54ae0a7aa30af2b540771 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://bowfile.com/
Origin: https://bowfile.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Sat, 02 Dec 2023 18:23:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://bowfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

cameesse.net/27/b7af9eee900df9a8aa2af9ad8ee46174

139.45.197.242

200 OK

130 kB

URL GET HTTP/2
cameesse.net/27/b7af9eee900df9a8aa2af9ad8ee46174
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://bowfile.com/a5fc
Certificate
IssuerLet's Encrypt
Subjectcameesse.net
Fingerprint95:AE:4C:29:A9:9F:0C:04:38:32:00:81:30:07:95:A7:F8:B0:77:D6
ValidityWed, 18 Oct 2023 10:27:53 GMT - Tue, 16 Jan 2024 10:27:52 GMT

File type
ASCII text, with very long lines (65523)
Size
130 kB (130445 bytes)
Hash
1dc3ebe1459db3cde0597b21156f2665
0e5a8c7b79a34f4fffaeab7c7eb4f3a19b0d75f6
1a3f7f2cfe5fba958e9df1a38c0980aab5bb21225601ea849f9e6df4afe09f2e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /27/b7af9eee900df9a8aa2af9ad8ee46174 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/
Cookie: scm=1; OAID=4011adbb1c99400fb0db648125686f79; oaidts=1701541425
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 02 Dec 2023 18:23:45 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: e618604a3ae17487b69cc610e251409c
cache-control: max-age:290304000, public
last-modified: Fri, 24 Nov 2023 06:46:08 GMT
expires: Fri, 24 Dec 2083 06:46:08 GMT
access-control-expose-headers: X-Sc
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

interbuzznews.com/contents/s/1c/09/63/75a534c6a2bf3b7f1ca702d1c7/0114732544225.jpeg

139.45.197.154

200 OK

9.3 kB

URL GET HTTP/2
interbuzznews.com/contents/s/1c/09/63/75a534c6a2bf3b7f1ca702d1c7/0114732544225.jpeg
IP
139.45.197.154:443
ASN
#9002 RETN Limited

Requested by
https://interbuzznews.com/?l=kzHKSWcZinJTibQ&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3032564163%26z%3D6649610%26b%3D19427765%26c%3D7595353%26var%3D%26varid%3D0%26d%3Dhttp%253A%252F%252Fsinglewomenmeet.com%252Fbase.php%253Fc%253D3576%2526key%253D6878efbd7e6d318c378b17a4469f5644%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DBmPITzlQtoYbqzIgztvummayxTge68WWyhnwBBZyvuGtc4ME26-3y2zyvSDRYGFIdu9myVnbbOZj2Xd3YDJxYvrrZG63DRc-MIvE1Neevd_sTEM7kEf7BKYK5TJWTlfbBeqdF3-YAu5tR0NcqA5NgUvJisz2nkUg0gGTWYqjyhUMCB4ieMZjG9hHrJiXbARCeWOSDNbDwf_vdxb57ziEaG79b1AUBYpkc3vfa52-b7k_7wFVSZlh1N8lXWk5WEQ09JWbt12Y-1_Y96zHT7aI2WkK3exKkLdUNq9AYkaQV3NRuAEiyAPI-iyUdVBdVql0slr3WaeQiULPaXs75wmUaDM6tEY0GKngeT3uXxPjKUcrhcsINTTazc7dme0VpFfj0EM_VA0XvRDQEtKTVkNzJIkuZxWqsHW-EQqYN_eHlmMV4EKpEZU53r0JWsBZ9cxYOkWhlglY-1AhSox9SWuAxf5E9DtQ7yaulr5vz6pBNYBcbhDjyjx3102yK2giWK-aQ8i9p1i72cJehlWrIfLxZ2xnI5-vCGfIoWdCPBNtBsRYZpIwpOe50frdzl4wTGyE31vG7tCBt77SUQk64N4uNSS7fGchR1JHSnka8XlzMhiHdYBeFHK9VMvdTUu7MKcLsd_eFMBI17ecLxDSTshhIjFBMsOi-LTkg3QLPsrWJS4%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3D21d17c4b-6c69-4ee8-9f75-f5287526c10e%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fbowfile.com%252Fa5fc%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D1024%26wfc%3D1%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Certificate
IssuerLet's Encrypt
Subjectinterbuzznews.com
FingerprintB5:C4:C7:F0:3F:BC:50:A9:21:50:39:B8:F8:2E:7E:72:56:62:E7:33
ValidityFri, 22 Sep 2023 05:18:00 GMT - Thu, 21 Dec 2023 05:17:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
9.3 kB (9303 bytes)
Hash
1c096375a534c6a2bf3b7f1ca702d1c7
99b923326a9c71c15a252c43e47d586a8936bfb1
e9f457f6e6a31b5e1a741d024c107d10a58df50a62707c7883da864ce7191cc2

HTTP Headers

GET /contents/s/1c/09/63/75a534c6a2bf3b7f1ca702d1c7/0114732544225.jpeg HTTP/1.1
Host: interbuzznews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://interbuzznews.com/?l=kzHKSWcZinJTibQ&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3032564163%26z%3D6649610%26b%3D19427765%26c%3D7595353%26var%3D%26varid%3D0%26d%3Dhttp%253A%252F%252Fsinglewomenmeet.com%252Fbase.php%253Fc%253D3576%2526key%253D6878efbd7e6d318c378b17a4469f5644%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DBmPITzlQtoYbqzIgztvummayxTge68WWyhnwBBZyvuGtc4ME26-3y2zyvSDRYGFIdu9myVnbbOZj2Xd3YDJxYvrrZG63DRc-MIvE1Neevd_sTEM7kEf7BKYK5TJWTlfbBeqdF3-YAu5tR0NcqA5NgUvJisz2nkUg0gGTWYqjyhUMCB4ieMZjG9hHrJiXbARCeWOSDNbDwf_vdxb57ziEaG79b1AUBYpkc3vfa52-b7k_7wFVSZlh1N8lXWk5WEQ09JWbt12Y-1_Y96zHT7aI2WkK3exKkLdUNq9AYkaQV3NRuAEiyAPI-iyUdVBdVql0slr3WaeQiULPaXs75wmUaDM6tEY0GKngeT3uXxPjKUcrhcsINTTazc7dme0VpFfj0EM_VA0XvRDQEtKTVkNzJIkuZxWqsHW-EQqYN_eHlmMV4EKpEZU53r0JWsBZ9cxYOkWhlglY-1AhSox9SWuAxf5E9DtQ7yaulr5vz6pBNYBcbhDjyjx3102yK2giWK-aQ8i9p1i72cJehlWrIfLxZ2xnI5-vCGfIoWdCPBNtBsRYZpIwpOe50frdzl4wTGyE31vG7tCBt77SUQk64N4uNSS7fGchR1JHSnka8XlzMhiHdYBeFHK9VMvdTUu7MKcLsd_eFMBI17ecLxDSTshhIjFBMsOi-LTkg3QLPsrWJS4%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3D21d17c4b-6c69-4ee8-9f75-f5287526c10e%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fbowfile.com%252Fa5fc%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D1024%26wfc%3D1%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 02 Dec 2023 18:23:46 GMT
content-type: image/jpeg
content-length: 9303
last-modified: Tue, 31 Oct 2023 04:03:52 GMT
vary: Accept-Encoding
etag: "65407ca8-2457"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2

bowfile.com/themes/spirit/assets/frontend/css/iconsmind.css

172.67.205.230

200 OK

93 kB

URL GET HTTP/3
bowfile.com/themes/spirit/assets/frontend/css/iconsmind.css
IP
172.67.205.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectbowfile.com
FingerprintEC:7E:59:5C:5B:DD:A7:5D:20:C2:E0:F9:FC:C2:B7:38:83:BB:87:19
ValidityThu, 16 Nov 2023 00:08:33 GMT - Wed, 14 Feb 2024 00:08:32 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
93 kB (93294 bytes)
Hash
145bda93bb0b92ed644cdc2a0604e19f
32ed5b9253ed44fd430c0a2897e7ccbea413e7f9
38391d0c01d7fee8c61a80c9b507ef05d0cb76876a42feebded8b06905015d13

HTTP Headers

GET /themes/spirit/assets/frontend/css/iconsmind.css HTTP/1.1
Host: bowfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/a5fc
Cookie: filehosting=hik21juim75185c7m46ul6i07i
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 02 Dec 2023 18:23:44 GMT
content-type: text/css
cache-control: public, max-age=14400
cf-bgj: minify
cf-polished: origSize=102727
etag: W/"5f8bebbe-19147"
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6152
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NML%2BIHRoEYg0U3tLK92vsxSeYHXuq%2Fv5Ba4RGSlixE6TAQSlYxgGC1BOlGSoWxh31%2B7JTMfsrOU9nVcl42dBViuWZ6QYf9MlG1kOv6jgsFJtdw2YHLnsegor5xHPsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f59a4d5bbbb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cameesse.net/11?rnd=2398889027&z=6649610&b=19427765&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=BmPITzlQtoYbqzIgztvummayxTge68WWyhnwBBZyvuGtc4ME26-3y2zyvSDRYGFIdu9myVnbbOZj2Xd3YDJxYvrrZG63DRc-MIvE1Neevd_sTEM7kEf7BKYK5TJWTlfbBeqdF3-YAu5tR0NcqA5NgUvJisz2nkUg0gGTWYqjyhUMCB4ieMZjG9hHrJiXbARCeWOSDNbDwf_vdxb57ziEaG79b1AUBYpkc3vfa52-b7k_7wFVSZlh1N8lXWk5WEQ09JWbt12Y-1_Y96zHT7aI2WkK3exKkLdUNq9AYkaQV3NRuAEiyAPI-iyUdVBdVql0slr3WaeQiULPaXs75wmUaDM6tEY0GKngeT3uXxPjKUcrhcsINTTazc7dme0VpFfj0EM_VA0XvRDQEtKTVkNzJIkuZxWqsHW-EQqYN_eHlmMV4EKpEZU53r0JWsBZ9cxYOkWhlglY-1AhSox9SWuAxf5E9DtQ7yaulr5vz6pBNYBcbhDjyjx3102yK2giWK-aQ8i9p1i72cJehlWrIfLxZ2xnI5-vCGfIoWdCPBNtBsRYZpIwpOe50frdzl4wTGyE31vG7tCBt77SUQk64N4uNSS7fGchR1JHSnka8XlzMhiHdYBeFHK9VMvdTUu7MKcLsd_eFMBI17ecLxDSTshhIjFBMsOi-LTkg3QLPsrWJS4=&ruid=21d17c4b-6c69-4ee8-9f75-f5287526c10e&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fbowfile.com%2Fa5fc&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1

139.45.197.242

200 OK

0 B

URL GET HTTP/2
cameesse.net/11?rnd=2398889027&z=6649610&b=19427765&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=BmPITzlQtoYbqzIgztvummayxTge68WWyhnwBBZyvuGtc4ME26-3y2zyvSDRYGFIdu9myVnbbOZj2Xd3YDJxYvrrZG63DRc-MIvE1Neevd_sTEM7kEf7BKYK5TJWTlfbBeqdF3-YAu5tR0NcqA5NgUvJisz2nkUg0gGTWYqjyhUMCB4ieMZjG9hHrJiXbARCeWOSDNbDwf_vdxb57ziEaG79b1AUBYpkc3vfa52-b7k_7wFVSZlh1N8lXWk5WEQ09JWbt12Y-1_Y96zHT7aI2WkK3exKkLdUNq9AYkaQV3NRuAEiyAPI-iyUdVBdVql0slr3WaeQiULPaXs75wmUaDM6tEY0GKngeT3uXxPjKUcrhcsINTTazc7dme0VpFfj0EM_VA0XvRDQEtKTVkNzJIkuZxWqsHW-EQqYN_eHlmMV4EKpEZU53r0JWsBZ9cxYOkWhlglY-1AhSox9SWuAxf5E9DtQ7yaulr5vz6pBNYBcbhDjyjx3102yK2giWK-aQ8i9p1i72cJehlWrIfLxZ2xnI5-vCGfIoWdCPBNtBsRYZpIwpOe50frdzl4wTGyE31vG7tCBt77SUQk64N4uNSS7fGchR1JHSnka8XlzMhiHdYBeFHK9VMvdTUu7MKcLsd_eFMBI17ecLxDSTshhIjFBMsOi-LTkg3QLPsrWJS4=&ruid=21d17c4b-6c69-4ee8-9f75-f5287526c10e&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fbowfile.com%2Fa5fc&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://bowfile.com/a5fc
Certificate
IssuerLet's Encrypt
Subjectcameesse.net
Fingerprint95:AE:4C:29:A9:9F:0C:04:38:32:00:81:30:07:95:A7:F8:B0:77:D6
ValidityWed, 18 Oct 2023 10:27:53 GMT - Tue, 16 Jan 2024 10:27:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /11?rnd=2398889027&z=6649610&b=19427765&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=BmPITzlQtoYbqzIgztvummayxTge68WWyhnwBBZyvuGtc4ME26-3y2zyvSDRYGFIdu9myVnbbOZj2Xd3YDJxYvrrZG63DRc-MIvE1Neevd_sTEM7kEf7BKYK5TJWTlfbBeqdF3-YAu5tR0NcqA5NgUvJisz2nkUg0gGTWYqjyhUMCB4ieMZjG9hHrJiXbARCeWOSDNbDwf_vdxb57ziEaG79b1AUBYpkc3vfa52-b7k_7wFVSZlh1N8lXWk5WEQ09JWbt12Y-1_Y96zHT7aI2WkK3exKkLdUNq9AYkaQV3NRuAEiyAPI-iyUdVBdVql0slr3WaeQiULPaXs75wmUaDM6tEY0GKngeT3uXxPjKUcrhcsINTTazc7dme0VpFfj0EM_VA0XvRDQEtKTVkNzJIkuZxWqsHW-EQqYN_eHlmMV4EKpEZU53r0JWsBZ9cxYOkWhlglY-1AhSox9SWuAxf5E9DtQ7yaulr5vz6pBNYBcbhDjyjx3102yK2giWK-aQ8i9p1i72cJehlWrIfLxZ2xnI5-vCGfIoWdCPBNtBsRYZpIwpOe50frdzl4wTGyE31vG7tCBt77SUQk64N4uNSS7fGchR1JHSnka8XlzMhiHdYBeFHK9VMvdTUu7MKcLsd_eFMBI17ecLxDSTshhIjFBMsOi-LTkg3QLPsrWJS4=&ruid=21d17c4b-6c69-4ee8-9f75-f5287526c10e&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fbowfile.com%2Fa5fc&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bowfile.com
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/
Cookie: scm=1; OAID=8e91ab473ad54ae0a7aa30af2b540771; oaidts=1701541425
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 02 Dec 2023 18:23:49 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://bowfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 9bbe7d363b9a57010950f96dad5f6231
access-control-expose-headers: X-Sc
set-cookie: OAID=8e91ab473ad54ae0a7aa30af2b540771; expires=Sun, 01 Dec 2024 18:23:49 GMT; secure; SameSite=None
oaidts=1701541425; expires=Sun, 01 Dec 2024 18:23:49 GMT; secure; SameSite=None
oaidvc=1; expires=Sun, 01 Dec 2024 18:23:49 GMT; secure; SameSite=None
CNT=1_v1_tXEoAQEAAADtTAAA; expires=Sat, 02 Dec 2023 19:23:49 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

bowfile.com/themes/spirit/assets/frontend/css/theme.css?var1.2

172.67.205.230

200 OK

163 kB

URL GET HTTP/3
bowfile.com/themes/spirit/assets/frontend/css/theme.css?var1.2
IP
172.67.205.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectbowfile.com
FingerprintEC:7E:59:5C:5B:DD:A7:5D:20:C2:E0:F9:FC:C2:B7:38:83:BB:87:19
ValidityThu, 16 Nov 2023 00:08:33 GMT - Wed, 14 Feb 2024 00:08:32 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
163 kB (162817 bytes)
Hash
09baa58ba7a96054c4aa605e2a9d51b2
3477c84fc652d540594c09fc2905c393ec4d655d
5f70fef49b1fa602e97e2f12a0a3ca46a5db090fa34dad736f8ae5c57c9ba0a6

HTTP Headers

GET /themes/spirit/assets/frontend/css/theme.css?var1.2 HTTP/1.1
Host: bowfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/a5fc
Cookie: filehosting=hik21juim75185c7m46ul6i07i
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 02 Dec 2023 18:23:44 GMT
content-type: text/css
cache-control: public, max-age=14400
cf-bgj: minify
cf-polished: origSize=207645
etag: W/"60a91951-32b1d"
last-modified: Sat, 22 May 2021 14:46:41 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6152
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oi4Mx3gydUYJHBt57DpWxrhHZPPYj9WvpK4%2F2TMdqA05yH8I8E%2FGkKCm%2FlOBssOf1Hc%2FWlXbEtvHhox%2BrsyOK1AcNGnATm5HtkyzDf2TxGqy9EW14k%2Bsf6cVY1N30A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f59a4d6bcdb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bowfile.com/themes/spirit/assets/frontend/css/cookiealert.css

172.67.205.230

200 OK

12 kB

URL GET HTTP/3
bowfile.com/themes/spirit/assets/frontend/css/cookiealert.css
IP
172.67.205.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectbowfile.com
FingerprintEC:7E:59:5C:5B:DD:A7:5D:20:C2:E0:F9:FC:C2:B7:38:83:BB:87:19
ValidityThu, 16 Nov 2023 00:08:33 GMT - Wed, 14 Feb 2024 00:08:32 GMT

File type
ASCII text, with very long lines (12014), with no line terminators
Size
12 kB (12014 bytes)
Hash
c03488f55b032d33ba579bb11b80f2ca
10737330b72796eaa3b3aaf044a0e7d5f9fd15f3
b712033ea1c370616c3105391e98e4867cea0159be8444ddd20249ea9888c950

HTTP Headers

GET /themes/spirit/assets/frontend/css/cookiealert.css HTTP/1.1
Host: bowfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/a5fc
Cookie: filehosting=hik21juim75185c7m46ul6i07i
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 02 Dec 2023 18:23:44 GMT
content-type: text/css
cache-control: public, max-age=14400
cf-bgj: minify
cf-polished: origSize=12369
etag: W/"5f8bebbe-3051"
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6152
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0pOPqFx%2BpsSJOk69iJtZ8%2FIKjh3DpIvBTJm963scdps%2Bg1MqtoR%2BHy3QDBHX89qMH%2B4yPrUeit%2FOtInuss8U9UqCkBLfp61Rfcv4sAdS7kv3IeA8A4gtKTN3EdHz9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f59a4d6bc6b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bowfile.com/themes/spirit/assets/frontend/js/flickity.min.js

172.67.205.230

200 OK

54 kB

URL GET HTTP/3
bowfile.com/themes/spirit/assets/frontend/js/flickity.min.js
IP
172.67.205.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectbowfile.com
FingerprintEC:7E:59:5C:5B:DD:A7:5D:20:C2:E0:F9:FC:C2:B7:38:83:BB:87:19
ValidityThu, 16 Nov 2023 00:08:33 GMT - Wed, 14 Feb 2024 00:08:32 GMT

File type
ASCII text, with very long lines (32032), with CRLF line terminators
Size
54 kB (53873 bytes)
Hash
8c1e666176ac7bdce67d58b45823ffac
75947e4316427ce0c5e33300aeb4dc4d7d54dd09
c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6

HTTP Headers

GET /themes/spirit/assets/frontend/js/flickity.min.js HTTP/1.1
Host: bowfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/a5fc
Cookie: filehosting=hik21juim75185c7m46ul6i07i
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 02 Dec 2023 18:23:44 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
vary: Accept-Encoding
etag: W/"5f8bebc0-d271"
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 5381
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nSiGG4mV1xtOFrRiqyQOmZdDRa5v5OF80wAFPam8ZQmIGTP7CP3Q2cyKIk%2FXGZa4l03sX7UGIXh8DfgMaMu6Eya%2FetlQuyh1KvLzebYYxBv%2B%2FbhcgjXbzdEwPGy1kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f59a4d9bf4b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bowfile.com/themes/spirit/assets/frontend/js/countdown.min.js

172.67.205.230

200 OK

5.4 kB

URL GET HTTP/3
bowfile.com/themes/spirit/assets/frontend/js/countdown.min.js
IP
172.67.205.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectbowfile.com
FingerprintEC:7E:59:5C:5B:DD:A7:5D:20:C2:E0:F9:FC:C2:B7:38:83:BB:87:19
ValidityThu, 16 Nov 2023 00:08:33 GMT - Wed, 14 Feb 2024 00:08:32 GMT

File type
ASCII text, with very long lines (5507), with no line terminators
Size
5.4 kB (5360 bytes)
Hash
0a9988ecd74ad96d83a8e257f5f5e0f1
2f85fdf86f65c0a2a477ef02af754827b7a5a069
c292f5ba20b0ba73fcd40289791f0e0be99c49d83fc5226881da97ad78e9c061

HTTP Headers

GET /themes/spirit/assets/frontend/js/countdown.min.js HTTP/1.1
Host: bowfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/a5fc
Cookie: filehosting=hik21juim75185c7m46ul6i07i
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 02 Dec 2023 18:23:44 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
vary: Accept-Encoding
etag: W/"5f8bebc0-14f0"
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 5381
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1NzKEmStBRNelxNTaPJTRPpj1QN%2F%2Fm7XbpWX5CRDtX4Gr0fCLVaM51fX2BGRVDMiYtrn8LiYjw%2BkVxbA%2F7Hc1f6TRckn55ZnFNbnYQxtX3wrjbuafHJVwBGaMginfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f59a4dac03b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bowfile.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js

172.67.205.230

200 OK

6.0 kB

URL GET HTTP/3
bowfile.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js
IP
172.67.205.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectbowfile.com
FingerprintEC:7E:59:5C:5B:DD:A7:5D:20:C2:E0:F9:FC:C2:B7:38:83:BB:87:19
ValidityThu, 16 Nov 2023 00:08:33 GMT - Wed, 14 Feb 2024 00:08:32 GMT

File type
ASCII text, with very long lines (6203), with no line terminators
Size
6.0 kB (6028 bytes)
Hash
e2cb768d67ad989791afcb5f2865e847
3f744595f23463b6be98a9b767f17ffc513d2b2a
1c03002798c2de182a135a060de3bc4c751bf5e33163369ef266ea484037aa4e

HTTP Headers

GET /themes/spirit/assets/frontend/js/smooth-scroll.min.js HTTP/1.1
Host: bowfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/a5fc
Cookie: filehosting=hik21juim75185c7m46ul6i07i
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 02 Dec 2023 18:23:44 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
vary: Accept-Encoding
etag: W/"5f8bebc0-178c"
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 5381
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTk9j8Fb51M%2FAdKMkfcLpk6z038S38XpggtXvNCJv%2FBJj7WwZ%2BejfNCU5kXJ40unXxBKZvgnSDi2VX8PJo8%2BlaX6SFi2xtI3XBYyLty4pFGRB2Hfll0Mv8VDnWIGEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f59a4dac11b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i

142.250.74.106

200 OK

20 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text
Size
20 kB (20235 bytes)
Hash
c1ee942d9e8618743da7880c448a4063
28e5fd4fc67bab9dadd97898fb41b02aa6167d37
57907596387af97ba3585ca324570ef46e83cd57f597052a1972ab4eb6dc414c

HTTP Headers

GET /css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 02 Dec 2023 18:23:44 GMT
date: Sat, 02 Dec 2023 18:23:44 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.106

200 OK

565 B

URL GET HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (588), with no line terminators
Size
565 B (565 bytes)
Hash
bdcf60bde5544e1017e1f2e60888a9c7
6fb24309b7ff90c1c99d19c0c7a127a16508840e
d701601406acfca6bfc0c58b411446e3e0e96c659f35c143355d3dd72c390952

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 02 Dec 2023 18:23:44 GMT
date: Sat, 02 Dec 2023 18:23:44 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

bowfile.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js

172.67.205.230

200 OK

70 kB

URL GET HTTP/3
bowfile.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js
IP
172.67.205.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectbowfile.com
FingerprintEC:7E:59:5C:5B:DD:A7:5D:20:C2:E0:F9:FC:C2:B7:38:83:BB:87:19
ValidityThu, 16 Nov 2023 00:08:33 GMT - Wed, 14 Feb 2024 00:08:32 GMT

File type
ASCII text, with very long lines (768), with CRLF line terminators
Size
70 kB (69754 bytes)
Hash
6fda19caa29287e6f584f0557fdeb6d4
40f58160090cd1f022704ee1352b343adb9e73b9
8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f

HTTP Headers

GET /themes/spirit/assets/frontend/js/jquery.dataTables.min.js HTTP/1.1
Host: bowfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/a5fc
Cookie: filehosting=hik21juim75185c7m46ul6i07i
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 02 Dec 2023 18:23:44 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
vary: Accept-Encoding
etag: W/"5f8bebc0-1107a"
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 5381
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jfTd76%2BQ%2FRGgFlNR2Yv%2F41VjNVYefL1FnJc4arOroDUnjGyozbNniQuGKsMXjQHkhpnP7oKJmJ3p5DNKsriHj7ZBT2m2iGxXC1Hl7bcjvzD9JosZyofjy5vX7VNlMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f59a4d9bf2b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bowfile.com/themes/spirit/assets/frontend/js/jquery.steps.min.js

172.67.205.230

200 OK

14 kB

URL GET HTTP/3
bowfile.com/themes/spirit/assets/frontend/js/jquery.steps.min.js
IP
172.67.205.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectbowfile.com
FingerprintEC:7E:59:5C:5B:DD:A7:5D:20:C2:E0:F9:FC:C2:B7:38:83:BB:87:19
ValidityThu, 16 Nov 2023 00:08:33 GMT - Wed, 14 Feb 2024 00:08:32 GMT

File type
ASCII text, with very long lines (13686), with CRLF line terminators
Size
14 kB (13862 bytes)
Hash
0eef6fe46d14f860d5666d2c7b13a564
7ab5f7deaca2f71efbc3bf9f5ba27b89d4697dbe
95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843

HTTP Headers

GET /themes/spirit/assets/frontend/js/jquery.steps.min.js HTTP/1.1
Host: bowfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/a5fc
Cookie: filehosting=hik21juim75185c7m46ul6i07i
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 02 Dec 2023 18:23:44 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
vary: Accept-Encoding
etag: W/"5f8bebc0-3626"
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 5381
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0IoynzQ2vZiHoqCJGZiIR5%2Fo9d9VSLyf87hqLDNAs2aQgddj5EJQmuGDBhD7AmTCrZyQRjGOd3R50IomxAwbJJyDW6hamI6epfk5Fjg3Lp7SO%2BUzTyHAhAReZb91YA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f59a4dac01b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bowfile.com/themes/spirit/assets/frontend/js/granim.min.js

172.67.205.230

200 OK

11 kB

URL GET HTTP/3
bowfile.com/themes/spirit/assets/frontend/js/granim.min.js
IP
172.67.205.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectbowfile.com
FingerprintEC:7E:59:5C:5B:DD:A7:5D:20:C2:E0:F9:FC:C2:B7:38:83:BB:87:19
ValidityThu, 16 Nov 2023 00:08:33 GMT - Wed, 14 Feb 2024 00:08:32 GMT

File type
ASCII text, with very long lines (10573), with CRLF line terminators
Size
11 kB (10635 bytes)
Hash
714368d20c70f8c91b0a596e128dac07
563954ec3a896fc129d014f01836245829f6d01d
e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3

HTTP Headers

GET /themes/spirit/assets/frontend/js/granim.min.js HTTP/1.1
Host: bowfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/a5fc
Cookie: filehosting=hik21juim75185c7m46ul6i07i
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 02 Dec 2023 18:23:44 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
vary: Accept-Encoding
etag: W/"5f8bebc0-298b"
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 5381
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YYnQg5BfTfxLG0kUvvDov60eDbGL5UwHL4d32Z%2FiEq5%2BEsi29l%2BqjsflQ5LIbkZ4cpp%2BhVaHhk46vwRfWUk3ZfN7Yf%2FPpde5yCv2t3tm%2FPZekUtJjkgma33lw8uOhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f59a4dac00b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cameesse.net/11?rnd=2398889027&z=6649610&b=19427765&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=BmPITzlQtoYbqzIgztvummayxTge68WWyhnwBBZyvuGtc4ME26-3y2zyvSDRYGFIdu9myVnbbOZj2Xd3YDJxYvrrZG63DRc-MIvE1Neevd_sTEM7kEf7BKYK5TJWTlfbBeqdF3-YAu5tR0NcqA5NgUvJisz2nkUg0gGTWYqjyhUMCB4ieMZjG9hHrJiXbARCeWOSDNbDwf_vdxb57ziEaG79b1AUBYpkc3vfa52-b7k_7wFVSZlh1N8lXWk5WEQ09JWbt12Y-1_Y96zHT7aI2WkK3exKkLdUNq9AYkaQV3NRuAEiyAPI-iyUdVBdVql0slr3WaeQiULPaXs75wmUaDM6tEY0GKngeT3uXxPjKUcrhcsINTTazc7dme0VpFfj0EM_VA0XvRDQEtKTVkNzJIkuZxWqsHW-EQqYN_eHlmMV4EKpEZU53r0JWsBZ9cxYOkWhlglY-1AhSox9SWuAxf5E9DtQ7yaulr5vz6pBNYBcbhDjyjx3102yK2giWK-aQ8i9p1i72cJehlWrIfLxZ2xnI5-vCGfIoWdCPBNtBsRYZpIwpOe50frdzl4wTGyE31vG7tCBt77SUQk64N4uNSS7fGchR1JHSnka8XlzMhiHdYBeFHK9VMvdTUu7MKcLsd_eFMBI17ecLxDSTshhIjFBMsOi-LTkg3QLPsrWJS4=&ruid=21d17c4b-6c69-4ee8-9f75-f5287526c10e&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fbowfile.com%2Fa5fc&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&ot=91

139.45.197.242

200 OK

0 B

URL GET HTTP/2
cameesse.net/11?rnd=2398889027&z=6649610&b=19427765&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=BmPITzlQtoYbqzIgztvummayxTge68WWyhnwBBZyvuGtc4ME26-3y2zyvSDRYGFIdu9myVnbbOZj2Xd3YDJxYvrrZG63DRc-MIvE1Neevd_sTEM7kEf7BKYK5TJWTlfbBeqdF3-YAu5tR0NcqA5NgUvJisz2nkUg0gGTWYqjyhUMCB4ieMZjG9hHrJiXbARCeWOSDNbDwf_vdxb57ziEaG79b1AUBYpkc3vfa52-b7k_7wFVSZlh1N8lXWk5WEQ09JWbt12Y-1_Y96zHT7aI2WkK3exKkLdUNq9AYkaQV3NRuAEiyAPI-iyUdVBdVql0slr3WaeQiULPaXs75wmUaDM6tEY0GKngeT3uXxPjKUcrhcsINTTazc7dme0VpFfj0EM_VA0XvRDQEtKTVkNzJIkuZxWqsHW-EQqYN_eHlmMV4EKpEZU53r0JWsBZ9cxYOkWhlglY-1AhSox9SWuAxf5E9DtQ7yaulr5vz6pBNYBcbhDjyjx3102yK2giWK-aQ8i9p1i72cJehlWrIfLxZ2xnI5-vCGfIoWdCPBNtBsRYZpIwpOe50frdzl4wTGyE31vG7tCBt77SUQk64N4uNSS7fGchR1JHSnka8XlzMhiHdYBeFHK9VMvdTUu7MKcLsd_eFMBI17ecLxDSTshhIjFBMsOi-LTkg3QLPsrWJS4=&ruid=21d17c4b-6c69-4ee8-9f75-f5287526c10e&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fbowfile.com%2Fa5fc&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&ot=91
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://bowfile.com/a5fc
Certificate
IssuerLet's Encrypt
Subjectcameesse.net
Fingerprint95:AE:4C:29:A9:9F:0C:04:38:32:00:81:30:07:95:A7:F8:B0:77:D6
ValidityWed, 18 Oct 2023 10:27:53 GMT - Tue, 16 Jan 2024 10:27:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /11?rnd=2398889027&z=6649610&b=19427765&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=BmPITzlQtoYbqzIgztvummayxTge68WWyhnwBBZyvuGtc4ME26-3y2zyvSDRYGFIdu9myVnbbOZj2Xd3YDJxYvrrZG63DRc-MIvE1Neevd_sTEM7kEf7BKYK5TJWTlfbBeqdF3-YAu5tR0NcqA5NgUvJisz2nkUg0gGTWYqjyhUMCB4ieMZjG9hHrJiXbARCeWOSDNbDwf_vdxb57ziEaG79b1AUBYpkc3vfa52-b7k_7wFVSZlh1N8lXWk5WEQ09JWbt12Y-1_Y96zHT7aI2WkK3exKkLdUNq9AYkaQV3NRuAEiyAPI-iyUdVBdVql0slr3WaeQiULPaXs75wmUaDM6tEY0GKngeT3uXxPjKUcrhcsINTTazc7dme0VpFfj0EM_VA0XvRDQEtKTVkNzJIkuZxWqsHW-EQqYN_eHlmMV4EKpEZU53r0JWsBZ9cxYOkWhlglY-1AhSox9SWuAxf5E9DtQ7yaulr5vz6pBNYBcbhDjyjx3102yK2giWK-aQ8i9p1i72cJehlWrIfLxZ2xnI5-vCGfIoWdCPBNtBsRYZpIwpOe50frdzl4wTGyE31vG7tCBt77SUQk64N4uNSS7fGchR1JHSnka8XlzMhiHdYBeFHK9VMvdTUu7MKcLsd_eFMBI17ecLxDSTshhIjFBMsOi-LTkg3QLPsrWJS4=&ruid=21d17c4b-6c69-4ee8-9f75-f5287526c10e&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fbowfile.com%2Fa5fc&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&ot=91 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bowfile.com
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/
Cookie: scm=1; OAID=8e91ab473ad54ae0a7aa30af2b540771; oaidts=1701541425
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 02 Dec 2023 18:23:46 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://bowfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: ff1750356196b3332538737ba73783c3
access-control-expose-headers: X-Sc
set-cookie: OAID=8e91ab473ad54ae0a7aa30af2b540771; expires=Sun, 01 Dec 2024 18:23:46 GMT; secure; SameSite=None
oaidts=1701541425; expires=Sun, 01 Dec 2024 18:23:46 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

waust.at/c.js

104.26.5.7

200 OK

13 kB

URL GET HTTP/2
waust.at/c.js
IP
104.26.5.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA4:3D:6E:A9:C7:6B:CD:4B:7B:04:51:4F:D1:D7:10:2D:12:92:F9:58
ValiditySun, 04 Jun 2023 00:00:00 GMT - Mon, 03 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (12997), with no line terminators
Size
13 kB (12997 bytes)
Hash
45bfa6dedd6f7a9ce980b168e0350ad0
82c6b381da9abd8cb3db22ba4868287fe4e976f1
856420e1f59d0096185cdaac909fa54a9f596f52255d7a5f1ac502403f61d3ab

HTTP Headers

GET /c.js HTTP/1.1
Host: waust.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 02 Dec 2023 18:23:44 GMT
content-type: application/x-javascript
last-modified: Thu, 12 Jan 2023 17:19:36 GMT
etag: W/"63c04128-32c5"
expires: Sun, 03 Dec 2023 17:29:30 GMT
cache-control: max-age=86400
access-control-allow-origin: *
cf-cache-status: HIT
age: 3254
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7MdH0kOW3X1M84oiThcnPPGriYUWMP3tSYq9FPBGMNWEAXcpHjgi%2FJrLM3OA2DEnmG8o2qWChnKcroVhm%2FhFR7CIcQYKIKaSgSS7x0WVZVx8%2B%2FodDBydDnSh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f59a4e1a9a568b-OSL
content-encoding: br
X-Firefox-Spdy: h2

glersakr.com/?rb=xFKT9bIBzLurX0yi0-6sMGCE9ZgQDnNM-pSLnbKhiH9Yygx0es9Orc8L3Fiy8Q4mmFXgs_t5kJT8dpB1ctOx_2Kd2bg1uCiRDNbvHpAuxGW0anp69r89lHTSNNStxUhBF76bJ_ukN7ID7Kob1spmzA-lZ3cnRcLDMXhK3JYiyhVrG1s4JEoHnPpKR7DivIX6Ob0iF5qQg7tRBcuEOeJSgGhHKLVjcRLbYLu9fg%3D%3D&request_ab2=0&zoneid=6488452&js_build=iclick-v1.635.5-auto&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=1&pl=https%3A%2F%2Fbowfile.com%2Fa5fc&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.635.5-auto&bs=1cea7a52-0880-411e-bd38-f112660096cd&userId=8e91ab473ad54ae0a7aa30af2b540771&m=link

139.45.197.239

200 OK

1.8 kB

URL GET HTTP/2
glersakr.com/?rb=xFKT9bIBzLurX0yi0-6sMGCE9ZgQDnNM-pSLnbKhiH9Yygx0es9Orc8L3Fiy8Q4mmFXgs_t5kJT8dpB1ctOx_2Kd2bg1uCiRDNbvHpAuxGW0anp69r89lHTSNNStxUhBF76bJ_ukN7ID7Kob1spmzA-lZ3cnRcLDMXhK3JYiyhVrG1s4JEoHnPpKR7DivIX6Ob0iF5qQg7tRBcuEOeJSgGhHKLVjcRLbYLu9fg%3D%3D&request_ab2=0&zoneid=6488452&js_build=iclick-v1.635.5-auto&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=1&pl=https%3A%2F%2Fbowfile.com%2Fa5fc&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.635.5-auto&bs=1cea7a52-0880-411e-bd38-f112660096cd&userId=8e91ab473ad54ae0a7aa30af2b540771&m=link
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://bowfile.com/a5fc
Certificate
IssuerLet's Encrypt
Subjectglersakr.com
Fingerprint78:DE:BA:CB:7A:B7:A3:A1:D3:F5:58:84:3A:44:AD:2A:DB:14:6E:68
ValiditySat, 07 Oct 2023 07:22:12 GMT - Fri, 05 Jan 2024 07:22:11 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1806), with no line terminators
Size
1.8 kB (1786 bytes)
Hash
ad7472dc1fb2f18a7a1276516cf3ffda
43732031e3b604196f8a01a7fab0e2412be3ef59
0ec75f8e6a860de5c95a37f2ab011ffcd13f52229d06a3c6e3cd3347f58043ce

HTTP Headers

GET /?rb=xFKT9bIBzLurX0yi0-6sMGCE9ZgQDnNM-pSLnbKhiH9Yygx0es9Orc8L3Fiy8Q4mmFXgs_t5kJT8dpB1ctOx_2Kd2bg1uCiRDNbvHpAuxGW0anp69r89lHTSNNStxUhBF76bJ_ukN7ID7Kob1spmzA-lZ3cnRcLDMXhK3JYiyhVrG1s4JEoHnPpKR7DivIX6Ob0iF5qQg7tRBcuEOeJSgGhHKLVjcRLbYLu9fg%3D%3D&request_ab2=0&zoneid=6488452&js_build=iclick-v1.635.5-auto&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=1&pl=https%3A%2F%2Fbowfile.com%2Fa5fc&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.635.5-auto&bs=1cea7a52-0880-411e-bd38-f112660096cd&userId=8e91ab473ad54ae0a7aa30af2b540771&m=link HTTP/1.1
Host: glersakr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bowfile.com/
Origin: https://bowfile.com
DNT: 1
Connection: keep-alive
Cookie: OAID=8e91ab473ad54ae0a7aa30af2b540771; oaidts=1701541425
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 02 Dec 2023 18:23:45 GMT
content-type: application/json
x-trace-id: db46e76aae6f19541b70d72ea28f1923
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://bowfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=8e91ab473ad54ae0a7aa30af2b540771; expires=Sun, 01 Dec 2024 18:23:45 GMT; path=/; secure; SameSite=None
oaidts=1701541425; expires=Sun, 01 Dec 2024 18:23:45 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 09 Dec 2023 18:23:45 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

interbuzznews.com/?l=kzHKSWcZinJTibQ&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3032564163%26z%3D6649610%26b%3D19427765%26c%3D7595353%26var%3D%26varid%3D0%26d%3Dhttp%253A%252F%252Fsinglewomenmeet.com%252Fbase.php%253Fc%253D3576%2526key%253D6878efbd7e6d318c378b17a4469f5644%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DBmPITzlQtoYbqzIgztvummayxTge68WWyhnwBBZyvuGtc4ME26-3y2zyvSDRYGFIdu9myVnbbOZj2Xd3YDJxYvrrZG63DRc-MIvE1Neevd_sTEM7kEf7BKYK5TJWTlfbBeqdF3-YAu5tR0NcqA5NgUvJisz2nkUg0gGTWYqjyhUMCB4ieMZjG9hHrJiXbARCeWOSDNbDwf_vdxb57ziEaG79b1AUBYpkc3vfa52-b7k_7wFVSZlh1N8lXWk5WEQ09JWbt12Y-1_Y96zHT7aI2WkK3exKkLdUNq9AYkaQV3NRuAEiyAPI-iyUdVBdVql0slr3WaeQiULPaXs75wmUaDM6tEY0GKngeT3uXxPjKUcrhcsINTTazc7dme0VpFfj0EM_VA0XvRDQEtKTVkNzJIkuZxWqsHW-EQqYN_eHlmMV4EKpEZU53r0JWsBZ9cxYOkWhlglY-1AhSox9SWuAxf5E9DtQ7yaulr5vz6pBNYBcbhDjyjx3102yK2giWK-aQ8i9p1i72cJehlWrIfLxZ2xnI5-vCGfIoWdCPBNtBsRYZpIwpOe50frdzl4wTGyE31vG7tCBt77SUQk64N4uNSS7fGchR1JHSnka8XlzMhiHdYBeFHK9VMvdTUu7MKcLsd_eFMBI17ecLxDSTshhIjFBMsOi-LTkg3QLPsrWJS4%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3D21d17c4b-6c69-4ee8-9f75-f5287526c10e%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fbowfile.com%252Fa5fc%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D1024%26wfc%3D1%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0

139.45.197.154

200 OK

9.7 kB

URL GET HTTP/2
interbuzznews.com/?l=kzHKSWcZinJTibQ&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3032564163%26z%3D6649610%26b%3D19427765%26c%3D7595353%26var%3D%26varid%3D0%26d%3Dhttp%253A%252F%252Fsinglewomenmeet.com%252Fbase.php%253Fc%253D3576%2526key%253D6878efbd7e6d318c378b17a4469f5644%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DBmPITzlQtoYbqzIgztvummayxTge68WWyhnwBBZyvuGtc4ME26-3y2zyvSDRYGFIdu9myVnbbOZj2Xd3YDJxYvrrZG63DRc-MIvE1Neevd_sTEM7kEf7BKYK5TJWTlfbBeqdF3-YAu5tR0NcqA5NgUvJisz2nkUg0gGTWYqjyhUMCB4ieMZjG9hHrJiXbARCeWOSDNbDwf_vdxb57ziEaG79b1AUBYpkc3vfa52-b7k_7wFVSZlh1N8lXWk5WEQ09JWbt12Y-1_Y96zHT7aI2WkK3exKkLdUNq9AYkaQV3NRuAEiyAPI-iyUdVBdVql0slr3WaeQiULPaXs75wmUaDM6tEY0GKngeT3uXxPjKUcrhcsINTTazc7dme0VpFfj0EM_VA0XvRDQEtKTVkNzJIkuZxWqsHW-EQqYN_eHlmMV4EKpEZU53r0JWsBZ9cxYOkWhlglY-1AhSox9SWuAxf5E9DtQ7yaulr5vz6pBNYBcbhDjyjx3102yK2giWK-aQ8i9p1i72cJehlWrIfLxZ2xnI5-vCGfIoWdCPBNtBsRYZpIwpOe50frdzl4wTGyE31vG7tCBt77SUQk64N4uNSS7fGchR1JHSnka8XlzMhiHdYBeFHK9VMvdTUu7MKcLsd_eFMBI17ecLxDSTshhIjFBMsOi-LTkg3QLPsrWJS4%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3D21d17c4b-6c69-4ee8-9f75-f5287526c10e%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fbowfile.com%252Fa5fc%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D1024%26wfc%3D1%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP
139.45.197.154:443
ASN
#9002 RETN Limited

Requested by
https://bowfile.com/a5fc
Certificate
IssuerLet's Encrypt
Subjectinterbuzznews.com
FingerprintB5:C4:C7:F0:3F:BC:50:A9:21:50:39:B8:F8:2E:7E:72:56:62:E7:33
ValidityFri, 22 Sep 2023 05:18:00 GMT - Thu, 21 Dec 2023 05:17:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (10000), with no line terminators
Size
9.7 kB (9679 bytes)
Hash
f9770af0f85474861985e62575ffa43c
8e959182845a2e5c08d87ad363584545396dea5f
298fbe7b8d28afbd8d38d1bb9dbccfddbb5d2c9b04136f05464e734e79f9d36e

HTTP Headers

GET /?l=kzHKSWcZinJTibQ&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3032564163%26z%3D6649610%26b%3D19427765%26c%3D7595353%26var%3D%26varid%3D0%26d%3Dhttp%253A%252F%252Fsinglewomenmeet.com%252Fbase.php%253Fc%253D3576%2526key%253D6878efbd7e6d318c378b17a4469f5644%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DBmPITzlQtoYbqzIgztvummayxTge68WWyhnwBBZyvuGtc4ME26-3y2zyvSDRYGFIdu9myVnbbOZj2Xd3YDJxYvrrZG63DRc-MIvE1Neevd_sTEM7kEf7BKYK5TJWTlfbBeqdF3-YAu5tR0NcqA5NgUvJisz2nkUg0gGTWYqjyhUMCB4ieMZjG9hHrJiXbARCeWOSDNbDwf_vdxb57ziEaG79b1AUBYpkc3vfa52-b7k_7wFVSZlh1N8lXWk5WEQ09JWbt12Y-1_Y96zHT7aI2WkK3exKkLdUNq9AYkaQV3NRuAEiyAPI-iyUdVBdVql0slr3WaeQiULPaXs75wmUaDM6tEY0GKngeT3uXxPjKUcrhcsINTTazc7dme0VpFfj0EM_VA0XvRDQEtKTVkNzJIkuZxWqsHW-EQqYN_eHlmMV4EKpEZU53r0JWsBZ9cxYOkWhlglY-1AhSox9SWuAxf5E9DtQ7yaulr5vz6pBNYBcbhDjyjx3102yK2giWK-aQ8i9p1i72cJehlWrIfLxZ2xnI5-vCGfIoWdCPBNtBsRYZpIwpOe50frdzl4wTGyE31vG7tCBt77SUQk64N4uNSS7fGchR1JHSnka8XlzMhiHdYBeFHK9VMvdTUu7MKcLsd_eFMBI17ecLxDSTshhIjFBMsOi-LTkg3QLPsrWJS4%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3D21d17c4b-6c69-4ee8-9f75-f5287526c10e%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fbowfile.com%252Fa5fc%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D1024%26wfc%3D1%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interbuzznews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 02 Dec 2023 18:23:46 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
set-cookie: reverse=9F8_I3htpc-0Xd6xUdORDC8SvqAYLU61yx3xcXyqWYo; expires=Sat, 02-Dec-2023 19:23:46 GMT; Max-Age=3600; path=/
OAID=c73afe2f93528c7aad44f7ec4460e565; expires=Thu, 03-Nov-2078 12:47:32 GMT; Max-Age=1733163826; path=/
oaidts=1701541426; expires=Thu, 03-Nov-2078 12:47:32 GMT; Max-Age=1733163826; path=/
syncedCookie=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2

bowfile.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js

172.67.205.230

200 OK

87 kB

URL GET HTTP/3
bowfile.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js
IP
172.67.205.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectbowfile.com
FingerprintEC:7E:59:5C:5B:DD:A7:5D:20:C2:E0:F9:FC:C2:B7:38:83:BB:87:19
ValidityThu, 16 Nov 2023 00:08:33 GMT - Wed, 14 Feb 2024 00:08:32 GMT

File type
ASCII text, with very long lines (32030), with CRLF line terminators
Size
87 kB (86713 bytes)
Hash
5b5a269bd363e0886c17d855c2aab241
042dd055cd289215835a58507c9531f808e1648a
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e

HTTP Headers

GET /themes/spirit/assets/frontend/js/jquery-3.1.1.min.js HTTP/1.1
Host: bowfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/a5fc
Cookie: filehosting=hik21juim75185c7m46ul6i07i
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 02 Dec 2023 18:23:44 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
vary: Accept-Encoding
etag: W/"5f8bebc0-152b9"
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 5381
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0XfaOdt3X8vECBJ6rYJTZSQ3tfVg2u44X%2BJUl0zmbjJaGD9dgSe5Wq5JRaMOVu33VRZeNhTJ3zruXIHY4%2FdFrvsEnXFngBfR0qZ8MTbkOF49yfXJScjvX%2FkBAOrwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f59a4d9befb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

t.dtscout.com/pv/?_a=v&_h=bowfile.com&_ss=as1ys0041p&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=6t2o&_cb=_dtspv.c

141.101.120.10

200 OK

52 B

URL GET HTTP/2
t.dtscout.com/pv/?_a=v&_h=bowfile.com&_ss=as1ys0041p&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=6t2o&_cb=_dtspv.c
IP
141.101.120.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectdtscout.com
FingerprintED:BC:CA:7A:78:18:22:D3:92:DE:9B:2B:FD:8B:46:45:52:B6:A6:40
ValidityMon, 20 Nov 2023 09:56:51 GMT - Sun, 18 Feb 2024 09:56:50 GMT

File type
ASCII text, with no line terminators
Size
52 B (52 bytes)
Hash
1f03660a5db5c2abcab57ed1873dadd4
f3ce64610ff26d1eb3786ccc6b918dbea83dba83
519277012d82ad08069df71e0c8403e0b3b6e9616fb5c52e2bd8a294bb16ea25

HTTP Headers

GET /pv/?_a=v&_h=bowfile.com&_ss=as1ys0041p&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=6t2o&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/
Cookie: m=1; oa=1; df=1701541425
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 02 Dec 2023 18:23:45 GMT
content-type: application/javascript
x-t: 0.18
x-c: 0
expires: Sat, 02 Dec 2023 18:23:44 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TfJssV5zr1yZ0%2Fvra1KLuaYcsZgESVcyX0Fo%2BJo%2BprwUARdK4eBM93PM%2BH7%2B1UnEBqOgtxDCoc%2Byx88LnL%2BC2ZF6v7olt22Z5mCPLWEEoRE2tpbwGwtWCVbZYYsI2sM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f59a561aa85f09-ARN
content-encoding: br
X-Firefox-Spdy: h2

bowfile.com/themes/spirit/assets/frontend/js/typed.min.js

172.67.205.230

200 OK

3.9 kB

URL GET HTTP/3
bowfile.com/themes/spirit/assets/frontend/js/typed.min.js
IP
172.67.205.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectbowfile.com
FingerprintEC:7E:59:5C:5B:DD:A7:5D:20:C2:E0:F9:FC:C2:B7:38:83:BB:87:19
ValidityThu, 16 Nov 2023 00:08:33 GMT - Wed, 14 Feb 2024 00:08:32 GMT

File type
ASCII text, with very long lines (4016), with no line terminators
Size
3.9 kB (3949 bytes)
Hash
774397f3c0e528c9236aa2aa52e7f00d
8827256327d046805954084e9b5002247e073ceb
d2b259a9bb83973272b1e93c242646451df16bc3860ac6c8f3689df92ad98140

HTTP Headers

GET /themes/spirit/assets/frontend/js/typed.min.js HTTP/1.1
Host: bowfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/a5fc
Cookie: filehosting=hik21juim75185c7m46ul6i07i
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 02 Dec 2023 18:23:44 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
vary: Accept-Encoding
etag: W/"5f8bebc0-f6d"
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 5381
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4XzpqyTpZGJcJSXJJ5NRBI%2FhjTSUpzCLWgmCSYj7e9Shvh8vRfTqf%2BhD%2B6udsUB4Cpp%2FkcxZywFcKTzb7tVJ3FtXho65%2BET7cjlwD28eVVeOTxTwll5BUe7YFzpCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f59a4dabfdb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

interbuzznews.com/contents/s/ce/c1/ce/fae62b87ac8ffd152fb67c62f3/01133900792764.jpeg

139.45.197.154

200 OK

76 kB

URL GET HTTP/2
interbuzznews.com/contents/s/ce/c1/ce/fae62b87ac8ffd152fb67c62f3/01133900792764.jpeg
IP
139.45.197.154:443
ASN
#9002 RETN Limited

Requested by
https://interbuzznews.com/?l=kzHKSWcZinJTibQ&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3032564163%26z%3D6649610%26b%3D19427765%26c%3D7595353%26var%3D%26varid%3D0%26d%3Dhttp%253A%252F%252Fsinglewomenmeet.com%252Fbase.php%253Fc%253D3576%2526key%253D6878efbd7e6d318c378b17a4469f5644%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DBmPITzlQtoYbqzIgztvummayxTge68WWyhnwBBZyvuGtc4ME26-3y2zyvSDRYGFIdu9myVnbbOZj2Xd3YDJxYvrrZG63DRc-MIvE1Neevd_sTEM7kEf7BKYK5TJWTlfbBeqdF3-YAu5tR0NcqA5NgUvJisz2nkUg0gGTWYqjyhUMCB4ieMZjG9hHrJiXbARCeWOSDNbDwf_vdxb57ziEaG79b1AUBYpkc3vfa52-b7k_7wFVSZlh1N8lXWk5WEQ09JWbt12Y-1_Y96zHT7aI2WkK3exKkLdUNq9AYkaQV3NRuAEiyAPI-iyUdVBdVql0slr3WaeQiULPaXs75wmUaDM6tEY0GKngeT3uXxPjKUcrhcsINTTazc7dme0VpFfj0EM_VA0XvRDQEtKTVkNzJIkuZxWqsHW-EQqYN_eHlmMV4EKpEZU53r0JWsBZ9cxYOkWhlglY-1AhSox9SWuAxf5E9DtQ7yaulr5vz6pBNYBcbhDjyjx3102yK2giWK-aQ8i9p1i72cJehlWrIfLxZ2xnI5-vCGfIoWdCPBNtBsRYZpIwpOe50frdzl4wTGyE31vG7tCBt77SUQk64N4uNSS7fGchR1JHSnka8XlzMhiHdYBeFHK9VMvdTUu7MKcLsd_eFMBI17ecLxDSTshhIjFBMsOi-LTkg3QLPsrWJS4%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3D21d17c4b-6c69-4ee8-9f75-f5287526c10e%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fbowfile.com%252Fa5fc%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D1024%26wfc%3D1%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Certificate
IssuerLet's Encrypt
Subjectinterbuzznews.com
FingerprintB5:C4:C7:F0:3F:BC:50:A9:21:50:39:B8:F8:2E:7E:72:56:62:E7:33
ValidityFri, 22 Sep 2023 05:18:00 GMT - Thu, 21 Dec 2023 05:17:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Size
76 kB (75924 bytes)
Hash
cec1cefae62b87ac8ffd152fb67c62f3
5ad9ab10582d18882a0460169b8bc163297cfd9b
6b911a21ac38a27da56d277be7c268886f1adc52d6e68bd5169feaf2a76f863c

HTTP Headers

GET /contents/s/ce/c1/ce/fae62b87ac8ffd152fb67c62f3/01133900792764.jpeg HTTP/1.1
Host: interbuzznews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://interbuzznews.com/?l=kzHKSWcZinJTibQ&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3032564163%26z%3D6649610%26b%3D19427765%26c%3D7595353%26var%3D%26varid%3D0%26d%3Dhttp%253A%252F%252Fsinglewomenmeet.com%252Fbase.php%253Fc%253D3576%2526key%253D6878efbd7e6d318c378b17a4469f5644%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DBmPITzlQtoYbqzIgztvummayxTge68WWyhnwBBZyvuGtc4ME26-3y2zyvSDRYGFIdu9myVnbbOZj2Xd3YDJxYvrrZG63DRc-MIvE1Neevd_sTEM7kEf7BKYK5TJWTlfbBeqdF3-YAu5tR0NcqA5NgUvJisz2nkUg0gGTWYqjyhUMCB4ieMZjG9hHrJiXbARCeWOSDNbDwf_vdxb57ziEaG79b1AUBYpkc3vfa52-b7k_7wFVSZlh1N8lXWk5WEQ09JWbt12Y-1_Y96zHT7aI2WkK3exKkLdUNq9AYkaQV3NRuAEiyAPI-iyUdVBdVql0slr3WaeQiULPaXs75wmUaDM6tEY0GKngeT3uXxPjKUcrhcsINTTazc7dme0VpFfj0EM_VA0XvRDQEtKTVkNzJIkuZxWqsHW-EQqYN_eHlmMV4EKpEZU53r0JWsBZ9cxYOkWhlglY-1AhSox9SWuAxf5E9DtQ7yaulr5vz6pBNYBcbhDjyjx3102yK2giWK-aQ8i9p1i72cJehlWrIfLxZ2xnI5-vCGfIoWdCPBNtBsRYZpIwpOe50frdzl4wTGyE31vG7tCBt77SUQk64N4uNSS7fGchR1JHSnka8XlzMhiHdYBeFHK9VMvdTUu7MKcLsd_eFMBI17ecLxDSTshhIjFBMsOi-LTkg3QLPsrWJS4%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3D21d17c4b-6c69-4ee8-9f75-f5287526c10e%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fbowfile.com%252Fa5fc%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D1024%26wfc%3D1%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 02 Dec 2023 18:23:46 GMT
content-type: image/jpeg
content-length: 75924
last-modified: Thu, 23 Feb 2023 08:55:31 GMT
vary: Accept-Encoding
etag: "63f72a03-12894"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2

bowfile.com/themes/spirit/assets/frontend/css/jquery.steps.css

172.67.205.230

200 OK

4.1 kB

URL GET HTTP/3
bowfile.com/themes/spirit/assets/frontend/css/jquery.steps.css
IP
172.67.205.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectbowfile.com
FingerprintEC:7E:59:5C:5B:DD:A7:5D:20:C2:E0:F9:FC:C2:B7:38:83:BB:87:19
ValidityThu, 16 Nov 2023 00:08:33 GMT - Wed, 14 Feb 2024 00:08:32 GMT

File type
ASCII text, with very long lines (4143), with no line terminators
Size
4.1 kB (4143 bytes)
Hash
7c343c721bc783c5b8b2ca81cb940fba
2d340c14e31e158215354cb80e365148e97fcef4
a92a98c5f5245daff1abaff565ae26359f85d4cd1d383ff6e50cd599cf5b3e49

HTTP Headers

GET /themes/spirit/assets/frontend/css/jquery.steps.css HTTP/1.1
Host: bowfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/a5fc
Cookie: filehosting=hik21juim75185c7m46ul6i07i
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 02 Dec 2023 18:23:44 GMT
content-type: text/css
cache-control: public, max-age=14400
cf-bgj: minify
cf-polished: origSize=6019
etag: W/"5f8bebbe-1783"
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6152
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abw6F2uTHx%2BZtsBEV7yrXHMLncam7CydXI5LxANAKgJFn6Ro%2B8pUIC4mMbI4pYerHasYr917jHSyE45zSuis5M86alVYZGbAQJHPQPu6XzZFtkF4CWpmJH73X7n6ew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f59a4d6bc0b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bowfile.com/themes/spirit/assets/frontend/js/scripts.js

172.67.205.230

200 OK

67 kB

URL GET HTTP/3
bowfile.com/themes/spirit/assets/frontend/js/scripts.js
IP
172.67.205.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectbowfile.com
FingerprintEC:7E:59:5C:5B:DD:A7:5D:20:C2:E0:F9:FC:C2:B7:38:83:BB:87:19
ValidityThu, 16 Nov 2023 00:08:33 GMT - Wed, 14 Feb 2024 00:08:32 GMT

File type
ASCII text, with very long lines (4787)
Size
67 kB (67039 bytes)
Hash
97096667b5bfc5bf6326cc0e5fb724ee
e957d5ef30b7a4e807a13c0e39483607d8f74855
02945e324e7c86a1ee921da7d8fa596a9c11878ccfe839ac70f8badcb674d522

HTTP Headers

GET /themes/spirit/assets/frontend/js/scripts.js HTTP/1.1
Host: bowfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/a5fc
Cookie: filehosting=hik21juim75185c7m46ul6i07i
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 02 Dec 2023 18:23:44 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-bgj: minify
cf-polished: origSize=114862
etag: W/"5f8bebc0-1c0ae"
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 5381
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oncpW6A9cyG0zbseex1I5dR7ss%2Fi6ib1k6VJZfYBDSnp4%2BNJXEvLH4t1L1tKt5yjtZPJT5ufN0NR1nokMjpTrp1yGCtOfwxDgMLFh%2Fwm9yvrSQWZwj2v3xJUzYJDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f59a4dac12b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

glersakr.com/5/6488452/?oo=1&aab=1

139.45.197.239

200 OK

2.8 kB

URL GET HTTP/2
glersakr.com/5/6488452/?oo=1&aab=1
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://bowfile.com/a5fc
Certificate
IssuerLet's Encrypt
Subjectglersakr.com
Fingerprint78:DE:BA:CB:7A:B7:A3:A1:D3:F5:58:84:3A:44:AD:2A:DB:14:6E:68
ValiditySat, 07 Oct 2023 07:22:12 GMT - Fri, 05 Jan 2024 07:22:11 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3038), with no line terminators
Size
2.8 kB (2798 bytes)
Hash
a5fed3e8e8910a949ec7aa11a3c81bcc
dc736106d9ce08002df11a552be9134369d50031
d7484bd26f3a3f510dcf3d38c3f89ab5d189123b8bfb7a12588f83d802065758

HTTP Headers

GET /5/6488452/?oo=1&aab=1 HTTP/1.1
Host: glersakr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bowfile.com
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 02 Dec 2023 18:23:45 GMT
content-type: application/json
x-trace-id: 3031bc0eec2cff75b44488650dddda31
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://bowfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=8e91ab473ad54ae0a7aa30af2b540771; expires=Sun, 01 Dec 2024 18:23:45 GMT; path=/; secure; SameSite=None
oaidts=1701541425; expires=Sun, 01 Dec 2024 18:23:45 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

t.dtscout.com/i/?l=https%3A%2F%2Fbowfile.com%2Fa5fc&j=

141.101.120.10

200 OK

2.1 kB

URL GET HTTP/2
t.dtscout.com/i/?l=https%3A%2F%2Fbowfile.com%2Fa5fc&j=
IP
141.101.120.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectdtscout.com
FingerprintED:BC:CA:7A:78:18:22:D3:92:DE:9B:2B:FD:8B:46:45:52:B6:A6:40
ValidityMon, 20 Nov 2023 09:56:51 GMT - Sun, 18 Feb 2024 09:56:50 GMT

File type
ASCII text, with very long lines (2163), with no line terminators
Size
2.1 kB (2079 bytes)
Hash
8811c1da7d7cd9a89cf1c9d88cf153c1
5dd7a95e6eee435a18d261757a4aa4aeea7ae472
0c72ec693d21a33e6c802f2648030af0433badc9a020325a82550115cf5044cc

HTTP Headers

GET /i/?l=https%3A%2F%2Fbowfile.com%2Fa5fc&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 02 Dec 2023 18:23:45 GMT
content-type: application/javascript
x-s: mtl1
set-cookie: m=1; Domain=dtscout.com; Expires=Sat, 02-Dec-2023 19:47:05 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Sat, 02-Dec-2023 22:23:45 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1701541425; Domain=dtscout.com; Expires=Mon, 11-Mar-2024 18:23:45 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
x-t: 0.431
expires: Sat, 02 Dec 2023 18:23:44 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1tpPad1Sc3ly4G9KXMIlWQ%2FdOOKMP%2FjXjZh9eutKqqf9rMzUp3TjLrxWg0jBQRB%2FrXgSxlrMe84t0CdslVmVdAJncbO7YW5MQrYI4AoTSYpt5RBOQWXk4FFymio%2FmdI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f59a53ff685f09-ARN
content-encoding: br
X-Firefox-Spdy: h2

bowfile.com/themes/spirit/assets/frontend/css/flickity.css

172.67.205.230

200 OK

1.9 kB

URL GET HTTP/3
bowfile.com/themes/spirit/assets/frontend/css/flickity.css
IP
172.67.205.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectbowfile.com
FingerprintEC:7E:59:5C:5B:DD:A7:5D:20:C2:E0:F9:FC:C2:B7:38:83:BB:87:19
ValidityThu, 16 Nov 2023 00:08:33 GMT - Wed, 14 Feb 2024 00:08:32 GMT

File type
ASCII text, with very long lines (1862), with no line terminators
Size
1.9 kB (1860 bytes)
Hash
1943c6f2f395c5338f1621d895eac4a3
488fc94f029cf9d3a2a75df7207037e33dc1ee70
2a0ec4432ad208cbbf8d38c894e7b299f3b4b4560f976f70bf7c5a7f22a0b9cb

HTTP Headers

GET /themes/spirit/assets/frontend/css/flickity.css HTTP/1.1
Host: bowfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/a5fc
Cookie: filehosting=hik21juim75185c7m46ul6i07i
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 02 Dec 2023 18:23:44 GMT
content-type: text/css
cache-control: public, max-age=14400
cf-bgj: minify
cf-polished: origSize=2521
etag: W/"5f8bebbe-9d9"
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6152
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wR%2F1a2pV5fEZD2%2BxCIuIM6%2FfQp2dcHfDOliJdh5JwaZh4bOokzq46mzxmh9ENdjGry0nWHNgGy6O1Sf%2FtofSpir%2FmAjFSI7284xhqL2%2FwDY0FU%2BkdZEay6vtgOxmRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f59a4d5bbab4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bowfile.com/themes/spirit/assets/frontend/css/custom.css

172.67.205.230

200 OK

6.7 kB

URL GET HTTP/3
bowfile.com/themes/spirit/assets/frontend/css/custom.css
IP
172.67.205.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectbowfile.com
FingerprintEC:7E:59:5C:5B:DD:A7:5D:20:C2:E0:F9:FC:C2:B7:38:83:BB:87:19
ValidityThu, 16 Nov 2023 00:08:33 GMT - Wed, 14 Feb 2024 00:08:32 GMT

File type
ASCII text, with very long lines (6717), with no line terminators
Size
6.7 kB (6717 bytes)
Hash
a47c37c06e3dfcd6d6c81e581d724c3e
cca10fe5774ed40d9d4fcbe021f578137222531e
2ba990faaad8198719efac063a6ec699b548708b555a3ef7821fd6899a8556ce

HTTP Headers

GET /themes/spirit/assets/frontend/css/custom.css HTTP/1.1
Host: bowfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/a5fc
Cookie: filehosting=hik21juim75185c7m46ul6i07i
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 02 Dec 2023 18:23:44 GMT
content-type: text/css
cache-control: public, max-age=14400
cf-bgj: minify
cf-polished: origSize=8936
etag: W/"601c20c0-22e8"
last-modified: Thu, 04 Feb 2021 16:28:48 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6152
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZfbzfwYTIAeipsfldp%2Bwa4Sq7NXpfOkLk%2B3evXtV8%2FGcICg9OrI4YPSi%2FqQeOH8pYn8OfD0fWyq0ilkiBQnXoVphxsn9hTrtrJ9vOjAWUGjVcn5XSdf3VJk5VZ0Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f59a4d7bd4b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cameesse.net/1?z=6649610

139.45.197.242

200 OK

43 kB

URL GET HTTP/2
cameesse.net/1?z=6649610
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://bowfile.com/a5fc
Certificate
IssuerLet's Encrypt
Subjectcameesse.net
Fingerprint95:AE:4C:29:A9:9F:0C:04:38:32:00:81:30:07:95:A7:F8:B0:77:D6
ValidityWed, 18 Oct 2023 10:27:53 GMT - Tue, 16 Jan 2024 10:27:52 GMT

File type
ASCII text, with very long lines (41880)
Size
43 kB (42872 bytes)
Hash
bdb509ee2869798b07afb5aa799f20d2
792e7482b4fdb5f5856218c6474002b859cba46c
f07f9445e1c0ec8fe9daa20f9b1d1570c9a4f992dcbd2c5a77645b48d62920d9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1?z=6649610 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 02 Dec 2023 18:23:45 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 4c003a202794ca1898fe7eeb40a5de43
access-control-expose-headers: X-Sc
x-sc: NzKwwgDq7o5K-GTVivkZvVGTUGJ_d_1VrBx08S3CPTT9XSuN9-0b4SgY1jQ9kZCOi8GSJTBYR9EvlbGkbiwxh4i47PM=
set-cookie: scm=1; expires=Sun, 01 Dec 2024 18:23:45 GMT; secure; SameSite=None
OAID=4011adbb1c99400fb0db648125686f79; expires=Sun, 01 Dec 2024 18:23:45 GMT; secure; SameSite=None
oaidts=1701541425; expires=Sun, 01 Dec 2024 18:23:45 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

bowfile.com/themes/spirit/assets/frontend/css/font-awesome.min.css

172.67.205.230

200 OK

59 kB

URL GET HTTP/3
bowfile.com/themes/spirit/assets/frontend/css/font-awesome.min.css
IP
172.67.205.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectbowfile.com
FingerprintEC:7E:59:5C:5B:DD:A7:5D:20:C2:E0:F9:FC:C2:B7:38:83:BB:87:19
ValidityThu, 16 Nov 2023 00:08:33 GMT - Wed, 14 Feb 2024 00:08:32 GMT

File type
ASCII text, with very long lines (58929), with CRLF line terminators
Size
59 kB (59119 bytes)
Hash
879812fc22af75aa3ae7b5666ca4f4b8
df27469a952b7ee36cc03db471c6198f577186a8
c5d7f0d9e646698b20734ce6dcc2c0a8ecf6ebe27b4b7625bfcf42c4416fb7ed

HTTP Headers

GET /themes/spirit/assets/frontend/css/font-awesome.min.css HTTP/1.1
Host: bowfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/a5fc
Cookie: filehosting=hik21juim75185c7m46ul6i07i
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 02 Dec 2023 18:23:44 GMT
content-type: text/css
last-modified: Sun, 18 Oct 2020 07:16:14 GMT
vary: Accept-Encoding
etag: W/"5f8bebbe-e6ef"
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 6152
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vV%2BdjFBW8ESC8M5F18%2BtI5ZQXm1d%2F6DrMu28wYJcX51CrIUnGQ1m%2B4MC7dn7%2BICOeX5dprf1j7INV4%2FWq3N2Rhn3QP4kLYpTvAW6namGH2UoZOBYQuWVKtnxrDJuIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f59a4d6bcfb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bowfile.com/themes/spirit/assets/frontend/js/datepicker.js

172.67.205.230

200 OK

21 kB

URL GET HTTP/3
bowfile.com/themes/spirit/assets/frontend/js/datepicker.js
IP
172.67.205.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bowfile.com/a5fc
Certificate
IssuerGoogle Trust Services LLC
Subjectbowfile.com
FingerprintEC:7E:59:5C:5B:DD:A7:5D:20:C2:E0:F9:FC:C2:B7:38:83:BB:87:19
ValidityThu, 16 Nov 2023 00:08:33 GMT - Wed, 14 Feb 2024 00:08:32 GMT

File type
ASCII text, with very long lines (12694)
Size
21 kB (20951 bytes)
Hash
614058ddc049738b0905aed77acb29d0
694985606c2a3b482156035b1a1bb79aacf757e6
b6919dd92f8162e9d8b6642769217b9472c5bf423cdf82df50301a8af50ee53a

HTTP Headers

GET /themes/spirit/assets/frontend/js/datepicker.js HTTP/1.1
Host: bowfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bowfile.com/a5fc
Cookie: filehosting=hik21juim75185c7m46ul6i07i
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 02 Dec 2023 18:23:44 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-bgj: minify
cf-polished: origSize=20975
etag: W/"5f8bebc0-51ef"
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 5381
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F66GOqj%2Fi8t2k9MRDS6kXyBaX5hRV7g35HX7zNp0ht0YHeU5ftNn7CbUE7f8QOgNz5rjaOmo%2BZAiYWhrWVZOIxu19Kezshm%2F1qTKomqJfrR2wTLjycqWL9YvHcPzHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f59a4dabfeb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (30)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash