ocsp.sectigo.com/
104.18.14.101 472 B IP 104.18.14.101:0
Hash 7b9e98cfb89b579820689729736d1556
5dc667fa95d26183cfaacc7601f51075a7253c5b
e987467a769abac7dc28202777f92865e93c9227d00c400d27167df29427f3a0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 May 2023 14:55:09 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 25 May 2023 15:36:31 GMT
Expires: Thu, 01 Jun 2023 15:36:30 GMT
Etag: "5dc667fa95d26183cfaacc7601f51075a7253c5b"
Cache-Control: max-age=521715,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7cd6db83a8fbb527-OSL
cleancraftscleaners.com/wp/
198.54.114.202 102 B URL cleancraftscleaners.com/wp/
IP 198.54.114.202:0
File type HTML document, Unicode text, UTF-8 (with BOM) text
Hash c428ec513cc2afc7c576f035a9bbf6ad
2f0046728caadd48858b2e32730b51a2c71d41e9
bd61514fe252974abeb2df5bff6e1fddc284a9c7ae40549eccf5f67e2d295ebc
GET /wp/ HTTP/1.1
Host: cleancraftscleaners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
x-powered-by: PHP/7.1.33
content-type: text/html; charset=UTF-8
content-length: 102
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 26 May 2023 14:55:10 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
ar-flux.com/online/
162.241.69.148 497 B IP 162.241.69.148:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 0279d61245e6189e831c63b0d63811a4
69f797a785e9e66f740796e01d1aa0fd7507d0ce
37f565654d32cbee2a0301d2cb5761c5775c6032a3cc1ad183e107e90d91c407
Analyzer Verdict Alert fortinet Malware
GET /online/ HTTP/1.1
Host: ar-flux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://cleancraftscleaners.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 May 2023 14:55:09 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ar-flux.com/online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216
162.241.69.148200 OK 80 kB URL User Request GET HTTP/1.1 ar-flux.com/online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216
IP 162.241.69.148:443
ASN #46606 UNIFIEDLAYER-AS-1
Certificate IssuerLet's Encrypt
Subjectwebdisk.ar-flux.com
Fingerprint5D:F5:98:5E:1B:40:03:8F:56:30:F4:8B:69:D8:09:31:41:A8:A8:5B
ValidityThu, 25 May 2023 12:08:24 GMT - Wed, 23 Aug 2023 12:08:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65107), with CRLF line terminators
Hash e6a86f54c6ef7f2d207c69f54f26520e
fefe07070d0b103f3f2795bf8ef45cd50d81aba0
2c81a621c5bd6630c3bee80e9bbf72a740f8ebe0080352d885c38bc9139a2de6
GET /online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216 HTTP/1.1
Host: ar-flux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: rowan=attkinson
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 May 2023 14:55:10 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ar-flux.com/online/Sign%20in%20Scotiabank_files/7c428f63a00e5bd025fa159e8c94389f.svg
162.241.69.148404 Not Found 315 B URL GET HTTP/1.1 ar-flux.com/online/Sign%20in%20Scotiabank_files/7c428f63a00e5bd025fa159e8c94389f.svg
IP 162.241.69.148:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://ar-flux.com/online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216
Certificate IssuerLet's Encrypt
Subjectwebdisk.ar-flux.com
Fingerprint5D:F5:98:5E:1B:40:03:8F:56:30:F4:8B:69:D8:09:31:41:A8:A8:5B
ValidityThu, 25 May 2023 12:08:24 GMT - Wed, 23 Aug 2023 12:08:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Malware
GET /online/Sign%20in%20Scotiabank_files/7c428f63a00e5bd025fa159e8c94389f.svg HTTP/1.1
Host: ar-flux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ar-flux.com/online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216
Cookie: rowan=attkinson
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 May 2023 14:55:10 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ar-flux.com/online/assets/8fd30bd010d9e2c7677ec339685f958b.woff
162.241.69.148404 Not Found 315 B URL GET HTTP/1.1 ar-flux.com/online/assets/8fd30bd010d9e2c7677ec339685f958b.woff
IP 162.241.69.148:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://ar-flux.com/online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216
Certificate IssuerLet's Encrypt
Subjectwebdisk.ar-flux.com
Fingerprint5D:F5:98:5E:1B:40:03:8F:56:30:F4:8B:69:D8:09:31:41:A8:A8:5B
ValidityThu, 25 May 2023 12:08:24 GMT - Wed, 23 Aug 2023 12:08:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Malware
GET /online/assets/8fd30bd010d9e2c7677ec339685f958b.woff HTTP/1.1
Host: ar-flux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ar-flux.com/online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216
Cookie: rowan=attkinson
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 May 2023 14:55:10 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ar-flux.com/online/assets/50805f331bb1b697aafb6f0c28b09212.woff2
162.241.69.148404 Not Found 315 B URL GET HTTP/1.1 ar-flux.com/online/assets/50805f331bb1b697aafb6f0c28b09212.woff2
IP 162.241.69.148:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://ar-flux.com/online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216
Certificate IssuerLet's Encrypt
Subjectwebdisk.ar-flux.com
Fingerprint5D:F5:98:5E:1B:40:03:8F:56:30:F4:8B:69:D8:09:31:41:A8:A8:5B
ValidityThu, 25 May 2023 12:08:24 GMT - Wed, 23 Aug 2023 12:08:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Malware
GET /online/assets/50805f331bb1b697aafb6f0c28b09212.woff2 HTTP/1.1
Host: ar-flux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ar-flux.com/online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216
Cookie: rowan=attkinson
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 May 2023 14:55:10 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ar-flux.com/online/assets/00cecde981e3ef7491eba946f4b95fe0.woff
162.241.69.148404 Not Found 315 B URL GET HTTP/1.1 ar-flux.com/online/assets/00cecde981e3ef7491eba946f4b95fe0.woff
IP 162.241.69.148:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://ar-flux.com/online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216
Certificate IssuerLet's Encrypt
Subjectwebdisk.ar-flux.com
Fingerprint5D:F5:98:5E:1B:40:03:8F:56:30:F4:8B:69:D8:09:31:41:A8:A8:5B
ValidityThu, 25 May 2023 12:08:24 GMT - Wed, 23 Aug 2023 12:08:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Malware
GET /online/assets/00cecde981e3ef7491eba946f4b95fe0.woff HTTP/1.1
Host: ar-flux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ar-flux.com/online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216
Cookie: rowan=attkinson
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 May 2023 14:55:11 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ar-flux.com/online/assets/15243e297f5364bd59f4088a864abbf7.woff
162.241.69.148404 Not Found 315 B URL GET HTTP/1.1 ar-flux.com/online/assets/15243e297f5364bd59f4088a864abbf7.woff
IP 162.241.69.148:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://ar-flux.com/online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216
Certificate IssuerLet's Encrypt
Subjectwebdisk.ar-flux.com
Fingerprint5D:F5:98:5E:1B:40:03:8F:56:30:F4:8B:69:D8:09:31:41:A8:A8:5B
ValidityThu, 25 May 2023 12:08:24 GMT - Wed, 23 Aug 2023 12:08:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Malware
GET /online/assets/15243e297f5364bd59f4088a864abbf7.woff HTTP/1.1
Host: ar-flux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ar-flux.com/online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216
Cookie: rowan=attkinson
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 May 2023 14:55:11 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ar-flux.com/online/assets/8424a042624210828b0fbe7a8c533b2a.woff2
162.241.69.148404 Not Found 315 B URL GET HTTP/1.1 ar-flux.com/online/assets/8424a042624210828b0fbe7a8c533b2a.woff2
IP 162.241.69.148:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://ar-flux.com/online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216
Certificate IssuerLet's Encrypt
Subjectwebdisk.ar-flux.com
Fingerprint5D:F5:98:5E:1B:40:03:8F:56:30:F4:8B:69:D8:09:31:41:A8:A8:5B
ValidityThu, 25 May 2023 12:08:24 GMT - Wed, 23 Aug 2023 12:08:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Malware
GET /online/assets/8424a042624210828b0fbe7a8c533b2a.woff2 HTTP/1.1
Host: ar-flux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ar-flux.com/online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216
Cookie: rowan=attkinson
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 May 2023 14:55:11 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ar-flux.com/online/assets/1e98970fd9c76545bbf1e1a377f4f3c2.woff2
162.241.69.148404 Not Found 315 B URL GET HTTP/1.1 ar-flux.com/online/assets/1e98970fd9c76545bbf1e1a377f4f3c2.woff2
IP 162.241.69.148:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://ar-flux.com/online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216
Certificate IssuerLet's Encrypt
Subjectwebdisk.ar-flux.com
Fingerprint5D:F5:98:5E:1B:40:03:8F:56:30:F4:8B:69:D8:09:31:41:A8:A8:5B
ValidityThu, 25 May 2023 12:08:24 GMT - Wed, 23 Aug 2023 12:08:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Malware
GET /online/assets/1e98970fd9c76545bbf1e1a377f4f3c2.woff2 HTTP/1.1
Host: ar-flux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ar-flux.com/online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216
Cookie: rowan=attkinson
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 May 2023 14:55:11 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ar-flux.com/online/assets/64a8523319c68ca5e492309a68af4a9e.woff2
162.241.69.148404 Not Found 315 B URL GET HTTP/1.1 ar-flux.com/online/assets/64a8523319c68ca5e492309a68af4a9e.woff2
IP 162.241.69.148:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://ar-flux.com/online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216
Certificate IssuerLet's Encrypt
Subjectwebdisk.ar-flux.com
Fingerprint5D:F5:98:5E:1B:40:03:8F:56:30:F4:8B:69:D8:09:31:41:A8:A8:5B
ValidityThu, 25 May 2023 12:08:24 GMT - Wed, 23 Aug 2023 12:08:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Malware
GET /online/assets/64a8523319c68ca5e492309a68af4a9e.woff2 HTTP/1.1
Host: ar-flux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ar-flux.com/online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216
Cookie: rowan=attkinson
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 May 2023 14:55:11 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ar-flux.com/online/assets/3ca6c3facf3966b88b55118f7821ee72.woff2
162.241.69.148404 Not Found 315 B URL GET HTTP/1.1 ar-flux.com/online/assets/3ca6c3facf3966b88b55118f7821ee72.woff2
IP 162.241.69.148:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://ar-flux.com/online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216
Certificate IssuerLet's Encrypt
Subjectwebdisk.ar-flux.com
Fingerprint5D:F5:98:5E:1B:40:03:8F:56:30:F4:8B:69:D8:09:31:41:A8:A8:5B
ValidityThu, 25 May 2023 12:08:24 GMT - Wed, 23 Aug 2023 12:08:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Malware
GET /online/assets/3ca6c3facf3966b88b55118f7821ee72.woff2 HTTP/1.1
Host: ar-flux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ar-flux.com/online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216
Cookie: rowan=attkinson
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 May 2023 14:55:11 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ar-flux.com/online/assets/0a9f36f23c26fbad0827f0a8ec86c908.woff
162.241.69.148404 Not Found 315 B URL GET HTTP/1.1 ar-flux.com/online/assets/0a9f36f23c26fbad0827f0a8ec86c908.woff
IP 162.241.69.148:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://ar-flux.com/online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216
Certificate IssuerLet's Encrypt
Subjectwebdisk.ar-flux.com
Fingerprint5D:F5:98:5E:1B:40:03:8F:56:30:F4:8B:69:D8:09:31:41:A8:A8:5B
ValidityThu, 25 May 2023 12:08:24 GMT - Wed, 23 Aug 2023 12:08:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Malware
GET /online/assets/0a9f36f23c26fbad0827f0a8ec86c908.woff HTTP/1.1
Host: ar-flux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ar-flux.com/online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216
Cookie: rowan=attkinson
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 May 2023 14:55:11 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ar-flux.com/online/assets/7e2a698e9980c7ba52f69a2717e97b86.woff
162.241.69.148404 Not Found 315 B URL GET HTTP/1.1 ar-flux.com/online/assets/7e2a698e9980c7ba52f69a2717e97b86.woff
IP 162.241.69.148:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://ar-flux.com/online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216
Certificate IssuerLet's Encrypt
Subjectwebdisk.ar-flux.com
Fingerprint5D:F5:98:5E:1B:40:03:8F:56:30:F4:8B:69:D8:09:31:41:A8:A8:5B
ValidityThu, 25 May 2023 12:08:24 GMT - Wed, 23 Aug 2023 12:08:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Malware
GET /online/assets/7e2a698e9980c7ba52f69a2717e97b86.woff HTTP/1.1
Host: ar-flux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ar-flux.com/online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216
Cookie: rowan=attkinson
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 May 2023 14:55:11 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ar-flux.com/online/assets/811a29d581fc684aa63616499cad4782.ttf
162.241.69.148404 Not Found 315 B URL GET HTTP/1.1 ar-flux.com/online/assets/811a29d581fc684aa63616499cad4782.ttf
IP 162.241.69.148:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://ar-flux.com/online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216
Certificate IssuerLet's Encrypt
Subjectwebdisk.ar-flux.com
Fingerprint5D:F5:98:5E:1B:40:03:8F:56:30:F4:8B:69:D8:09:31:41:A8:A8:5B
ValidityThu, 25 May 2023 12:08:24 GMT - Wed, 23 Aug 2023 12:08:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Malware
GET /online/assets/811a29d581fc684aa63616499cad4782.ttf HTTP/1.1
Host: ar-flux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ar-flux.com/online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216
Cookie: rowan=attkinson
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 May 2023 14:55:11 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ar-flux.com/online/assets/12b6c5fcbc2e61c7ba17f51cd9c2b8c0.ttf
162.241.69.148404 Not Found 315 B URL GET HTTP/1.1 ar-flux.com/online/assets/12b6c5fcbc2e61c7ba17f51cd9c2b8c0.ttf
IP 162.241.69.148:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://ar-flux.com/online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216
Certificate IssuerLet's Encrypt
Subjectwebdisk.ar-flux.com
Fingerprint5D:F5:98:5E:1B:40:03:8F:56:30:F4:8B:69:D8:09:31:41:A8:A8:5B
ValidityThu, 25 May 2023 12:08:24 GMT - Wed, 23 Aug 2023 12:08:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Malware
GET /online/assets/12b6c5fcbc2e61c7ba17f51cd9c2b8c0.ttf HTTP/1.1
Host: ar-flux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ar-flux.com/online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216
Cookie: rowan=attkinson
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 May 2023 14:55:11 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ar-flux.com/favicon.ico
162.241.69.148404 Not Found 315 B IP 162.241.69.148:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://ar-flux.com/online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216
Certificate IssuerLet's Encrypt
Subjectwebdisk.ar-flux.com
Fingerprint5D:F5:98:5E:1B:40:03:8F:56:30:F4:8B:69:D8:09:31:41:A8:A8:5B
ValidityThu, 25 May 2023 12:08:24 GMT - Wed, 23 Aug 2023 12:08:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /favicon.ico HTTP/1.1
Host: ar-flux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ar-flux.com/online/X0910976447c998e1.php?xex=&ca1a833cb3b334f37add068b1e63ef029c50f9b864d310791e0bbaae60c5d9453a8e0bf27bee94b9061607aed68415a905d834ac294df2514809ba8c75183cd6fc787fcf542e7e8255c8ed17d776150664daa719d2f2c244b216
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 May 2023 14:55:11 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1