Report - f005.backblazeb2.com/file/4Cia6-safe6-save500/GODRIVE-1.html

Report Overview

Visited public
2025-05-28 10:52:44
Tags
phishing suspicious
URL
f005.backblazeb2.com/file/4Cia6-safe6-save500/GODRIVE-1.html
Finishing URL
f005.backblazeb2.com/file/4Cia6-safe6-save500/GODRIVE-1.html
IP / ASN
149.137.136.16
#40401 BACKBLAZE
Title
Home - Google Drive
Phishing - Generic phishing
Suspicious - Suspicious Javascript code

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-05-21	446 B	20 kB	104.17.24.14
use.fontawesome.com	942	2012-10-18	2017-01-30	2025-05-21	2.3 kB	123 kB	172.67.142.245
code.jquery.com	634	2005-12-10	2012-05-21	2025-05-21	451 B	90 kB	151.101.194.137
f005.backblazeb2.com	unknown	2016-07-13	2022-12-19	2025-05-26	516 B	65 kB	149.137.136.16
i.imgur.com	5110	2009-01-09	2012-05-21	2025-05-22	850 B	174 kB	199.232.196.193
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2025-05-21	906 B	178 kB	104.18.11.207
upload.wikimedia.org	2215	2003-03-16	2012-05-21	2025-05-22	488 B	24 kB	185.15.59.240
www.freepnglogos.com	169270	2016-10-07	2017-02-09	2025-05-26	2.4 kB	1.3 MB	78.46.22.25

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (10)

	URL	From	Size	First Seen	Last Seen
	f005.backblazeb2.com/file/4Cia6-safe6-save500/GODRIVE-1.html	ScriptElement	1.4 kB	2025-05-28	2025-06-10
Pretty URL f005.backblazeb2.com/file/4Cia6-safe6-save500/GODRIVE-1.html IP 149.137.136.16 ASN #40401 BACKBLAZE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-28 10:52 Last Seen2025-06-10 17:33 Times Seen6 Hash 295a852cba50fdccc4554a0bd817c2f4 7d534b492a6f547880a82b1139588cc3aa188347 e60ac8414cfedd7b07022fdecae85a8d48db9603d50a318a5b8974160dd6058e Loading...

	f005.backblazeb2.com/file/4Cia6-safe6-save500/GODRIVE-1.html	ScriptElement	7.1 kB	2025-05-28	2025-06-09
Pretty URL f005.backblazeb2.com/file/4Cia6-safe6-save500/GODRIVE-1.html IP 149.137.136.16 ASN #40401 BACKBLAZE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-28 10:52 Last Seen2025-06-09 10:55 Times Seen5 Hash 6e47732c7dae958018a0f8d883ad1e25 1996ba211b1150248652ed316e0e9e4e26995e50 d2a3b6bbab8259f97be30178c5027da68aee61747814005ac6e30337d583d399 Loading...

	f005.backblazeb2.com/file/4Cia6-safe6-save500/GODRIVE-1.html	ScriptElement	64 kB	2025-05-28	2025-06-09
Pretty URL f005.backblazeb2.com/file/4Cia6-safe6-save500/GODRIVE-1.html IP 149.137.136.16 ASN #40401 BACKBLAZE Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-28 10:52 Last Seen2025-06-09 10:55 Times Seen5 Hash 093ac514e28344d3a1fdccee120425d2 ad1add60cc607aec35a94370b8542743f67748f2 c425339cd358df40f0293bd1ac94aadc81a010b1f60581b40088588553c9ddd8 Loading...

	f005.backblazeb2.com/file/4Cia6-safe6-save500/GODRIVE-1.html	ScriptElement	842 B	2025-05-28	2025-06-10
Pretty URL f005.backblazeb2.com/file/4Cia6-safe6-save500/GODRIVE-1.html IP 149.137.136.16 ASN #40401 BACKBLAZE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-28 10:52 Last Seen2025-06-10 17:33 Times Seen6 Hash 31571e86157d9ce74f6d14b864013360 341d1d90d9da17f6ccdd02e99e52f2279c918518 284e4736b5b3c91af287265f32d5a5a868e630fb695ee2730a885e9ca5ab700c Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.11.0/umd/popper.min.js	ScriptElement	19 kB	2023-03-07	2025-06-10
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.11.0/umd/popper.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09 Last Seen2025-06-10 17:33 Times Seen1129 Hash 6383a57baa1479e8490a42f4184b7f0b a7e89fa1896ec8afca2a442b792c9aa29e5823dd 5292e677fe712c80863414e9e73f3678d86d409f751392b6803b70a949fc1017 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/js/bootstrap.min.js	ScriptElement	51 kB	2023-03-07	2025-06-12
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-06-12 06:40 Times Seen1050 Hash baaadea4492b059f284187d75af46063 7326bf5e023f871afcf6ebb18cb89109f81a7708 0e25895d7caaf355a53d19c37c69a06198f668e5422b211d27597ed93983b80b Loading...

	code.jquery.com/jquery-3.6.1.min.js	ScriptElement	90 kB	2023-03-07	2025-06-12
Pretty URL code.jquery.com/jquery-3.6.1.min.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-06-12 11:30 Times Seen14954 Hash 00727d1d5d9c90f7de826f1a4a9cc632 ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2 a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74 Loading...

	use.fontawesome.com/webfontloader/1.6.24/webfontloader.js	ScriptElement	12 kB	2023-03-07	2025-06-12
Pretty URL use.fontawesome.com/webfontloader/1.6.24/webfontloader.js IP 172.67.142.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-12 08:31 Times Seen299 Hash 9064ce12d2c81f68123c93bc1a8b0cad 44a3a4a8cbd7a3a77d4a7314d9d2b9d28a3fb56a 2711b037e078e306e59765e9fc22d9f86867eb26af8c6af72d864a1c52bed8ac Loading...

	use.fontawesome.com/b9bdbd120a.js	ScriptElement	4.1 kB	2024-02-11	2025-06-10
Pretty URL use.fontawesome.com/b9bdbd120a.js IP 172.67.142.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-11 15:34 Last Seen2025-06-10 17:33 Times Seen55 Hash 558bbef9104a54e69bba4d58b0535f5d f57981452c0a6e0936508d1f5b5988f50f32603e 1693f38122d60b07323f33e1cb24e3488d291eefbce95f1d144efadcb512b4b1 Loading...

		Size	First Seen	Last Seen
	#1 Write - 77264a4c2f3c91a5f9468f7732b1af06	22 kB	2025-05-28 10:52	2025-06-09 10:55
Pretty Observations First Seen2025-05-28 10:52 Last Seen2025-06-09 10:55 Times Seen5 Hash 77264a4c2f3c91a5f9468f7732b1af06 0691b57f37038c66e1f1eed9907cb6b1e324540b 6e3d35bcb6918c4be8bcb495527c268f856d37c9f7678f08a30e21bdf6ee68cf Loading...

HTTP Transactions (18)

URL IP Response Size

maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/css/bootstrap.min.css

104.18.11.207

200 OK

125 kB

URL GET
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/css/bootstrap.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://f005.backblazeb2.com/file/4Cia6-safe6-save500/GODRIVE-1.html
Certificate
IssuerGoogle Trust Services
Subjectbootstrapcdn.com
Fingerprint73:3E:54:5A:E7:0A:B5:3C:11:79:4A:9F:FE:64:7B:38:B7:15:03:C0
ValidityWed, 14 May 2025 02:01:13 GMT - Tue, 12 Aug 2025 03:00:50 GMT

File type
ASCII text, with very long lines (65320)
Size
125 kB (124962 bytes)
Hash
3ffbab350748e841d3768b5d1ca48933
262e04cab3c1a51024d4f3960c72ebd3968476a7
9bf87f7140c085febf881462c536ee73cf9183670811342d3dc1fd0f7a762a0d

HTTP Headers

GET /bootstrap/4.0.0-beta/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f005.backblazeb2.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 28 May 2025 10:52:23 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"3ffbab350748e841d3768b5d1ca48933"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 09/18/2024 12:42:12
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 755
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: 2000f0e64040871a543c2e285ba2c130
cdn-cache: HIT
cf-cache-status: HIT
age: 18520686
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 946d33c79b655690-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

upload.wikimedia.org/wikipedia/commons/thumb/b/b6/AOL_logo.svg/1599px-AOL_logo.svg.png

185.15.59.240

200 OK

22 kB

URL GET
upload.wikimedia.org/wikipedia/commons/thumb/b/b6/AOL_logo.svg/1599px-AOL_logo.svg.png
IP
185.15.59.240:443
ASN
#14907 WIKIMEDIA

Requested by
https://f005.backblazeb2.com/file/4Cia6-safe6-save500/GODRIVE-1.html
Certificate
IssuerDigiCert Inc
Subject*.wikipedia.org
Fingerprint0B:3A:AB:D4:5E:55:A4:08:2B:F7:C1:DA:63:37:75:F1:EB:04:6E:A5
ValidityThu, 26 Sep 2024 00:00:00 GMT - Fri, 17 Oct 2025 23:59:59 GMT

File type
PNG image data, 1599 x 640, 8-bit gray+alpha, non-interlaced
Size
22 kB (22531 bytes)
Hash
83fa484e18358506167a9bb624702cb1
7873ac3edd6eed3fc69141b04212b7687a822f78
eb8487a513bc473ada8e9a2876531d18d81108d0982a81c1476484094c3a6aa6

HTTP Headers

GET /wikipedia/commons/thumb/b/b6/AOL_logo.svg/1599px-AOL_logo.svg.png HTTP/1.1
Host: upload.wikimedia.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f005.backblazeb2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-disposition: inline;filename*=UTF-8''AOL_logo.svg.png
last-modified: Tue, 11 Jul 2023 15:23:30 GMT
content-length: 22531
date: Tue, 27 May 2025 12:48:54 GMT
server: envoy
etag: 83fa484e18358506167a9bb624702cb1
age: 79409
accept-ranges: bytes
x-cache: cp3078 hit, cp3078 hit/1
x-cache-status: hit-front
server-timing: cache;desc="hit-front", host;desc="cp3078"
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
x-client-ip: 91.90.42.154
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
timing-allow-origin: *
X-Firefox-Spdy: h2

www.freepnglogos.com/uploads/yahoo-logo-png/yahoo-logo-png-free-download-3.png

78.46.22.25

200 OK

120 kB

URL GET
www.freepnglogos.com/uploads/yahoo-logo-png/yahoo-logo-png-free-download-3.png
IP
78.46.22.25:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://f005.backblazeb2.com/file/4Cia6-safe6-save500/GODRIVE-1.html
Certificate
IssuerLet's Encrypt
Subjectfreepnglogos.com
Fingerprint72:6C:8D:0F:16:AB:31:A9:F8:CE:8D:D6:18:1F:B6:EE:C6:13:BE:8A
ValidityThu, 08 May 2025 23:47:03 GMT - Wed, 06 Aug 2025 23:47:02 GMT

File type
PNG image data, 4096 x 1136, 8-bit/color RGBA, non-interlaced
Size
120 kB (120353 bytes)
Hash
25a5998a5e04b4568bd0b1c2d368e407
1dc9ef540ee4137c956beb8f770176ea3e1b0489
5dceec0355eda7880dead5e13d22d394b8a1e79101a93bf96447557997d93e86

HTTP Headers

GET /uploads/yahoo-logo-png/yahoo-logo-png-free-download-3.png HTTP/1.1
Host: www.freepnglogos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f005.backblazeb2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 28 May 2025 10:52:23 GMT
content-type: image/png
content-length: 120353
last-modified: Sat, 20 Aug 2022 14:09:51 GMT
etag: "6300eb2f-1d621"
cache-control: no-cache, must-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/popper.js/1.11.0/umd/popper.min.js

104.17.24.14

200 OK

19 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/popper.js/1.11.0/umd/popper.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://f005.backblazeb2.com/file/4Cia6-safe6-save500/GODRIVE-1.html
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT

File type
JavaScript source, ASCII text, with very long lines (18860)
Size
19 kB (19033 bytes)
Hash
6383a57baa1479e8490a42f4184b7f0b
a7e89fa1896ec8afca2a442b792c9aa29e5823dd
5292e677fe712c80863414e9e73f3678d86d409f751392b6803b70a949fc1017

HTTP Headers

GET /ajax/libs/popper.js/1.11.0/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f005.backblazeb2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 28 May 2025 10:52:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 6098
server: cloudflare
strict-transport-security: max-age=15780000
cf-ray: 946d33c83d1e569b-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4a59"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 655762
expires: Mon, 18 May 2026 10:52:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mK3RN1lAeojfvz9uWysRnMYqTLvUecwDIz2Afigq3MVRyk7YP6gQcyDbdoV65bhpGMuKvSbWQUWqZfm9%2FLmYqiEp29FtA0IMXplphEVk0ZjjhdqcQGXzbg0aQGp5ryYGXAFm8IR%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/webfontloader/1.6.24/webfontloader.js

172.67.142.245

200 OK

12 kB

URL GET
use.fontawesome.com/webfontloader/1.6.24/webfontloader.js
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://f005.backblazeb2.com/file/4Cia6-safe6-save500/GODRIVE-1.html
Certificate
IssuerGoogle Trust Services
Subjectuse.fontawesome.com
Fingerprint2F:A0:71:2B:C1:50:E8:B9:6E:F6:46:C3:85:EA:4E:30:ED:94:CB:C6
ValiditySun, 04 May 2025 00:52:35 GMT - Sat, 02 Aug 2025 01:52:29 GMT

File type
JavaScript source, ASCII text, with very long lines (2134)
Size
12 kB (12493 bytes)
Hash
9064ce12d2c81f68123c93bc1a8b0cad
44a3a4a8cbd7a3a77d4a7314d9d2b9d28a3fb56a
2711b037e078e306e59765e9fc22d9f86867eb26af8c6af72d864a1c52bed8ac

HTTP Headers

GET /webfontloader/1.6.24/webfontloader.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f005.backblazeb2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 28 May 2025 10:52:24 GMT
content-type: application/x-javascript
cache-control: max-age=31556926
etag: W/"9064ce12d2c81f68123c93bc1a8b0cad"
last-modified: Fri, 22 Sep 2023 01:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 658
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S1dfCGdTlhl9Lv1XiUVK5Tj94ZGl%2BcR5BEq%2BNcP0dV5wE8ouqXKfwHM97esihbWaGo8DFfaorvBVDSYHRfPba1VUYMRasgnkcLbImX6Z1ti%2Ftit4pGJwApLFgZTemrk9y55ZHjwA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 946d33cbf9470b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1393&min_rtt=472&rtt_var=1396&sent=12&recv=13&lost=0&retrans=0&sent_bytes=5751&recv_bytes=1290&delivery_rate=7350253&cwnd=254&unsent_bytes=0&cid=3b24379ce2d671dc&ts=655&x=0"
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v4.6.3/css/font-awesome-css.min.css

172.67.142.245

200 OK

28 kB

URL GET
use.fontawesome.com/releases/v4.6.3/css/font-awesome-css.min.css
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://f005.backblazeb2.com/file/4Cia6-safe6-save500/GODRIVE-1.html
Certificate
IssuerGoogle Trust Services
Subjectuse.fontawesome.com
Fingerprint2F:A0:71:2B:C1:50:E8:B9:6E:F6:46:C3:85:EA:4E:30:ED:94:CB:C6
ValiditySun, 04 May 2025 00:52:35 GMT - Sat, 02 Aug 2025 01:52:29 GMT

File type
ASCII text, with very long lines (28406)
Size
28 kB (28407 bytes)
Hash
7937bc10f6c59ceed1ff6e6bbebfcd8d
adf86f47a86f71433f20b2e64186189bed1cc901
61f7de13520a14ec37ba246b4846f5850ab87ffbc0d5b366709509c1d97d83b5

HTTP Headers

GET /releases/v4.6.3/css/font-awesome-css.min.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/b9bdbd120a.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 28 May 2025 10:52:24 GMT
content-type: text/css
cache-control: max-age=31556926
etag: W/"7937bc10f6c59ceed1ff6e6bbebfcd8d"
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1762257
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V2iDuup7K9ggHIyQun9IsB54XU64IGYg4T%2BAWMST47D4RwlQgIrX61o8SmLW7S3T4g%2Fa7j7eFNULcXM4%2FzVJSSPQnTphhduq7hDDWTFbdm0A3PbbUU%2FCczS0KvEY5lx5o%2BGSpvrx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 946d33ccda740b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2072&min_rtt=472&rtt_var=2231&sent=23&recv=17&lost=0&retrans=1&sent_bytes=12395&recv_bytes=1529&delivery_rate=7350253&cwnd=254&unsent_bytes=0&cid=3b24379ce2d671dc&ts=794&x=0"
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v4.6.3/fonts/fontawesome-webfont.woff2

172.67.142.245

200 OK

72 kB

URL GET
use.fontawesome.com/releases/v4.6.3/fonts/fontawesome-webfont.woff2
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://f005.backblazeb2.com/file/4Cia6-safe6-save500/GODRIVE-1.html
Certificate
IssuerGoogle Trust Services
Subjectuse.fontawesome.com
Fingerprint2F:A0:71:2B:C1:50:E8:B9:6E:F6:46:C3:85:EA:4E:30:ED:94:CB:C6
ValiditySun, 04 May 2025 00:52:35 GMT - Sat, 02 Aug 2025 01:52:29 GMT

File type
Web Open Font Format (Version 2), TrueType, length 71896, version 4.393
Size
72 kB (71896 bytes)
Hash
e6cf7c6ec7c2d6f670ae9d762604cb0b
97e438cc545714309882fbceadbf344fcaddcec5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

HTTP Headers

GET /releases/v4.6.3/fonts/fontawesome-webfont.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://f005.backblazeb2.com
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 28 May 2025 10:52:24 GMT
content-type: application/octet-stream
content-length: 71896
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "e6cf7c6ec7c2d6f670ae9d762604cb0b"
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kXxZc69jzFUbaCn3XNi7DRnJsa%2B7E46JmMOju73pB%2FwZ9470vKX50HTU05wnUVGlXMb%2BZtE%2F9vE8pP0LVEnaKE8bt5M7xfks57V%2BWTXN%2FgXdPXWWEunvVSwcK%2Ffku%2FawpSFWC7Zk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 946d33cd7b520b3d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1278&min_rtt=472&rtt_var=1176&sent=30&recv=24&lost=0&retrans=1&sent_bytes=19400&recv_bytes=1748&delivery_rate=11756427&cwnd=254&unsent_bytes=0&cid=3b24379ce2d671dc&ts=1034&x=0"
X-Firefox-Spdy: h2

www.freepnglogos.com/uploads/email-png/email-logo-communications-brands-and-logotypes-gmail-14.png

78.46.22.25

200 OK

9.4 kB

URL GET
www.freepnglogos.com/uploads/email-png/email-logo-communications-brands-and-logotypes-gmail-14.png
IP
78.46.22.25:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://f005.backblazeb2.com/file/4Cia6-safe6-save500/GODRIVE-1.html
Certificate
IssuerLet's Encrypt
Subjectfreepnglogos.com
Fingerprint72:6C:8D:0F:16:AB:31:A9:F8:CE:8D:D6:18:1F:B6:EE:C6:13:BE:8A
ValidityThu, 08 May 2025 23:47:03 GMT - Wed, 06 Aug 2025 23:47:02 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
9.4 kB (9411 bytes)
Hash
da148fcb4dcb742ea37c0ea275d30702
e1a4503e5eadd4d41b01e1d3fc68f18686d48e97
fe6d250313c5f2dcde8d9e5c53d4328f5d9c2c2618c830ad2aa8f44b07f38dcd

HTTP Headers

GET /uploads/email-png/email-logo-communications-brands-and-logotypes-gmail-14.png HTTP/1.1
Host: www.freepnglogos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f005.backblazeb2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 28 May 2025 10:52:23 GMT
content-type: image/png
content-length: 9411
last-modified: Sat, 20 Aug 2022 14:09:57 GMT
etag: "6300eb35-24c3"
cache-control: no-cache, must-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.6.1.min.js

151.101.194.137

200 OK

90 kB

URL GET
code.jquery.com/jquery-3.6.1.min.js
IP
151.101.194.137:443
ASN
#54113 FASTLY

Requested by
https://f005.backblazeb2.com/file/4Cia6-safe6-save500/GODRIVE-1.html
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
90 kB (89664 bytes)
Hash
00727d1d5d9c90f7de826f1a4a9cc632
ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

HTTP Headers

GET /jquery-3.6.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://f005.backblazeb2.com
DNT: 1
Connection: keep-alive
Referer: https://f005.backblazeb2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15e40"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 28 May 2025 10:52:23 GMT
age: 4938930
x-served-by: cache-lga13629-LGA, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 20, 135082
x-timer: S1748429544.797391,VS0,VE0
vary: Accept-Encoding
content-length: 30957
X-Firefox-Spdy: h2

f005.backblazeb2.com/file/4Cia6-safe6-save500/GODRIVE-1.html

149.137.136.16

200

65 kB

URL User Request GET
f005.backblazeb2.com/file/4Cia6-safe6-save500/GODRIVE-1.html
IP
149.137.136.16:443
ASN
#40401 BACKBLAZE

Certificate
IssuerLet's Encrypt
Subjectbackblazeb2.com
Fingerprint19:65:F5:B8:62:20:17:E9:B3:BB:B7:EA:E9:DF:0F:88:FC:93:1C:F5
ValidityTue, 13 May 2025 03:04:10 GMT - Mon, 11 Aug 2025 03:04:09 GMT

File type
HTML document, ASCII text, with very long lines (64577), with CRLF line terminators
Size
65 kB (64579 bytes)
Hash
6e98cc8905f4e01e5b281b21d451e1e1
af1ad921e68af60f47a5a874ffb872f0c5f14562
5409fb30e83ec5d30e3eb5c695b7cf55b339bacf04683d8beb97f69ff14edc07

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Suspicious Javascript code

HTTP Headers

GET /file/4Cia6-safe6-save500/GODRIVE-1.html HTTP/1.1
Host: f005.backblazeb2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx
Date: Wed, 28 May 2025 10:52:23 GMT
Content-Type: text/html
Content-Length: 64579
Connection: keep-alive
x-bz-file-name: GODRIVE-1.html
x-bz-file-id: 4_zfcf75c7545cb12139f7a0f1c_f1195d473109408bb_d20250527_m103207_c005_v0501019_t0004_u01748341927383
x-bz-content-sha1: af1ad921e68af60f47a5a874ffb872f0c5f14562
X-Bz-Upload-Timestamp: 1748341927383
Accept-Ranges: bytes
x-bz-info-src_last_modified_millis: 1748337054736
X-Bz-Server-Side-Encryption: AES256
X-Bz-Client-Unauthorized-To-Read: X-Bz-File-Retention-Mode,X-Bz-File-Retention-Retain-Until-Timestamp,X-Bz-File-Legal-Hold
Strict-Transport-Security: max-age=63072000

www.freepnglogos.com/uploads/microsoft-office-png-logo/microsoft-office-2013-symbol-logo-png-6.png

78.46.22.25

200 OK

12 kB

URL GET
www.freepnglogos.com/uploads/microsoft-office-png-logo/microsoft-office-2013-symbol-logo-png-6.png
IP
78.46.22.25:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://f005.backblazeb2.com/file/4Cia6-safe6-save500/GODRIVE-1.html
Certificate
IssuerLet's Encrypt
Subjectfreepnglogos.com
Fingerprint72:6C:8D:0F:16:AB:31:A9:F8:CE:8D:D6:18:1F:B6:EE:C6:13:BE:8A
ValidityThu, 08 May 2025 23:47:03 GMT - Wed, 06 Aug 2025 23:47:02 GMT

File type
PNG image data, 648 x 768, 8-bit/color RGBA, non-interlaced
Size
12 kB (12501 bytes)
Hash
9c57efae5855e24b41a221154543ede0
79d97ce5c00c1c6e0ae68782fea73f9d9892db3a
1b0e467247b9dab100ff77807af502e4277f72f721241c3f5b2eb483971aa9fa

HTTP Headers

GET /uploads/microsoft-office-png-logo/microsoft-office-2013-symbol-logo-png-6.png HTTP/1.1
Host: www.freepnglogos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f005.backblazeb2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 28 May 2025 10:52:23 GMT
content-type: image/png
content-length: 12501
last-modified: Sat, 20 Aug 2022 14:09:56 GMT
etag: "6300eb34-30d5"
cache-control: no-cache, must-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/js/bootstrap.min.js

104.18.11.207

200 OK

51 kB

URL GET
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/js/bootstrap.min.js
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://f005.backblazeb2.com/file/4Cia6-safe6-save500/GODRIVE-1.html
Certificate
IssuerGoogle Trust Services
Subjectbootstrapcdn.com
Fingerprint73:3E:54:5A:E7:0A:B5:3C:11:79:4A:9F:FE:64:7B:38:B7:15:03:C0
ValidityWed, 14 May 2025 02:01:13 GMT - Tue, 12 Aug 2025 03:00:50 GMT

File type
JavaScript source, ASCII text, with very long lines (50904)
Size
51 kB (51143 bytes)
Hash
baaadea4492b059f284187d75af46063
7326bf5e023f871afcf6ebb18cb89109f81a7708
0e25895d7caaf355a53d19c37c69a06198f668e5422b211d27597ed93983b80b

HTTP Headers

GET /bootstrap/4.0.0-beta/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f005.backblazeb2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 28 May 2025 10:52:23 GMT
content-type: application/javascript; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"baaadea4492b059f284187d75af46063"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 03/18/2024 13:21:51
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 860
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 9aec9322278de9f86c3d62bc22a428d2
cdn-cache: HIT
cf-cache-status: HIT
age: 4169018
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 946d33c7bb915690-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i.imgur.com/yxIJESf.png

199.232.196.193

200 OK

171 kB

URL GET
i.imgur.com/yxIJESf.png
IP
199.232.196.193:443
ASN
#54113 FASTLY

Requested by
https://f005.backblazeb2.com/file/4Cia6-safe6-save500/GODRIVE-1.html
Certificate
IssuerSectigo Limited
Subject*.imgur.com
FingerprintE4:72:56:8F:0D:0E:0B:E1:47:1E:79:39:7A:0F:AB:05:30:AF:2A:2D
ValidityWed, 29 Jan 2025 00:00:00 GMT - Sat, 14 Feb 2026 23:59:59 GMT

File type
JPEG image data, baseline, precision 8, 1431x728, components 3
Size
171 kB (170976 bytes)
Hash
811815e74abf598f7a844ae7d405f74f
a8d77fb033cce84098c7e499edf3b04f0aeb1d01
4b11af0079b5590ac32f2e75e48fc68c5ad638af1136c6772e5a8deacd556a23

HTTP Headers

GET /yxIJESf.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f005.backblazeb2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
last-modified: Wed, 21 May 2025 14:19:40 GMT
etag: "811815e74abf598f7a844ae7d405f74f"
x-amz-server-side-encryption: AES256
x-amz-cf-pop: IAD89-P1
x-amz-cf-id: 5sFwhXfwPEiod_QZhK9_TVIsy5VmfqJ55EQbAuRD3cuXbLVMXnSVlA==
cache-control: public, max-age=31536000
accept-ranges: bytes
age: 67040
date: Wed, 28 May 2025 10:52:24 GMT
x-served-by: cache-iad-kiad7000179-IAD, cache-hel1410024-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 42, 0
x-timer: S1748429544.348385,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 170976
X-Firefox-Spdy: h2

i.imgur.com/L4bS67Y.png

199.232.196.193

200 OK

1.1 kB

URL GET
i.imgur.com/L4bS67Y.png
IP
199.232.196.193:443
ASN
#54113 FASTLY

Requested by
https://f005.backblazeb2.com/file/4Cia6-safe6-save500/GODRIVE-1.html
Certificate
IssuerSectigo Limited
Subject*.imgur.com
FingerprintE4:72:56:8F:0D:0E:0B:E1:47:1E:79:39:7A:0F:AB:05:30:AF:2A:2D
ValidityWed, 29 Jan 2025 00:00:00 GMT - Sat, 14 Feb 2026 23:59:59 GMT

File type
PNG image data, 39 x 43, 8-bit/color RGB, non-interlaced
Size
1.1 kB (1096 bytes)
Hash
6a6a39643c19ef2082e88881b6c2e284
b8c4e2df53e2bd8cb4bd2503439efa872ba3e02b
21510911241d25cb870540facb9cc2ef67c73b0ed03dfd559945565334f0672c

HTTP Headers

GET /L4bS67Y.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f005.backblazeb2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
last-modified: Tue, 13 May 2025 18:05:16 GMT
etag: "6a6a39643c19ef2082e88881b6c2e284"
x-amz-server-side-encryption: AES256
x-amz-cf-pop: IAD89-P1
x-amz-cf-id: 2kYRMpWvy8zXqde9XUV0DvTlGsdfic8tDwU7kC0uCwZ4PU49ERegfg==
cache-control: public, max-age=31536000
accept-ranges: bytes
age: 1269967
date: Wed, 28 May 2025 10:52:24 GMT
x-served-by: cache-iad-kjyo7100140-IAD, cache-hel1410024-HEL
x-cache: Miss from cloudfront, HIT, MISS
x-cache-hits: 657, 0
x-timer: S1748429545.515678,VS0,VE98
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 1096
X-Firefox-Spdy: h2

www.freepnglogos.com/uploads/logo-outlook/transparent-outlook-icon-2.png

78.46.22.25

200 OK

84 kB

URL GET
www.freepnglogos.com/uploads/logo-outlook/transparent-outlook-icon-2.png
IP
78.46.22.25:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://f005.backblazeb2.com/file/4Cia6-safe6-save500/GODRIVE-1.html
Certificate
IssuerLet's Encrypt
Subjectfreepnglogos.com
Fingerprint72:6C:8D:0F:16:AB:31:A9:F8:CE:8D:D6:18:1F:B6:EE:C6:13:BE:8A
ValidityThu, 08 May 2025 23:47:03 GMT - Wed, 06 Aug 2025 23:47:02 GMT

File type
PNG image data, 2000 x 2000, 8-bit/color RGBA, non-interlaced
Size
84 kB (83981 bytes)
Hash
928023ff3989615feaa18362854f1afc
c1e9793a419523b74840195484069a7e1b38090a
7ea09b560f4ee78eef3bd17346ad544176f524866ebc3d4a954f554afa50d149

HTTP Headers

GET /uploads/logo-outlook/transparent-outlook-icon-2.png HTTP/1.1
Host: www.freepnglogos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f005.backblazeb2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 28 May 2025 10:52:23 GMT
content-type: image/png
content-length: 83981
last-modified: Sat, 20 Aug 2022 14:09:53 GMT
etag: "6300eb31-1480d"
cache-control: no-cache, must-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2

www.freepnglogos.com/uploads/email-logo-png-33.png

78.46.22.25

200 OK

1.1 MB

URL GET
www.freepnglogos.com/uploads/email-logo-png-33.png
IP
78.46.22.25:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://f005.backblazeb2.com/file/4Cia6-safe6-save500/GODRIVE-1.html
Certificate
IssuerLet's Encrypt
Subjectfreepnglogos.com
Fingerprint72:6C:8D:0F:16:AB:31:A9:F8:CE:8D:D6:18:1F:B6:EE:C6:13:BE:8A
ValidityThu, 08 May 2025 23:47:03 GMT - Wed, 06 Aug 2025 23:47:02 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
1.1 MB (1052037 bytes)
Hash
63c347a66c49b133c0efeb067f18f026
6a1d7a451425890e397efd210bdef2458edad533
d9a3473ec58a884a38a3356602b33d053692a1e821a3f14b5b6e27d97d575ff7

HTTP Headers

GET /uploads/email-logo-png-33.png HTTP/1.1
Host: www.freepnglogos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f005.backblazeb2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 28 May 2025 10:52:23 GMT
content-type: image/png
content-length: 1052037
last-modified: Sat, 20 Aug 2022 14:09:47 GMT
etag: "6300eb2b-100d85"
cache-control: no-cache, must-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2

use.fontawesome.com/b9bdbd120a.css

172.67.142.245

200 OK

1.0 kB

URL GET
use.fontawesome.com/b9bdbd120a.css
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://f005.backblazeb2.com/file/4Cia6-safe6-save500/GODRIVE-1.html
Certificate
IssuerGoogle Trust Services
Subjectuse.fontawesome.com
Fingerprint2F:A0:71:2B:C1:50:E8:B9:6E:F6:46:C3:85:EA:4E:30:ED:94:CB:C6
ValiditySun, 04 May 2025 00:52:35 GMT - Sat, 02 Aug 2025 01:52:29 GMT

File type
ASCII text
Size
1.0 kB (1033 bytes)
Hash
6935c7bbafe5de4ba1ef4cf6ef1e9f53
323952f25693b7594ca7507564f69e4fb5cc98ca
129576009d7636639b5d851ad8b7456b31d9082a015f6dbf606345e54f6a3de7

HTTP Headers

GET /b9bdbd120a.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f005.backblazeb2.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 28 May 2025 10:52:24 GMT
content-type: text/css
etag: W/"6935c7bbafe5de4ba1ef4cf6ef1e9f53"
last-modified: Fri, 22 Sep 2023 01:18:20 GMT
vary: Accept-Encoding
age: 1712
cache-control: max-age=1800
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cFCb0EVtLiZz2eF80ED4kwlYSyhqRZVZQla%2BiPGJpFM%2FmOrgS8lK6%2Fy1scpaP6r0zAIG0ahSfENRlRVvUGvv%2Bu324fPtZ2WEYjx81MpdHnzRKptbwsBLJfxLeWVNjUscHKI%2FYRMK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 946d33cc39a60b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1368&min_rtt=472&rtt_var=1097&sent=18&recv=15&lost=0&retrans=0&sent_bytes=11444&recv_bytes=1389&delivery_rate=7350253&cwnd=254&unsent_bytes=0&cid=3b24379ce2d671dc&ts=702&x=0"
X-Firefox-Spdy: h2

use.fontawesome.com/b9bdbd120a.js

172.67.142.245

200 OK

4.1 kB

URL GET
use.fontawesome.com/b9bdbd120a.js
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://f005.backblazeb2.com/file/4Cia6-safe6-save500/GODRIVE-1.html
Certificate
IssuerGoogle Trust Services
Subjectuse.fontawesome.com
Fingerprint2F:A0:71:2B:C1:50:E8:B9:6E:F6:46:C3:85:EA:4E:30:ED:94:CB:C6
ValiditySun, 04 May 2025 00:52:35 GMT - Sat, 02 Aug 2025 01:52:29 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (3792)
Size
4.1 kB (4124 bytes)
Hash
db26306464ae227fbe50207468bde9b3
517718e85a76389d7c2ab404e1ba1af0e2342cd3
b93b2b024ebbc8c8f487379630930459ae2af60a0293ba14691f74385477ac1d

HTTP Headers

GET /b9bdbd120a.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f005.backblazeb2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 28 May 2025 10:52:23 GMT
content-type: text/javascript
etag: W/"db26306464ae227fbe50207468bde9b3"
last-modified: Fri, 22 Sep 2023 01:18:20 GMT
vary: Accept-Encoding
age: 1712
cache-control: max-age=1800
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BU8B33UmRfX6dU16945yKbBDkj4qL6bGT9Sn7gvAp7godVsWempyJ03WYcliC7R3hcRnZEgwmCFYvI1vAPUK2EfvK9aAJoOKRHpGkjR6aKVogFG7n08McGM0jmMuOd48v30ioTqY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 946d33c8ac9a0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1336&min_rtt=472&rtt_var=1712&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3273&recv_bytes=1197&delivery_rate=7350253&cwnd=254&unsent_bytes=0&cid=3b24379ce2d671dc&ts=132&x=0"
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (18)

URL GET

IP