Report - www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip

Report Overview

Visited public
2024-11-03 04:54:32
Tags
URL
www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Finishing URL
www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
IP / ASN
193.168.50.236
#34749 Global Service Provider S.A.
Title
Dowload and donate - CGSecurity

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
clients1.google.com	415	1997-09-15	2013-02-01	2024-10-30	430 B	200 B	216.58.207.238
www.cgsecurity.org	unknown	2001-06-11	2017-01-31	2024-11-02	8.0 kB	29 MB	193.168.50.236
cse.google.com	2642	1997-09-15	2015-03-18	2024-10-30	862 B	153 kB	142.250.74.46
www.google.com	7	1997-09-15	2015-05-10	2024-10-30	2.3 kB	114 kB	142.250.74.164

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Mnemonic Secure DNS

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.cgsecurity.org/testdisk-7.3-WIP.win64.zip
IP
193.168.50.236
ASN
#34749 Global Service Provider S.A.

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
29 MB (28787590 bytes)
Hash
7ab3d4ceb4a8cf6371d113413e450996
164fa2062940c23bb283ac5d612b353bd63c4bf8
47e94021b2209888416b98ddc744ebefeaa0e3b2e7918ac2c15fa352d96db912

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/66

JavaScript (13)

	URL	From	Size	First Seen	Last Seen
	www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip	ScriptElement	1.2 kB	2024-10-26	2024-11-19
Pretty URL www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip IP 193.168.50.236 ASN #34749 Global Service Provider S.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-26 23:47 Last Seen2024-11-19 18:30 Times Seen3 Hash 78faf2c25ef454cc5c4c83bbe86bb985 54fa6c5198b5964161cc75cef61753b60d69c48e e49702864a5f827e250a032501d33df8bdc956117d36137dcf5ae20ad7d1d45d Loading...

	www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip	ScriptElement	197 B	2023-03-07	2025-05-21
Pretty URL www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip IP 193.168.50.236 ASN #34749 Global Service Provider S.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:32 Last Seen2025-05-21 13:17 Times Seen995 Hash 7a82bec10434ac99dbfc2bba8e6a7dd2 1bc768fce08f0719f4c0df55e8bbe1a3768ff250 31e72625b40da49099c181ee8f85d44768afd73088726afca544ce6a6eee9283 Loading...

	cse.google.com/cse.js?cx=partner-pub-9753209298218671:1590919361	ScriptElement	6.0 kB	2024-11-03	2024-11-03
Pretty URL cse.google.com/cse.js?cx=partner-pub-9753209298218671:1590919361 IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-03 04:54 Last Seen2024-11-03 04:54 Times Seen1 Hash add374bac924e70b94f9e89f1847861e ab251be8dd76b32db3d18c36a0788c2a4d85b53f 4b22999c490114cb4e2cb728278bd8245616c2e8fa93a5726af09a507f611d91 Loading...

	unknown	Function	142 B	2023-04-12	2025-05-28
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-12 13:00 Last Seen2025-05-28 00:26 Times Seen24837 Hash 7ab1b6c48dd8a7c198a7b6c52f3d910f b9c4e03092cde537b570a7a5d4752b81700dec7e bebfd42a5648f7113d98baba50b7ed7877d81bb1e7b4e82ee1f68ca8b0f9512d Loading...

	cse.google.com/adsense/search/async-ads.js	ScriptElement	149 kB	2024-11-01	2024-11-12
Pretty URL cse.google.com/adsense/search/async-ads.js IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-01 05:33 Last Seen2024-11-12 17:41 Times Seen12 Hash 9ca56d9de535bd5b17a0e6b23f10e292 f99594c662b339558ada2d1bdeda8a414b32e6f7 5de9caf9d159514eb2d8fd0bf9f9db32b224f3c29fcc1467783891fd76da19bb Loading...

	www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip	ScriptElement	156 B	2024-09-28	2025-02-18
Pretty URL www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip IP 193.168.50.236 ASN #34749 Global Service Provider S.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-09-28 07:44 Last Seen2025-02-18 21:09 Times Seen6 Hash 2bb97a71c02b9b8aace2e59ef817987d 528a9abbededd2f8320b3be54d880796b5a79532 9e34f194305323c6f613eaa66fec91e5fa08c15e10052726772b5f2115b5e92e Loading...

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js	ScriptElement	1.6 kB	2023-05-06	2025-05-28
Pretty URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-06 01:21 Last Seen2025-05-28 03:04 Times Seen24959 Hash 2e9e391ad98fbe1b2de0b7b4fa9ca904 21d7771223e8286a06ad878af425094a40de32b5 1468d954f25ab75355f3c0f42cd9c84efd64a67922c47d3b69bdb6d0eb399e69 Loading...

	www.cgsecurity.org/mw/load.php?lang=en&modules=startup&only=scripts&raw=1&skin=vector	ScriptElement	32 kB	2024-11-03	2024-11-03
Pretty URL www.cgsecurity.org/mw/load.php?lang=en&modules=startup&only=scripts&raw=1&skin=vector IP 193.168.50.236 ASN #34749 Global Service Provider S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-03 04:54 Last Seen2024-11-03 04:54 Times Seen1 Hash 7f70817b18594e50386497875f6dfe0a d0671385bde76f40cb646380e2010b434944fe09 3dfb02e83296979bf61e518a36465e16e4a41ebffe4b02cdb60471073dc148f5 Loading...

	unknown	Function	38 B	2023-04-11	2025-05-28
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:23 Last Seen2025-05-28 00:26 Times Seen29373 Hash caf13b633ab4249aeadda1952a9038ae 1eb64473acd8bff2d081a66f128c611d079f6cbe 30d90270fd3125eb763b9958a72bd513c90cd6207b97dd0ef40c06aa22111ac7 Loading...

	www.cgsecurity.org/mw/load.php?lang=en&modules=jquery%2Csite%7Cjquery.client%7Cmediawiki.String%2CTitle%2Capi%2Cbase%2Ccldr%2CjqueryMsg%2Clanguage%2Cutil%7Cmediawiki.libs.pluralruleparser%7Cmediawiki.page.ready%7Cskins.vector.legacy.js&skin=vector&version=1f0w8	ScriptElement	267 kB	2024-11-03	2024-11-19
Pretty URL www.cgsecurity.org/mw/load.php?lang=en&modules=jquery%2Csite%7Cjquery.client%7Cmediawiki.String%2CTitle%2Capi%2Cbase%2Ccldr%2CjqueryMsg%2Clanguage%2Cutil%7Cmediawiki.libs.pluralruleparser%7Cmediawiki.page.ready%7Cskins.vector.legacy.js&skin=vector&version=1f0w8 IP 193.168.50.236 ASN #34749 Global Service Provider S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-03 04:54 Last Seen2024-11-19 18:30 Times Seen2 Hash 7f8a2dfdfa200bb45482707c6fa5e360 5bda95160542422f087ba3e86c6f55ad42a4f2ee d60beb2e0435f6c23464e58334a24670a875d2870ceb559d4a8546213732474c Loading...

	www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip	ScriptElement	633 B	2024-10-26	2024-11-19
Pretty URL www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip IP 193.168.50.236 ASN #34749 Global Service Provider S.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-26 23:47 Last Seen2024-11-19 18:30 Times Seen3 Hash 765ba971663b0a9b553d9c70e414b3cb 704f726471a5a53911bb842e06f6eeb6b2515c95 f4a06e04e9d550a37a8e7fd312394dd6a2cc3f33d0792a0009bdfef36cd197ee Loading...

	www.cgsecurity.org/Download_and_donate.php/sandbox%20eval%20code		128 B	2023-05-06	2025-05-28
Pretty URL www.cgsecurity.org/Download_and_donate.php/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-06 01:21 Last Seen2025-05-28 03:04 Times Seen25181 Hash 23c336606ee3a6d444b305153fa0e2e2 473a2111970ae2a94b373e656d20c4bd4184d703 305375d5052f6a14434d2d338f852f0f4f04fb26495f88a5d62b6afde2e2cc60 Loading...

	www.google.com/cse/static/element/8fa85d58e016b414/cse_element__no.js?usqp=CAI%3D	ScriptElement	293 kB	2024-06-18	2025-01-14
Pretty URL www.google.com/cse/static/element/8fa85d58e016b414/cse_element__no.js?usqp=CAI%3D IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-18 09:25 Last Seen2025-01-14 05:47 Times Seen862 Hash 21861007183ca2801fec74978c20907a 0652749e68fe9e6f1e131793ed88d402edf802cd 65c6d4f476f817e7fc46093de08696c32abe5505398da48b604a0ca9c3bc55e9 Loading...

HTTP Transactions (23)

URL IP Response Size

www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip

193.168.50.236

200 OK

20 kB

URL User Request GET HTTP/1.1
www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
IP
193.168.50.236:443
ASN
#34749 Global Service Provider S.A.

Certificate
IssuerLet's Encrypt
Subjectwww.cgsecurity.org
FingerprintFC:84:3A:34:3A:F8:F0:67:72:30:73:0E:5A:6E:25:5D:D6:3F:94:C6
ValidityMon, 30 Sep 2024 04:00:59 GMT - Sun, 29 Dec 2024 04:00:58 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1266)
Size
20 kB (19485 bytes)
Hash
38efa37df915f5e63c83ff94970c72d2
bd77a5c843c590d1c91c2b9b531c6efffbc1ae3b
e442fdea884a62293d84cdddf4cbb5d2e017a8b282b33230e68e6c93b8e2d2e7

HTTP Headers

GET /Download_and_donate.php/testdisk-7.3-WIP.win64.zip HTTP/1.1
Host: www.cgsecurity.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 03 Nov 2024 04:54:06 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 19485
Connection: keep-alive
Age: 21
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

www.cgsecurity.org/mw/load.php?lang=en&modules=skins.vector.styles.legacy&only=styles&skin=vector

193.168.50.236

200 OK

31 kB

URL GET HTTP/1.1
www.cgsecurity.org/mw/load.php?lang=en&modules=skins.vector.styles.legacy&only=styles&skin=vector
IP
193.168.50.236:443
ASN
#34749 Global Service Provider S.A.

Requested by
https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Certificate
IssuerLet's Encrypt
Subjectwww.cgsecurity.org
FingerprintFC:84:3A:34:3A:F8:F0:67:72:30:73:0E:5A:6E:25:5D:D6:3F:94:C6
ValidityMon, 30 Sep 2024 04:00:59 GMT - Sun, 29 Dec 2024 04:00:58 GMT

File type
ASCII text, with very long lines (31115)
Size
31 kB (31143 bytes)
Hash
1719bd37d79cf258efa81a6c23cab2b4
0cf4573f7d1d866c101656c5a97eba686de62591
ae7cfaf9471d9d3ff6b47e71f3256f48e4a034f5b4eb676eb8c700a0659ad869

HTTP Headers

GET /mw/load.php?lang=en&modules=skins.vector.styles.legacy&only=styles&skin=vector HTTP/1.1
Host: www.cgsecurity.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 03 Nov 2024 04:54:06 GMT
Content-Type: text/css; charset=utf-8
Content-Length: 31143
Connection: keep-alive
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=7200, s-maxage=7200, stale-while-revalidate=60
Expires: Sun, 03 Nov 2024 06:03:25 GMT
X-Request-Id: Zyb2Dc9nvvNbxQD2HSE8rQAAAA8
ETag: W/"4pdm5"
Age: 3041
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

www.cgsecurity.org/mw/load.php?lang=en&modules=site.styles&only=styles&skin=vector

193.168.50.236

200 OK

2.1 kB

URL GET HTTP/1.1
www.cgsecurity.org/mw/load.php?lang=en&modules=site.styles&only=styles&skin=vector
IP
193.168.50.236:443
ASN
#34749 Global Service Provider S.A.

Requested by
https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Certificate
IssuerLet's Encrypt
Subjectwww.cgsecurity.org
FingerprintFC:84:3A:34:3A:F8:F0:67:72:30:73:0E:5A:6E:25:5D:D6:3F:94:C6
ValidityMon, 30 Sep 2024 04:00:59 GMT - Sun, 29 Dec 2024 04:00:58 GMT

File type
ASCII text, with very long lines (2040)
Size
2.1 kB (2068 bytes)
Hash
75ffcc48c3993e4e66efbb7f8b3c62b2
005bed57e25ef6385e369d4b62b9e30d192ed10b
8e65be0915ae302a867f5a8805b3f4de6eb98391345ce2a7e5f828c2db31c774

HTTP Headers

GET /mw/load.php?lang=en&modules=site.styles&only=styles&skin=vector HTTP/1.1
Host: www.cgsecurity.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 03 Nov 2024 04:54:06 GMT
Content-Type: text/css; charset=utf-8
Content-Length: 2068
Connection: keep-alive
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=7200, s-maxage=7200, stale-while-revalidate=60
Expires: Sun, 03 Nov 2024 05:50:23 GMT
X-Request-Id: Zyby-zeS6VdnXx6K2hcUfQAAANY
ETag: W/"g3647"
Age: 3823
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

www.cgsecurity.org/mw/images/thumb/Bitcoin.png/100px-Bitcoin.png

193.168.50.236

200 OK

3.7 kB

URL GET HTTP/1.1
www.cgsecurity.org/mw/images/thumb/Bitcoin.png/100px-Bitcoin.png
IP
193.168.50.236:443
ASN
#34749 Global Service Provider S.A.

Requested by
https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Certificate
IssuerLet's Encrypt
Subjectwww.cgsecurity.org
FingerprintFC:84:3A:34:3A:F8:F0:67:72:30:73:0E:5A:6E:25:5D:D6:3F:94:C6
ValidityMon, 30 Sep 2024 04:00:59 GMT - Sun, 29 Dec 2024 04:00:58 GMT

File type
PNG image data, 100 x 100, 8-bit grayscale, non-interlaced
Size
3.7 kB (3735 bytes)
Hash
a99a6d8e78c03413959c0c12b6e274a6
4218a0ba3aee87dd54d0daaea6065582d9f4cbc6
5eb27d95ea3ada8f48b3262a18335687ff68362e7a37329a159504ab64c862c3

HTTP Headers

GET /mw/images/thumb/Bitcoin.png/100px-Bitcoin.png HTTP/1.1
Host: www.cgsecurity.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 03 Nov 2024 04:54:06 GMT
Content-Type: image/png
Content-Length: 3735
Connection: keep-alive
Last-Modified: Tue, 12 Jul 2016 11:39:02 GMT
ETag: "e97-5376eb722e180"
Cache-Control: max-age=3024000
Expires: Thu, 28 Nov 2024 06:25:12 GMT
Age: 858534
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

www.cgsecurity.org/mw/images/thumb/Bitcoin_logo.png/20px-Bitcoin_logo.png

193.168.50.236

200 OK

713 B

URL GET HTTP/1.1
www.cgsecurity.org/mw/images/thumb/Bitcoin_logo.png/20px-Bitcoin_logo.png
IP
193.168.50.236:443
ASN
#34749 Global Service Provider S.A.

Requested by
https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Certificate
IssuerLet's Encrypt
Subjectwww.cgsecurity.org
FingerprintFC:84:3A:34:3A:F8:F0:67:72:30:73:0E:5A:6E:25:5D:D6:3F:94:C6
ValidityMon, 30 Sep 2024 04:00:59 GMT - Sun, 29 Dec 2024 04:00:58 GMT

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
Size
713 B (713 bytes)
Hash
7cdebb30bd521134463cdc504bd2288a
604d1223a7356a7f56da91d0de1fb17399e3b982
418b6469af343512469968a44f0a51bd9aa0d681d60bd48f5b7716d7e06e470d

HTTP Headers

GET /mw/images/thumb/Bitcoin_logo.png/20px-Bitcoin_logo.png HTTP/1.1
Host: www.cgsecurity.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 03 Nov 2024 04:54:06 GMT
Content-Type: image/png
Content-Length: 713
Connection: keep-alive
Last-Modified: Mon, 07 Sep 2015 09:32:10 GMT
ETag: "2c9-51f24ec761a80"
Cache-Control: max-age=3024000
Expires: Thu, 28 Nov 2024 06:25:12 GMT
Age: 858534
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

www.cgsecurity.org/donate.png

193.168.50.236

200 OK

2.5 kB

URL GET HTTP/1.1
www.cgsecurity.org/donate.png
IP
193.168.50.236:443
ASN
#34749 Global Service Provider S.A.

Requested by
https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Certificate
IssuerLet's Encrypt
Subjectwww.cgsecurity.org
FingerprintFC:84:3A:34:3A:F8:F0:67:72:30:73:0E:5A:6E:25:5D:D6:3F:94:C6
ValidityMon, 30 Sep 2024 04:00:59 GMT - Sun, 29 Dec 2024 04:00:58 GMT

File type
PNG image data, 122 x 47, 8-bit colormap, non-interlaced
Size
2.5 kB (2452 bytes)
Hash
42bc7cc10d06177c32322fdc15e864e3
980d1562c1021228a251653d3197d34ff34a2b05
70f68e34657f783d44af215dbc06839b44191f1e6bb678654313e73d5d39299a

HTTP Headers

GET /donate.png HTTP/1.1
Host: www.cgsecurity.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 03 Nov 2024 04:54:06 GMT
Content-Type: image/png
Content-Length: 2452
Connection: keep-alive
Last-Modified: Thu, 28 Jul 2011 20:40:30 GMT
ETag: "994-4a9272cf64b80"
Cache-Control: max-age=3024000
Expires: Thu, 28 Nov 2024 06:25:11 GMT
Age: 858535
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

www.cgsecurity.org/mw/skins/Vector/resources/common/images/bullet-icon.svg?d4515

193.168.50.236

200 OK

159 B

URL GET HTTP/1.1
www.cgsecurity.org/mw/skins/Vector/resources/common/images/bullet-icon.svg?d4515
IP
193.168.50.236:443
ASN
#34749 Global Service Provider S.A.

Requested by
https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Certificate
IssuerLet's Encrypt
Subjectwww.cgsecurity.org
FingerprintFC:84:3A:34:3A:F8:F0:67:72:30:73:0E:5A:6E:25:5D:D6:3F:94:C6
ValidityMon, 30 Sep 2024 04:00:59 GMT - Sun, 29 Dec 2024 04:00:58 GMT

File type
SVG Scalable Vector Graphics image
Size
159 B (159 bytes)
Hash
d4515e17cf80ac2d88111406eae94387
2d98a564d597a1f50443d6c7db414ddefb50c0b6
6b2ae95e88a82be06108353d7174b1f9c18dd629e3aba1d149afcb39795335a4

HTTP Headers

GET /mw/skins/Vector/resources/common/images/bullet-icon.svg?d4515 HTTP/1.1
Host: www.cgsecurity.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cgsecurity.org/mw/load.php?lang=en&modules=skins.vector.styles.legacy&only=styles&skin=vector
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 03 Nov 2024 04:54:07 GMT
Content-Type: image/svg+xml
Content-Length: 159
Connection: keep-alive
Last-Modified: Tue, 01 Oct 2024 00:59:01 GMT
ETag: "9f-6235fd3bd77ce"
Accept-Ranges: bytes
Age: 0
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

www.cgsecurity.org/mw/resources/src/mediawiki.skinning/images/magnify-clip-ltr.svg?8330e

193.168.50.236

200 OK

305 B

URL GET HTTP/1.1
www.cgsecurity.org/mw/resources/src/mediawiki.skinning/images/magnify-clip-ltr.svg?8330e
IP
193.168.50.236:443
ASN
#34749 Global Service Provider S.A.

Requested by
https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Certificate
IssuerLet's Encrypt
Subjectwww.cgsecurity.org
FingerprintFC:84:3A:34:3A:F8:F0:67:72:30:73:0E:5A:6E:25:5D:D6:3F:94:C6
ValidityMon, 30 Sep 2024 04:00:59 GMT - Sun, 29 Dec 2024 04:00:58 GMT

File type
SVG Scalable Vector Graphics image
Size
305 B (305 bytes)
Hash
8330e30926b49bb6be90279642c32293
0d2ba85e0b77e2439993e631c96703df3355be7e
78f5ef3e585b3073c58b955ace7c662e51ee29bb2ff4ef4b0769bc46e8d7110c

HTTP Headers

GET /mw/resources/src/mediawiki.skinning/images/magnify-clip-ltr.svg?8330e HTTP/1.1
Host: www.cgsecurity.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cgsecurity.org/mw/load.php?lang=en&modules=skins.vector.styles.legacy&only=styles&skin=vector
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 03 Nov 2024 04:54:07 GMT
Content-Type: image/svg+xml
Content-Length: 305
Connection: keep-alive
Last-Modified: Thu, 21 Dec 2023 16:38:20 GMT
ETag: "131-60d07ba384ed1"
Accept-Ranges: bytes
Age: 0
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

www.cgsecurity.org/mw/images/thumb/Christophe_GRENIER.jpg/300px-Christophe_GRENIER.jpg

193.168.50.236

200 OK

29 kB

URL GET HTTP/1.1
www.cgsecurity.org/mw/images/thumb/Christophe_GRENIER.jpg/300px-Christophe_GRENIER.jpg
IP
193.168.50.236:443
ASN
#34749 Global Service Provider S.A.

Requested by
https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Certificate
IssuerLet's Encrypt
Subjectwww.cgsecurity.org
FingerprintFC:84:3A:34:3A:F8:F0:67:72:30:73:0E:5A:6E:25:5D:D6:3F:94:C6
ValidityMon, 30 Sep 2024 04:00:59 GMT - Sun, 29 Dec 2024 04:00:58 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 95", baseline, precision 8, 300x413, components 3
Size
29 kB (29289 bytes)
Hash
22b15d9fdef2639213e66370c2f38b76
0e07e714f254a24f2a58ecc4ff368469c2e7cf1e
9dbad2a2a9554f231da6aa3c7b6a6df7ef43d28741b8d9678067bfc6999c0e49

HTTP Headers

GET /mw/images/thumb/Christophe_GRENIER.jpg/300px-Christophe_GRENIER.jpg HTTP/1.1
Host: www.cgsecurity.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 03 Nov 2024 04:54:06 GMT
Content-Type: image/jpeg
Content-Length: 29289
Connection: keep-alive
Last-Modified: Fri, 28 Nov 2014 16:49:26 GMT
ETag: "7269-508ee0b289180"
Cache-Control: max-age=3024000
Expires: Thu, 28 Nov 2024 06:25:11 GMT
Age: 858535
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

www.cgsecurity.org/mw/skins/Vector/resources/common/images/link-external-small-ltr-progressive.svg?14604

193.168.50.236

200 OK

336 B

URL GET HTTP/1.1
www.cgsecurity.org/mw/skins/Vector/resources/common/images/link-external-small-ltr-progressive.svg?14604
IP
193.168.50.236:443
ASN
#34749 Global Service Provider S.A.

Requested by
https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Certificate
IssuerLet's Encrypt
Subjectwww.cgsecurity.org
FingerprintFC:84:3A:34:3A:F8:F0:67:72:30:73:0E:5A:6E:25:5D:D6:3F:94:C6
ValidityMon, 30 Sep 2024 04:00:59 GMT - Sun, 29 Dec 2024 04:00:58 GMT

File type
SVG Scalable Vector Graphics image
Size
336 B (336 bytes)
Hash
14604de934b9592cffa9fb68640bedc1
7f0cdaac81f8b18d03a45023d85c2395624384ab
1ebf0318675a569fa312ee8a8f9ea1381a5b4e424b15fc3567b42c6d3715df66

HTTP Headers

GET /mw/skins/Vector/resources/common/images/link-external-small-ltr-progressive.svg?14604 HTTP/1.1
Host: www.cgsecurity.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cgsecurity.org/mw/load.php?lang=en&modules=skins.vector.styles.legacy&only=styles&skin=vector
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 03 Nov 2024 04:54:07 GMT
Content-Type: image/svg+xml
Content-Length: 336
Connection: keep-alive
Last-Modified: Tue, 01 Oct 2024 00:59:01 GMT
ETag: "150-6235fd3bd77ce"
Accept-Ranges: bytes
Age: 0
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

www.cgsecurity.org/testdisklogo-clear-100.png

193.168.50.236

200 OK

1.5 kB

URL GET HTTP/1.1
www.cgsecurity.org/testdisklogo-clear-100.png
IP
193.168.50.236:443
ASN
#34749 Global Service Provider S.A.

Requested by
https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Certificate
IssuerLet's Encrypt
Subjectwww.cgsecurity.org
FingerprintFC:84:3A:34:3A:F8:F0:67:72:30:73:0E:5A:6E:25:5D:D6:3F:94:C6
ValidityMon, 30 Sep 2024 04:00:59 GMT - Sun, 29 Dec 2024 04:00:58 GMT

File type
PNG image data, 100 x 100, 8-bit colormap, non-interlaced
Size
1.5 kB (1478 bytes)
Hash
dc8ce249f26761f850896825c3bd5e66
d35ea65a21786477703805eb8dc151863f7e8b66
bf592e6ab2a84e0e457face99102ab6da70db4ac0cae17c7ef319e91a206e581

HTTP Headers

GET /testdisklogo-clear-100.png HTTP/1.1
Host: www.cgsecurity.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cgsecurity.org/mw/load.php?lang=en&modules=skins.vector.styles.legacy&only=styles&skin=vector
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 03 Nov 2024 04:54:07 GMT
Content-Type: image/png
Content-Length: 1478
Connection: keep-alive
Last-Modified: Sat, 27 Nov 2010 10:15:56 GMT
ETag: "5c6-496061fe64f00"
Cache-Control: max-age=3024000
Expires: Tue, 12 Nov 2024 21:06:05 GMT
Age: 2188081
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

www.cgsecurity.org/favicon.ico

193.168.50.236

200 OK

439 B

URL GET HTTP/1.1
www.cgsecurity.org/favicon.ico
IP
193.168.50.236:443
ASN
#34749 Global Service Provider S.A.

Requested by
https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Certificate
IssuerLet's Encrypt
Subjectwww.cgsecurity.org
FingerprintFC:84:3A:34:3A:F8:F0:67:72:30:73:0E:5A:6E:25:5D:D6:3F:94:C6
ValidityMon, 30 Sep 2024 04:00:59 GMT - Sun, 29 Dec 2024 04:00:58 GMT

File type
MS Windows icon resource - 1 icon, 32x32, 8 bits/pixel
Size
439 B (439 bytes)
Hash
a99b832d3e5e61c86e98bb9f3e18c9c5
3eb307ca10e53e056e97b971266476523f36b8c7
139d1e8c527ef2c3c32e46ab73632a6410bf80169c16544774b7d7b6dfd084fe

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.cgsecurity.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 03 Nov 2024 04:54:07 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 439
Connection: keep-alive
Last-Modified: Thu, 05 Jun 2003 11:50:21 GMT
ETag: "8be-3bf58fb1ad940-gzip"
Cache-Control: max-age=7776000
Expires: Mon, 06 Jan 2025 21:06:06 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 2188080
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

cse.google.com/cse.js?cx=partner-pub-9753209298218671:1590919361

142.250.74.46

200 OK

2.6 kB

URL GET HTTP/2
cse.google.com/cse.js?cx=partner-pub-9753209298218671:1590919361
IP
142.250.74.46:443
ASN
#15169 GOOGLE

Requested by
https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint8A:FD:2E:CF:C6:37:BB:86:75:C1:A8:96:34:2A:A2:19:13:ED:3B:80
ValidityMon, 07 Oct 2024 08:23:38 GMT - Mon, 30 Dec 2024 08:23:37 GMT

File type
JavaScript source, ASCII text, with very long lines (613)
Size
2.6 kB (2614 bytes)
Hash
add374bac924e70b94f9e89f1847861e
ab251be8dd76b32db3d18c36a0788c2a4d85b53f
4b22999c490114cb4e2cb728278bd8245616c2e8fa93a5726af09a507f611d91

HTTP Headers

GET /cse.js?cx=partner-pub-9753209298218671:1590919361 HTTP/1.1
Host: cse.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cgsecurity.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-_VFAXKMmPepKNpEO3zCysQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sun, 03 Nov 2024 04:54:07 GMT
server: gws
content-length: 2614
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.cgsecurity.org/mw/load.php?lang=en&modules=startup&only=scripts&raw=1&skin=vector

193.168.50.236

200 OK

32 kB

URL GET HTTP/1.1
www.cgsecurity.org/mw/load.php?lang=en&modules=startup&only=scripts&raw=1&skin=vector
IP
193.168.50.236:443
ASN
#34749 Global Service Provider S.A.

Requested by
https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Certificate
IssuerLet's Encrypt
Subjectwww.cgsecurity.org
FingerprintFC:84:3A:34:3A:F8:F0:67:72:30:73:0E:5A:6E:25:5D:D6:3F:94:C6
ValidityMon, 30 Sep 2024 04:00:59 GMT - Sun, 29 Dec 2024 04:00:58 GMT

File type
JavaScript source, ASCII text, with very long lines (1000)
Size
32 kB (32495 bytes)
Hash
7f70817b18594e50386497875f6dfe0a
d0671385bde76f40cb646380e2010b434944fe09
3dfb02e83296979bf61e518a36465e16e4a41ebffe4b02cdb60471073dc148f5

HTTP Headers

GET /mw/load.php?lang=en&modules=startup&only=scripts&raw=1&skin=vector HTTP/1.1
Host: www.cgsecurity.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 03 Nov 2024 04:54:07 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 32495
Connection: keep-alive
X-Content-Type-Options: nosniff
Cache-Control: public, max-age=60, s-maxage=60
Expires: Sun, 03 Nov 2024 04:55:07 GMT
X-Request-Id: ZycB7s9nvvNbxQD2HSFJFQAAABM
ETag: W/"rriw4"
Age: 0
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

www.google.com/cse/static/style/look/v4/default.css

142.250.74.164

200 OK

1.3 kB

URL GET HTTP/2
www.google.com/cse/static/style/look/v4/default.css
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Certificate
IssuerGoogle Trust Services
Subjectwww.google.com
Fingerprint89:16:76:18:E5:01:7F:81:3A:FF:98:1C:88:CE:42:2D:C1:01:6B:DF
ValidityMon, 07 Oct 2024 08:26:36 GMT - Mon, 30 Dec 2024 08:26:35 GMT

File type
ASCII text
Size
1.3 kB (1345 bytes)
Hash
c14e45e189f801818b14f1315605a632
dd7e7fb9d156b343beef0155b41da1c847d69e41
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

HTTP Headers

GET /cse/static/style/look/v4/default.css HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cgsecurity.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 1345
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 03 Nov 2024 04:32:15 GMT
expires: Sun, 03 Nov 2024 05:22:15 GMT
cache-control: public, max-age=3000
age: 1312
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
content-type: text/css
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/cse/static/element/8fa85d58e016b414/default+no.css

142.250.74.164

200 OK

9.1 kB

URL GET HTTP/2
www.google.com/cse/static/element/8fa85d58e016b414/default+no.css
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Certificate
IssuerGoogle Trust Services
Subjectwww.google.com
Fingerprint89:16:76:18:E5:01:7F:81:3A:FF:98:1C:88:CE:42:2D:C1:01:6B:DF
ValidityMon, 07 Oct 2024 08:26:36 GMT - Mon, 30 Dec 2024 08:26:35 GMT

File type
ASCII text
Size
9.1 kB (9068 bytes)
Hash
baccb7180fe061b63ed061ec10c3b0c8
bfb31590ba6e758eb8f25735b564d7e4a0919025
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3

HTTP Headers

GET /cse/static/element/8fa85d58e016b414/default+no.css HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cgsecurity.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 9068
date: Sun, 03 Nov 2024 04:54:07 GMT
expires: Sun, 03 Nov 2024 04:54:07 GMT
cache-control: private, max-age=31536000
last-modified: Wed, 12 Jun 2024 21:33:21 GMT
x-content-type-options: nosniff
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.cgsecurity.org/mw/load.php?lang=en&modules=jquery%2Csite%7Cjquery.client%7Cmediawiki.String%2CTitle%2Capi%2Cbase%2Ccldr%2CjqueryMsg%2Clanguage%2Cutil%7Cmediawiki.libs.pluralruleparser%7Cmediawiki.page.ready%7Cskins.vector.legacy.js&skin=vector&version=1f0w8

193.168.50.236

200 OK

267 kB

URL GET HTTP/1.1
www.cgsecurity.org/mw/load.php?lang=en&modules=jquery%2Csite%7Cjquery.client%7Cmediawiki.String%2CTitle%2Capi%2Cbase%2Ccldr%2CjqueryMsg%2Clanguage%2Cutil%7Cmediawiki.libs.pluralruleparser%7Cmediawiki.page.ready%7Cskins.vector.legacy.js&skin=vector&version=1f0w8
IP
193.168.50.236:443
ASN
#34749 Global Service Provider S.A.

Requested by
https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Certificate
IssuerLet's Encrypt
Subjectwww.cgsecurity.org
FingerprintFC:84:3A:34:3A:F8:F0:67:72:30:73:0E:5A:6E:25:5D:D6:3F:94:C6
ValidityMon, 30 Sep 2024 04:00:59 GMT - Sun, 29 Dec 2024 04:00:58 GMT

File type
JavaScript source, ASCII text, with very long lines (1009)
Size
267 kB (267083 bytes)
Hash
7f8a2dfdfa200bb45482707c6fa5e360
5bda95160542422f087ba3e86c6f55ad42a4f2ee
d60beb2e0435f6c23464e58334a24670a875d2870ceb559d4a8546213732474c

HTTP Headers

GET /mw/load.php?lang=en&modules=jquery%2Csite%7Cjquery.client%7Cmediawiki.String%2CTitle%2Capi%2Cbase%2Ccldr%2CjqueryMsg%2Clanguage%2Cutil%7Cmediawiki.libs.pluralruleparser%7Cmediawiki.page.ready%7Cskins.vector.legacy.js&skin=vector&version=1f0w8 HTTP/1.1
Host: www.cgsecurity.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 03 Nov 2024 04:54:07 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 267083
Connection: keep-alive
X-Content-Type-Options: nosniff
Cache-Control: public, max-age=2592000, s-maxage=2592000, stale-while-revalidate=60
Expires: Tue, 26 Nov 2024 01:03:11 GMT
X-Request-Id: Zx2RT4eAv3zJA@MLKz1cNwAAANM
ETag: W/"1f0w8"
Age: 618655
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

www.google.com/cse/static/element/8fa85d58e016b414/cse_element__no.js?usqp=CAI%3D

142.250.74.164

200 OK

96 kB

URL GET HTTP/3
www.google.com/cse/static/element/8fa85d58e016b414/cse_element__no.js?usqp=CAI%3D
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint8A:FD:2E:CF:C6:37:BB:86:75:C1:A8:96:34:2A:A2:19:13:ED:3B:80
ValidityMon, 07 Oct 2024 08:23:38 GMT - Mon, 30 Dec 2024 08:23:37 GMT

File type
JavaScript source, ASCII text, with very long lines (1964)
Size
96 kB (95944 bytes)
Hash
21861007183ca2801fec74978c20907a
0652749e68fe9e6f1e131793ed88d402edf802cd
65c6d4f476f817e7fc46093de08696c32abe5505398da48b604a0ca9c3bc55e9

HTTP Headers

GET /cse/static/element/8fa85d58e016b414/cse_element__no.js?usqp=CAI%3D HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cgsecurity.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 95944
date: Sun, 03 Nov 2024 04:54:07 GMT
expires: Sun, 03 Nov 2024 04:54:07 GMT
cache-control: private, max-age=31536000
last-modified: Wed, 12 Jun 2024 21:33:21 GMT
x-content-type-options: nosniff
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/cse/static/images/1x/no/branding.png

142.250.74.164

200 OK

2.0 kB

URL GET HTTP/3
www.google.com/cse/static/images/1x/no/branding.png
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint8A:FD:2E:CF:C6:37:BB:86:75:C1:A8:96:34:2A:A2:19:13:ED:3B:80
ValidityMon, 07 Oct 2024 08:23:38 GMT - Mon, 30 Dec 2024 08:23:37 GMT

File type
PNG image data, 181 x 15, 8-bit/color RGBA, non-interlaced
Size
2.0 kB (2015 bytes)
Hash
448fdf0f4c35a5d39235e808897faf91
c01d11e9a0de415a589c50d5f4d21759ac909067
bc3fabc0cd6b45a8caa68925e35c07b21e0c783e07b8cf75730cd98f8a84cccd

HTTP Headers

GET /cse/static/images/1x/no/branding.png HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cgsecurity.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 2015
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 01 Nov 2024 18:53:17 GMT
expires: Sat, 01 Nov 2025 18:53:17 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 07 Dec 2023 21:00:00 GMT
content-type: image/png
age: 122450
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/cse/static/css/v2/clear.png

142.250.74.164

200 OK

1.0 kB

URL GET HTTP/3
www.google.com/cse/static/css/v2/clear.png
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint8A:FD:2E:CF:C6:37:BB:86:75:C1:A8:96:34:2A:A2:19:13:ED:3B:80
ValidityMon, 07 Oct 2024 08:23:38 GMT - Mon, 30 Dec 2024 08:23:37 GMT

File type
PNG image data, 10 x 10, 8-bit/color RGBA, non-interlaced
Size
1.0 kB (1018 bytes)
Hash
2df778bf2e22d52fe849babb330ec977
0f833f030bb43f282473bddd3a33b5f8cba7a845
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

HTTP Headers

GET /cse/static/css/v2/clear.png HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/cse/static/element/8fa85d58e016b414/default+no.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 1018
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 01 Nov 2024 18:50:28 GMT
expires: Sat, 01 Nov 2025 18:50:28 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 25 May 2020 08:30:00 GMT
content-type: image/png
age: 122619
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

clients1.google.com/generate_204

216.58.207.238

204 No Content

0 B

URL GET HTTP/2
clients1.google.com/generate_204
IP
216.58.207.238:443
ASN
#15169 GOOGLE

Requested by
https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint8A:FD:2E:CF:C6:37:BB:86:75:C1:A8:96:34:2A:A2:19:13:ED:3B:80
ValidityMon, 07 Oct 2024 08:23:38 GMT - Mon, 30 Dec 2024 08:23:37 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /generate_204 HTTP/1.1
Host: clients1.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cgsecurity.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Sun, 03 Nov 2024 04:54:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.cgsecurity.org/testdisk-7.3-WIP.win64.zip

193.168.50.236

200 OK

29 MB

URL User Request GET HTTP/1.1
www.cgsecurity.org/testdisk-7.3-WIP.win64.zip
IP
193.168.50.236:443
ASN
#34749 Global Service Provider S.A.

Certificate
IssuerLet's Encrypt
Subjectwww.cgsecurity.org
FingerprintFC:84:3A:34:3A:F8:F0:67:72:30:73:0E:5A:6E:25:5D:D6:3F:94:C6
ValidityMon, 30 Sep 2024 04:00:59 GMT - Sun, 29 Dec 2024 04:00:58 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
29 MB (28787590 bytes)
Hash
7ab3d4ceb4a8cf6371d113413e450996
164fa2062940c23bb283ac5d612b353bd63c4bf8
47e94021b2209888416b98ddc744ebefeaa0e3b2e7918ac2c15fa352d96db912

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/66

HTTP Headers

GET /testdisk-7.3-WIP.win64.zip HTTP/1.1
Host: www.cgsecurity.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 03 Nov 2024 04:54:07 GMT
Content-Type: application/zip
Content-Length: 28787590
Connection: keep-alive
Last-Modified: Tue, 24 Sep 2024 19:23:35 GMT
ETag: "1b74386-622e2711a99c5"
Age: 77
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

cse.google.com/adsense/search/async-ads.js

142.250.74.46

200 OK

149 kB

URL GET HTTP/3
cse.google.com/adsense/search/async-ads.js
IP
142.250.74.46:443
ASN
#15169 GOOGLE

Requested by
https://www.cgsecurity.org/Download_and_donate.php/testdisk-7.3-WIP.win64.zip
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint8A:FD:2E:CF:C6:37:BB:86:75:C1:A8:96:34:2A:A2:19:13:ED:3B:80
ValidityMon, 07 Oct 2024 08:23:38 GMT - Mon, 30 Dec 2024 08:23:37 GMT

File type
JavaScript source, ASCII text, with very long lines (1932)
Size
149 kB (148897 bytes)
Hash
9ca56d9de535bd5b17a0e6b23f10e292
f99594c662b339558ada2d1bdeda8a414b32e6f7
5de9caf9d159514eb2d8fd0bf9f9db32b224f3c29fcc1467783891fd76da19bb

HTTP Headers

GET /adsense/search/async-ads.js HTTP/1.1
Host: cse.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cgsecurity.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sun, 03 Nov 2024 04:54:07 GMT
expires: Sun, 03 Nov 2024 04:54:07 GMT
cache-control: private, max-age=3600
etag: "11927519095141911669"
x-content-type-options: nosniff
link: <https://syndicatedsearch.goog>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Mnemonic Secure DNS

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP