Report - www.macfiles.org/category/adobe/adobe-illustrator/

Report Overview

Submitted URL
www.macfiles.org/category/adobe/adobe-illustrator/
IP
104.21.73.82
ASN
#13335 CLOUDFLARENET
Submitted
2024-03-28 21:52:16
Access
public
Website Title
Adobe Illustrator - Mac Torrents
Final URL
www.macfiles.org/category/adobe/adobe-illustrator/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
34

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
sp-ao.shortpixel.ai	17221	2018-07-14	2021-08-12	2024-03-26	3.8 kB	8.0 kB	194.242.11.186
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15	2024-03-25	2.8 kB	109 kB	172.64.160.4
cdn.barscreative1.com	25648	2021-09-08	2021-09-16	2024-03-25	492 B	1.9 kB	45.133.44.3
www.macfiles.org	unknown	unknown	No data	No data	7.7 kB	492 kB	104.21.73.82
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12	2024-03-26	1.4 kB	268 kB	45.133.44.9
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2024-03-28	458 B	30 kB	104.18.10.207
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-03-28	3.2 kB	123 kB	216.58.207.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-03-28	903 B	25 kB	142.250.74.74
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-03-28	338 B	942 B	143.204.53.97
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-03-28	938 B	722 B	18.196.50.62
ablecolony.com	unknown	2024-03-24	2024-03-24	2024-03-27	22 kB	40 kB	172.240.253.132
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04	2024-03-27	413 B	86 kB	188.114.96.1
accidentallyrussian.com	unknown	2023-02-24	2023-02-24	2024-03-15	884 B	45 kB	172.240.108.76
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-03-27	736 B	423 B	192.243.59.20

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-03-28	medium	accidentallyrussian.com	Sinkholed
2024-03-28	medium	ablecolony.com	Sinkholed
2024-03-28	medium	ablecolony.com	Sinkholed
2024-03-28	medium	ablecolony.com	Sinkholed
2024-03-28	medium	ablecolony.com	Sinkholed
2024-03-28	medium	ablecolony.com	Sinkholed
2024-03-28	medium	unseenreport.com	Sinkholed
2024-03-28	medium	ablecolony.com	Sinkholed
2024-03-28	medium	ablecolony.com	Sinkholed
2024-03-28	medium	ablecolony.com	Sinkholed
2024-03-28	medium	ablecolony.com	Sinkholed
2024-03-28	medium	ablecolony.com	Sinkholed
2024-03-28	medium	ablecolony.com	Sinkholed
2024-03-28	medium	ablecolony.com	Sinkholed
2024-03-28	medium	downstairsnegotiatebarren.com	Sinkholed
2024-03-28	medium	accidentallyrussian.com	Sinkholed
2024-03-28	medium	ablecolony.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (27)

	URL	Size	First Seen	Last Seen
	www.macfiles.org/category/adobe/adobe-illustrator/	3.3 kB	2024-03-02	2024-03-29
Pretty URL www.macfiles.org/category/adobe/adobe-illustrator/ IP 104.21.73.82 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-02 23:34:58 Last Seen2024-03-29 03:10:07 Times Seen7 Hash 9d9193046d1da9aae6d62fdbdfe9726c 6963e54f996762adc97bb427d7bb135458ab97dc 9602837d8d670241f59edb78b91612a225b74faef466c9b82f4f50b5207e4785 Loading...

	www.macfiles.org/category/adobe/adobe-illustrator/	338 B	2024-01-29	2024-03-29
Pretty URL www.macfiles.org/category/adobe/adobe-illustrator/ IP 104.21.73.82 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-29 15:10:26 Last Seen2024-03-29 03:10:07 Times Seen8 Hash 98af53a418e2964682d58e239d4f1666 27cc77db23d563a373c8ca270bf04821f2653b1d fe2c6594bdd33bc4f67f009e0fa75a04f0ec201ab624797178620b976fb60f8a Loading...

	unknown	145 B	2023-03-13	2024-03-29
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:47:26 Last Seen2024-03-29 03:10:07 Times Seen30 Hash e912fbf01816e2b263d6e5e940287459 5d433292ea58167b9c8d42d3b53cf1ab01871968 76d987fd4fe35ac9d287dcd13e8d199078d0189f78baba3eaefbdd1eb5a51c46 Loading...

	www.macfiles.org/category/adobe/adobe-illustrator/	283 B	2024-03-02	2024-03-29
Pretty URL www.macfiles.org/category/adobe/adobe-illustrator/ IP 104.21.73.82 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-02 23:34:58 Last Seen2024-03-29 03:10:07 Times Seen7 Hash 4b65360be731977b74fc1b6f915a7c65 35a1d5487f9829a5e0c6be06fdac6981cb485964 df5433765973051e1f884dea7903ca406d22fc72ba4294b2100d84c156ab6d9b Loading...

	www.macfiles.org/category/adobe/adobe-illustrator/	180 B	2024-03-02	2024-03-29
Pretty URL www.macfiles.org/category/adobe/adobe-illustrator/ IP 104.21.73.82 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-02 23:34:58 Last Seen2024-03-29 03:10:07 Times Seen7 Hash 1c90923a83050cbeaaa8e323964ca7e7 a108ac18641ec878e2a8177897b42c0ee17736ed a58ba1cba3c681b8c125e7d17c1ba304573e064458758f1491aa1ca69a769038 Loading...

	cdn.creative-bars1.com/sb/ssp/interstitial/message_redcircle/1/js/jquery.min.js	90 kB	2023-03-07	2024-04-27
Pretty URL cdn.creative-bars1.com/sb/ssp/interstitial/message_redcircle/1/js/jquery.min.js IP 172.64.160.4 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:04:00 Last Seen2024-04-27 14:53:25 Times Seen3752 Hash 561acb3e541133bbdd2c0c19f8ee35a1 ffd1353cf3f77d25f801c84d8208613eb0d3d548 9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc Loading...

	www.macfiles.org/category/adobe/adobe-illustrator/	84 B	2023-03-07	2024-04-26
Pretty URL www.macfiles.org/category/adobe/adobe-illustrator/ IP 104.21.73.82 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-26 13:38:12 Times Seen2452 Hash 31370ae3f78a60279d29cd25e1eb8657 34f454d9855d2dc1d71ab7101bd7a04d1b0199bf 6682cf99413df38b7572d2f2eb9c549f33d2a52ceaa9c6a8ff723c02339380dc Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-04-27
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-27 18:32:34 Times Seen342146 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2023-11-23	2024-03-29
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-23 18:35:39 Last Seen2024-03-29 19:41:27 Times Seen10518 Hash 924e967bca1d599992556a8d139b1c5a 222b09dbf164ddc03d39100fd0524a22018d28b2 ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95 Loading...

	unknown	196 B	2024-01-22	2024-03-29
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-22 16:04:15 Last Seen2024-03-29 03:10:07 Times Seen9 Hash a41b8b3183ca559d75130f0259679333 d879ce9c3d2999dafc39c776348c05ad1275401d 429ece8a490139a5fed1d9e6e1e80cfba5bebae4c1efc06e186c2ea81646c4dd Loading...

	unknown	1.5 kB	2024-01-29	2024-03-28
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-29 15:10:26 Last Seen2024-03-28 22:52:23 Times Seen4 Hash 0869ab00bbd090460ce9ad05ca0e691a 68fcd3a366086f5a035027bc5fb96c92d0d91f7c f519ab692646914c50293aea3d20254f8fbb13d7739adde82ed39f4a3e232d82 Loading...

	accidentallyrussian.com/cc43d9e6e02d1d5141beb272805e2db1/invoke.js	31 kB	2024-03-28	2024-03-28
Pretty URL accidentallyrussian.com/cc43d9e6e02d1d5141beb272805e2db1/invoke.js IP 172.240.108.76 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-28 22:52:13 Last Seen2024-03-28 22:52:23 Times Seen6 Hash 32dc964f69ada574b44404c2895c5615 ce95ae0072faac8b8b092e8970237cd7ad1386d5 ac6b7c3d7de6a7df176391a27c6eb48c93de89517fc79b572e6f45973155b1fc Loading...

	unknown	3.3 kB	2024-03-28	2024-03-28
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-28 22:52:23 Last Seen2024-03-28 22:52:23 Times Seen1 Hash f63efb453a41a1b3a398f2d01d858b95 47fa3301cecfde5604e158acf09779fd9e3c89a1 68185b60dc6f2805b82e44d271a88f2c5e127db1e3238c34e4318476928b0794 Loading...

	www.macfiles.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1	88 kB	2023-11-03	2024-04-27
Pretty URL www.macfiles.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP 104.21.73.82 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26:43 Last Seen2024-04-27 18:24:19 Times Seen42407 Hash 826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Loading...

	www.macfiles.org/category/adobe/adobe-illustrator/sandbox%20eval%20code	147 B	2023-04-11	2024-04-27
Pretty URL www.macfiles.org/category/adobe/adobe-illustrator/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-27 18:32:34 Times Seen342648 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	unknown	145 B	2024-01-22	2024-03-29
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-22 16:04:14 Last Seen2024-03-29 03:10:07 Times Seen9 Hash 010675a74fa808cd719c26cc64da0f1c e74adbc296518a78a345a26b204455415c75ca6c b105249e4d5042eb4d39b33176e4d3e69390a8f521ba8d08726ffc7a6b52e097 Loading...

	www.macfiles.org/category/adobe/adobe-illustrator/	60 B	2024-01-29	2024-03-29
Pretty URL www.macfiles.org/category/adobe/adobe-illustrator/ IP 104.21.73.82 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-29 15:10:26 Last Seen2024-03-29 03:10:07 Times Seen8 Hash 5f7ec1238346d5082d10d60fe7a3cdfc 03e8c1d4082815c32dc7d25515a3ff273146fc84 9e3f63f5b84279ec3bf7be4318c299832facbba079409a1412049c0004eecd07 Loading...

	accidentallyrussian.com/ab41dcc89a8f02e3ef0be2e1b079565a/invoke.js	31 kB	2024-03-28	2024-03-28
Pretty URL accidentallyrussian.com/ab41dcc89a8f02e3ef0be2e1b079565a/invoke.js IP 172.240.108.76 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-28 22:52:13 Last Seen2024-03-28 22:52:23 Times Seen6 Hash 277b0bd61cc70f4548e8e93248713833 d3154593a057abb280cb13af848e057f5ef7ce27 4cc6b5ed12e507d6f0d21b1bc42a0c7c4a01c47553910eed543d267a060c209c Loading...

	www.macfiles.org/category/adobe/adobe-illustrator/	392 B	2024-01-29	2024-03-29
Pretty URL www.macfiles.org/category/adobe/adobe-illustrator/ IP 104.21.73.82 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-29 15:10:26 Last Seen2024-03-29 03:10:07 Times Seen8 Hash a628b49c17842a2fc21745e163de3a7c d2d5af53359f0eac0ededa0f321b0e126a6c8d65 8327c1d3e145b1c74991ddcdfae9e45c93ae197aed0b4d75f9f53ec98d06fe41 Loading...

	ablecolony.com/a9/04/d2/a904d25cbc0e65d37e5cf79e2d057c1d.js	44 kB	2024-03-28	2024-03-28
Pretty URL ablecolony.com/a9/04/d2/a904d25cbc0e65d37e5cf79e2d057c1d.js IP 172.240.253.132 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-28 22:52:13 Last Seen2024-03-28 22:52:23 Times Seen6 Hash 7cd2e2fab339aae1809f9111df9f350c d6935bcbef52be6545be5b6e960f0e8073284ba8 a3c7faf12628a85b427670948377401da8cf087f320490ebaaa4e8d12b397577 Loading...

	unknown	3.4 kB	2024-03-28	2024-03-28
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-28 22:52:23 Last Seen2024-03-28 22:52:23 Times Seen1 Hash 6b5d22ea10ceb4cbadf50f5a6037d804 cc4332fda7a7b3f597322e6315d44c16ccf9317b 9be54b148b0877982391375942fcaafcb104b588cc5b79b67ebe6a3378a60866 Loading...

	www.macfiles.org/wp-content/cache/autoptimize/js/autoptimize_f5cf7bf0504fb02936b2e8f264a1676c.js	25 kB	2024-03-02	2024-03-29
Pretty URL www.macfiles.org/wp-content/cache/autoptimize/js/autoptimize_f5cf7bf0504fb02936b2e8f264a1676c.js IP 104.21.73.82 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-02 23:34:58 Last Seen2024-03-29 03:10:07 Times Seen14 Hash 172db96c9c2185db11d51bb2dbcc6706 8ea3ff074fe57551669e3c8d22aa052f16339d6b bf0f6f2e3f5f938e66a3415ddc527848551055d4273d098dafdcbd3ffea2db91 Loading...

	www.macfiles.org/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.1.11	9.8 kB	2023-03-07	2024-04-26
Pretty URL www.macfiles.org/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.1.11 IP 104.21.73.82 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-26 13:38:12 Times Seen3435 Hash d1edbffbde50cd32ab770746b4140906 6e120f03a5ac9fddc25e7830d204b202721d8879 c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 340d6b7aa264980059a7f37177b5c67f	2.1 kB	2024-03-28	2024-03-28
Pretty Observations First Seen2024-03-28 22:52:23 Last Seen2024-03-28 22:52:23 Times Seen1 Hash 340d6b7aa264980059a7f37177b5c67f 87f828b50988a8254485f09c4f0a0943b28ad164 dc29e70b1ec21af52291fb563f4b6f3e7339bff237797cdd3e4bf92d9402e9d9 Loading...

	#2 Eval - 5379b5790281a42cf756c39194747abe	2.1 kB	2024-03-28	2024-03-28
Pretty Observations First Seen2024-03-28 22:52:23 Last Seen2024-03-28 22:52:23 Times Seen1 Hash 5379b5790281a42cf756c39194747abe 4455ce929cba14b0f97d412ac514bf5fba7bfcc2 be19cf8593addedbd6dbc67a839e02e85fc89509a3b5ae685755c4f0da3a595c Loading...

		Size	First Seen	Last Seen
	#1 Write - 5bc9b2f8993a54a10f8052310550dbcf	121 B	2023-04-13	2024-03-29
Pretty Observations First Seen2023-04-13 08:40:16 Last Seen2024-03-29 03:10:07 Times Seen10 Hash 5bc9b2f8993a54a10f8052310550dbcf 740cdc2996d3981ac7d69172e343a3897b56b425 dfbf1d17bc32b14ba8b9378f3b61dcffdde7972d5e31b9c9aab2946c41829a87 Loading...

	#2 Write - 0e408b0b7fcbd1943ee8b70cb355f000	115 B	2024-01-22	2024-03-29
Pretty Observations First Seen2024-01-22 16:04:15 Last Seen2024-03-29 03:10:07 Times Seen9 Hash 0e408b0b7fcbd1943ee8b70cb355f000 120a1a1539bd6cc790343c89fa652d8297aaacca 7c660e55006098b1ed20e28d18cc3b1dafc7e02fd8d47754227a66452493730a Loading...

HTTP Transactions (61)

URL IP Response Size

www.macfiles.org/wp-content/cache/autoptimize/js/autoptimize_f5cf7bf0504fb02936b2e8f264a1676c.js

104.21.73.82

200 OK

9.3 kB

URL GET HTTP/3
www.macfiles.org/wp-content/cache/autoptimize/js/autoptimize_f5cf7bf0504fb02936b2e8f264a1676c.js
IP
104.21.73.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectmacfiles.org
Fingerprint05:B6:91:19:E8:3B:D4:01:2C:69:02:50:FC:D3:89:ED:19:1B:D3:49
ValidityThu, 14 Mar 2024 13:45:41 GMT - Wed, 12 Jun 2024 13:45:40 GMT

File type
JavaScript source, ASCII text, with very long lines (13479)
Size
9.3 kB (9322 bytes)
Hash
172db96c9c2185db11d51bb2dbcc6706
8ea3ff074fe57551669e3c8d22aa052f16339d6b
bf0f6f2e3f5f938e66a3415ddc527848551055d4273d098dafdcbd3ffea2db91

HTTP Headers

GET /wp-content/cache/autoptimize/js/autoptimize_f5cf7bf0504fb02936b2e8f264a1676c.js HTTP/1.1
Host: www.macfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/category/adobe/adobe-illustrator/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Mar 2024 21:51:49 GMT
content-type: application/javascript
cache-control: public, max-age=30672000, immutable
expires: Thu, 13 Mar 2025 12:40:42 GMT
last-modified: Fri, 22 Mar 2024 22:18:06 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 465067
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tY1HDnl8OdBbEwHvxAanVdZJlFhAK2DI3H6Q4bsp4v%2Bm5MXqHoVpSj6JOR1xpckJVDDitCV%2FClRjQvvZhsOjVDHYFCZ8FazqF9ZDlyCguskBLovt%2FIbKfH8EdDyBCD8rz6e5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bad7ffca6656c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.macfiles.org/wp-content/themes/lightly/fonts/fontawesome-webfont.woff2?v=4.6.3

104.21.73.82

200 OK

72 kB

URL GET HTTP/3
www.macfiles.org/wp-content/themes/lightly/fonts/fontawesome-webfont.woff2?v=4.6.3
IP
104.21.73.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectmacfiles.org
Fingerprint05:B6:91:19:E8:3B:D4:01:2C:69:02:50:FC:D3:89:ED:19:1B:D3:49
ValidityThu, 14 Mar 2024 13:45:41 GMT - Wed, 12 Jun 2024 13:45:40 GMT

File type
Web Open Font Format (Version 2), TrueType, length 71896, version 4.393
Size
72 kB (71896 bytes)
Hash
e6cf7c6ec7c2d6f670ae9d762604cb0b
97e438cc545714309882fbceadbf344fcaddcec5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

HTTP Headers

GET /wp-content/themes/lightly/fonts/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1
Host: www.macfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/wp-content/cache/autoptimize/css/autoptimize_ea41aa15be79aeb4f11d6294c6075823.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Mar 2024 21:51:49 GMT
content-type: font/woff2
content-length: 71896
cache-control: public, max-age=604800
expires: Wed, 03 Apr 2024 11:15:40 GMT
last-modified: Thu, 23 May 2019 00:25:50 GMT
cf-cache-status: HIT
age: 124569
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jrpu1EMLrRgAvZ1%2BkmSf7rBwp6cdu%2Fx%2Faw4aifh9T0GW8M7Ez7ptw5NwvCCNzTTYz%2FwSZYkmtCnX%2F%2BdVOj9vXwpU%2B8VtjrkNSMSddjTH2vb18iUtic1bYGLeYafXLTmF1rGt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad8010b8256c5-OSL
alt-svc: h3=":443"; ma=86400

www.macfiles.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

104.21.73.82

200 OK

55 kB

URL GET HTTP/3
www.macfiles.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
104.21.73.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectmacfiles.org
Fingerprint05:B6:91:19:E8:3B:D4:01:2C:69:02:50:FC:D3:89:ED:19:1B:D3:49
ValidityThu, 14 Mar 2024 13:45:41 GMT - Wed, 12 Jun 2024 13:45:40 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
55 kB (54974 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: www.macfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/category/adobe/adobe-illustrator/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Mar 2024 21:51:49 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Tue, 02 Apr 2024 14:05:45 GMT
last-modified: Wed, 03 Jan 2024 18:24:12 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 200764
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DZuPJomq4t6R%2Bhwu4fDzcS4Ulgz4cw6qgjE1qdCTBNKHRgFhkMrBajGdrt3RdYTMOmw5HB6SpcpUBNIj60Gre2jvYqCJ6sCYFA8WMUnyjYtpZ7QLn7T3lQraycZmheQfJAvX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bad7ffba4b56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

216.58.207.227

200 OK

23 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.macfiles.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:35:51 GMT
expires: Fri, 28 Mar 2025 17:35:51 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
age: 15359
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2

216.58.207.227

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 24408, version 1.0
Size
24 kB (24408 bytes)
Hash
efee2d080d7bebdd2e0aeb2e030813a0
f8d38f9f9584e48c2e469877ebd94232265585f1
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

HTTP Headers

GET /s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.macfiles.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24408
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:24:25 GMT
expires: Fri, 28 Mar 2025 17:24:25 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:14:26 GMT
content-type: font/woff2
age: 16045
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato%3A400%2C400italic%2C700%2C700italic&ver=6.4.3

142.250.74.74

200 OK

12 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Lato%3A400%2C400italic%2C700%2C700italic&ver=6.4.3
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B
ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT

File type
JavaScript source, ASCII text, with very long lines (31275)
Size
12 kB (12275 bytes)
Hash
b84a5d8c10ac69f3533aaa5214d37785
a7a305b22588a4a168645fb570a96d804d66f17b
d99bfa2d115db39caab2d9806d1661aa20f09986357ef8fcec9ae9f555c91b92

HTTP Headers

GET /css?family=Lato%3A400%2C400italic%2C700%2C700italic&ver=6.4.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 28 Mar 2024 21:51:49 GMT
date: Thu, 28 Mar 2024 21:51:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
e0720567b89e85a074c0401003b4b7fb
4c9bd983308c50da9266d2d5a4a5e010b6736408
520b6f66e6827aed3facc07d0cdeb0f06ac5785dbf68439e82a20face8555e5c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 28 Mar 2024 21:51:50 GMT
Last-Modified: Thu, 28 Mar 2024 20:46:03 GMT
Server: ECAcc (ska/F77E)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: y1KiZ8APOxvLrrM5kLFqSufmRkYxtm7YsZPHMBcRC5GV7ZhTlxjc8Q==
Age: 3947

accidentallyrussian.com/ab41dcc89a8f02e3ef0be2e1b079565a/invoke.js

172.240.108.76

200 OK

12 kB

URL GET HTTP/1.1
accidentallyrussian.com/ab41dcc89a8f02e3ef0be2e1b079565a/invoke.js
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectaccidentallyrussian.com
Fingerprint3E:C7:58:F1:C6:88:A7:93:4D:44:9B:CF:A9:90:F1:C7:E1:A3:1C:12
ValidityTue, 20 Feb 2024 06:04:20 GMT - Mon, 20 May 2024 06:04:19 GMT

File type
JavaScript source, ASCII text, with very long lines (31283), with no line terminators
Size
12 kB (11839 bytes)
Hash
277b0bd61cc70f4548e8e93248713833
d3154593a057abb280cb13af848e057f5ef7ce27
4cc6b5ed12e507d6f0d21b1bc42a0c7c4a01c47553910eed543d267a060c209c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ab41dcc89a8f02e3ef0be2e1b079565a/invoke.js HTTP/1.1
Host: accidentallyrussian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 28 Mar 2024 21:51:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 212603b9fbda035948b19947f2439412
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

proftrafficcounter.com/stats

18.196.50.62

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.196.50.62:443
ASN
#16509 AMAZON-02

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
76c1b8bd3d9610d27d1eab8574746b4c
819417d64b0c2790f80121c55d00281a4a44bdb1
1c057e213425016e3b2080aead2dff08a5d8ae16c5b6b19b18d5c2b8c6b75eb4

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.macfiles.org
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 21:51:50 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.macfiles.org
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=d5ca92e8-8af8-497f-8572-180e2ed1eb97:2:1; expires=Sun, 26 Mar 2034 21:51:50 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.196.50.62

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.196.50.62:443
ASN
#16509 AMAZON-02

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
76c1b8bd3d9610d27d1eab8574746b4c
819417d64b0c2790f80121c55d00281a4a44bdb1
1c057e213425016e3b2080aead2dff08a5d8ae16c5b6b19b18d5c2b8c6b75eb4

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.macfiles.org
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Cookie: uid_id2=d5ca92e8-8af8-497f-8572-180e2ed1eb97:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 28 Mar 2024 21:51:50 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.macfiles.org
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_227,h_200/https://www.macfiles.org/wp-content/uploads/2020/09/Adobe-Illustrator-2020-227x200.png

194.242.11.186

302 Found

0 B

URL GET HTTP/2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_227,h_200/https://www.macfiles.org/wp-content/uploads/2020/09/Adobe-Illustrator-2020-227x200.png
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectsp-ao.shortpixel.ai
Fingerprint99:6C:0E:A5:42:E4:93:89:C4:87:7E:BA:54:2D:DE:9B:40:15:E8:C9
ValidityThu, 22 Feb 2024 14:09:44 GMT - Wed, 22 May 2024 14:09:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /client/to_webp,q_glossy,ret_img,w_227,h_200/https://www.macfiles.org/wp-content/uploads/2020/09/Adobe-Illustrator-2020-227x200.png HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 28 Mar 2024 21:51:50 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.macfiles.org/wp-content/uploads/2020/09/Adobe-Illustrator-2020-227x200.png
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
pragma: cache
cdn-cachedat: 03/28/2024 12:01:56
x-robots-tag: noindex
link: <https://www.macfiles.org/wp-content/uploads/2020/09/Adobe-Illustrator-2020-227x200.png>; rel="canonical"
cdn-tag: 0; Domain: macfiles.org; 302
xtag-sp-ver: 2-ns62
cdn-proxyver: 1.04
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: e1cace690dfb11b100a0a98917801d1b
cdn-cache: HIT
X-Firefox-Spdy: h2

sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-Premiere-Pro-2020-150x150.png

194.242.11.186

302 Found

0 B

URL GET HTTP/2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-Premiere-Pro-2020-150x150.png
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectsp-ao.shortpixel.ai
Fingerprint99:6C:0E:A5:42:E4:93:89:C4:87:7E:BA:54:2D:DE:9B:40:15:E8:C9
ValidityThu, 22 Feb 2024 14:09:44 GMT - Wed, 22 May 2024 14:09:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /client/to_webp,q_glossy,ret_img,w_150/https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-Premiere-Pro-2020-150x150.png HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 28 Mar 2024 21:51:50 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-Premiere-Pro-2020-150x150.png
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
pragma: cache
cdn-cachedat: 03/28/2024 21:51:41
x-robots-tag: noindex
link: <https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-Premiere-Pro-2020-150x150.png>; rel="canonical"
cdn-tag: 0; Domain: macfiles.org; 302
xtag-sp-ver: 2-ns61
cdn-proxyver: 1.04
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: 6adbc21fa815b6f620cab1df3514573f
cdn-cache: HIT
X-Firefox-Spdy: h2

sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://www.macfiles.org/wp-content/uploads/2020/09/Adobe-Illustrator-2020-150x147.png

194.242.11.186

302 Found

0 B

URL GET HTTP/2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://www.macfiles.org/wp-content/uploads/2020/09/Adobe-Illustrator-2020-150x147.png
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectsp-ao.shortpixel.ai
Fingerprint99:6C:0E:A5:42:E4:93:89:C4:87:7E:BA:54:2D:DE:9B:40:15:E8:C9
ValidityThu, 22 Feb 2024 14:09:44 GMT - Wed, 22 May 2024 14:09:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /client/to_webp,q_glossy,ret_img,w_150/https://www.macfiles.org/wp-content/uploads/2020/09/Adobe-Illustrator-2020-150x147.png HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 28 Mar 2024 21:51:50 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.macfiles.org/wp-content/uploads/2020/09/Adobe-Illustrator-2020-150x147.png
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
pragma: cache
cdn-cachedat: 03/28/2024 12:01:56
x-robots-tag: noindex
link: <https://www.macfiles.org/wp-content/uploads/2020/09/Adobe-Illustrator-2020-150x147.png>; rel="canonical"
cdn-tag: 0; Domain: macfiles.org; 302
xtag-sp-ver: 2-ns61
cdn-proxyver: 1.04
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: 1b2f2540274702b32b1e57e60b6f7d8b
cdn-cache: HIT
X-Firefox-Spdy: h2

sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-Photoshop-2020-150x150.png

194.242.11.186

302 Found

0 B

URL GET HTTP/2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-Photoshop-2020-150x150.png
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectsp-ao.shortpixel.ai
Fingerprint99:6C:0E:A5:42:E4:93:89:C4:87:7E:BA:54:2D:DE:9B:40:15:E8:C9
ValidityThu, 22 Feb 2024 14:09:44 GMT - Wed, 22 May 2024 14:09:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /client/to_webp,q_glossy,ret_img,w_150/https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-Photoshop-2020-150x150.png HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 28 Mar 2024 21:51:50 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-Photoshop-2020-150x150.png
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
pragma: cache
cdn-cachedat: 03/28/2024 12:01:56
x-robots-tag: noindex
link: <https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-Photoshop-2020-150x150.png>; rel="canonical"
cdn-tag: 0; Domain: macfiles.org; 302
xtag-sp-ver: 2-ns61
cdn-proxyver: 1.04
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: 8a80da1659208b9620d9adbfbc6cf463
cdn-cache: HIT
X-Firefox-Spdy: h2

sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_196/https://www.macfiles.org/wp-content/uploads/2024/01/maclogo.png

194.242.11.186

302 Found

0 B

URL GET HTTP/2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_196/https://www.macfiles.org/wp-content/uploads/2024/01/maclogo.png
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectsp-ao.shortpixel.ai
Fingerprint99:6C:0E:A5:42:E4:93:89:C4:87:7E:BA:54:2D:DE:9B:40:15:E8:C9
ValidityThu, 22 Feb 2024 14:09:44 GMT - Wed, 22 May 2024 14:09:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /client/to_webp,q_glossy,ret_img,w_196/https://www.macfiles.org/wp-content/uploads/2024/01/maclogo.png HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 28 Mar 2024 21:51:50 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.macfiles.org/wp-content/uploads/2024/01/maclogo.png
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
pragma: cache
cdn-cachedat: 03/28/2024 21:51:40
x-robots-tag: noindex
link: <https://www.macfiles.org/wp-content/uploads/2024/01/maclogo.png>; rel="canonical"
cdn-tag: 0; Domain: macfiles.org; 302
xtag-sp-ver: 2-ns61
cdn-proxyver: 1.04
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: aad1dc30bdf60b1f211420ff05bcdd5f
cdn-cache: HIT
X-Firefox-Spdy: h2

www.macfiles.org/wp-content/uploads/2020/09/Adobe-Illustrator-2020-227x200.png

104.21.73.82

200 OK

5.0 kB

URL GET HTTP/3
www.macfiles.org/wp-content/uploads/2020/09/Adobe-Illustrator-2020-227x200.png
IP
104.21.73.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectmacfiles.org
Fingerprint05:B6:91:19:E8:3B:D4:01:2C:69:02:50:FC:D3:89:ED:19:1B:D3:49
ValidityThu, 14 Mar 2024 13:45:41 GMT - Wed, 12 Jun 2024 13:45:40 GMT

File type
PNG image data, 227 x 200, 8-bit/color RGBA, non-interlaced
Size
5.0 kB (4968 bytes)
Hash
ebc35707f8781f5627b4d0691b560124
fcbbef457f3c4ee59b3c95bc55fbb71426708fd4
3e9616feccdee953112e31bc7dab58288aad97339c1b20a1076f695d50c9cec2

HTTP Headers

GET /wp-content/uploads/2020/09/Adobe-Illustrator-2020-227x200.png HTTP/1.1
Host: www.macfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.macfiles.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Mar 2024 21:51:50 GMT
content-type: image/png
content-length: 4968
cache-control: public, max-age=604800
expires: Wed, 03 Apr 2024 13:01:14 GMT
last-modified: Sat, 26 Sep 2020 08:45:42 GMT
cf-cache-status: HIT
age: 118236
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1TqTqnE%2F4aPFSCIkhBaJMFrPZdO%2F44C1UyF7qjN9wkTGQ8E5XG0oV%2B05kC4FuaNzGT3ipqcwFs%2BDEuP%2Bl9JU9VO0GAlbbY7hu1%2FWkK2ayDne%2FVPCtgzc3ESjFBzvogaPjSgy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad804cf3f56c5-OSL
alt-svc: h3=":443"; ma=86400

www.macfiles.org/wp-content/uploads/2020/08/Adobe-Premiere-Pro-2020-150x150.png

104.21.73.82

200 OK

7.5 kB

URL GET HTTP/3
www.macfiles.org/wp-content/uploads/2020/08/Adobe-Premiere-Pro-2020-150x150.png
IP
104.21.73.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectmacfiles.org
Fingerprint05:B6:91:19:E8:3B:D4:01:2C:69:02:50:FC:D3:89:ED:19:1B:D3:49
ValidityThu, 14 Mar 2024 13:45:41 GMT - Wed, 12 Jun 2024 13:45:40 GMT

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
Size
7.5 kB (7454 bytes)
Hash
09a660d8c127a9fce4f31b0228fbc554
84a626c6fa093fbe3f711f770c6350fc3493041f
81f82c2b5a1a780d1af9dc2e3727761064485bcabc630e69fdb10c639f1af141

HTTP Headers

GET /wp-content/uploads/2020/08/Adobe-Premiere-Pro-2020-150x150.png HTTP/1.1
Host: www.macfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.macfiles.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Mar 2024 21:51:50 GMT
content-type: image/png
content-length: 7454
cache-control: public, max-age=604800
expires: Sat, 30 Mar 2024 12:40:42 GMT
last-modified: Mon, 17 Aug 2020 04:34:17 GMT
cf-cache-status: HIT
age: 465068
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xA1pn7N%2FDIAJ75IONgK6aYDkI39NiTCs3WK%2BT2LsmO9fRqaT7jruqeOQrSXOwAzatHbQbjblvxRR8xEuiBFFuIC5enMR2bk4%2FfkiGfmXzQzr7MOx3acJfLlz6qmOpc1GVw9c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad804df4456c5-OSL
alt-svc: h3=":443"; ma=86400

www.macfiles.org/wp-content/uploads/2020/09/Adobe-Illustrator-2020-150x147.png

104.21.73.82

200 OK

12 kB

URL GET HTTP/3
www.macfiles.org/wp-content/uploads/2020/09/Adobe-Illustrator-2020-150x147.png
IP
104.21.73.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectmacfiles.org
Fingerprint05:B6:91:19:E8:3B:D4:01:2C:69:02:50:FC:D3:89:ED:19:1B:D3:49
ValidityThu, 14 Mar 2024 13:45:41 GMT - Wed, 12 Jun 2024 13:45:40 GMT

File type
PNG image data, 150 x 147, 8-bit/color RGBA, non-interlaced
Size
12 kB (12290 bytes)
Hash
ee44b2d0e4a82c63a0ef6f175cf29782
feeb464999087121b8bafa151060d930e5bd1cd6
e1b580cf7dc571624a359e00a777e9dc298b756dc54fed2881a8ccb111a4bdae

HTTP Headers

GET /wp-content/uploads/2020/09/Adobe-Illustrator-2020-150x147.png HTTP/1.1
Host: www.macfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.macfiles.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Mar 2024 21:51:50 GMT
content-type: image/png
content-length: 12290
cache-control: public, max-age=604800
expires: Mon, 01 Apr 2024 14:42:47 GMT
last-modified: Sat, 26 Sep 2020 08:45:42 GMT
cf-cache-status: HIT
age: 284943
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LVvICeqyfoQeNhqUSFcg9c4NQsjhtcbvXJ0oeUuz9Al51zbR212kiUtd%2Fni7DVGTfcnRX7tjfdC29dtbN3OjhCCa%2FVRHgXCfip3G%2Fo7Tx7uPvq4QXUeJlKGxImcRv%2BR93yIl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad804df4d56c5-OSL
alt-svc: h3=":443"; ma=86400

www.macfiles.org/wp-content/uploads/2020/08/Adobe-Photoshop-2020-150x150.png

104.21.73.82

200 OK

10 kB

URL GET HTTP/3
www.macfiles.org/wp-content/uploads/2020/08/Adobe-Photoshop-2020-150x150.png
IP
104.21.73.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectmacfiles.org
Fingerprint05:B6:91:19:E8:3B:D4:01:2C:69:02:50:FC:D3:89:ED:19:1B:D3:49
ValidityThu, 14 Mar 2024 13:45:41 GMT - Wed, 12 Jun 2024 13:45:40 GMT

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
Size
10 kB (10441 bytes)
Hash
c7089b18b5c108f5c464197d6f4de04a
2cb7d068ec11c1661d43db9a80a01bc7e19c4efe
3861a6cc73d11b2e2a56413e63ab357574bf1622883d21c6eb6ce23cef2040a2

HTTP Headers

GET /wp-content/uploads/2020/08/Adobe-Photoshop-2020-150x150.png HTTP/1.1
Host: www.macfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.macfiles.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Mar 2024 21:51:50 GMT
content-type: image/png
content-length: 10441
cache-control: public, max-age=604800
expires: Mon, 01 Apr 2024 14:42:40 GMT
last-modified: Mon, 17 Aug 2020 04:41:21 GMT
cf-cache-status: HIT
age: 284950
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IStiB4bGvwUZB1JvW7mgvZko5f8WzzXMOb%2Bp1o5P%2BoTZH9zME1BWkDyq8EmjH1n%2FYCwz%2F3fNXWG%2F6hX5dgUqWMQ635e1VEaPFHBMDdVYCs%2FjEYaEoazXDpSQj5WxhnE28BAA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad804df5056c5-OSL
alt-svc: h3=":443"; ma=86400

www.macfiles.org/wp-content/uploads/2024/01/maclogo.png

104.21.73.82

200 OK

7.0 kB

URL GET HTTP/3
www.macfiles.org/wp-content/uploads/2024/01/maclogo.png
IP
104.21.73.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectmacfiles.org
Fingerprint05:B6:91:19:E8:3B:D4:01:2C:69:02:50:FC:D3:89:ED:19:1B:D3:49
ValidityThu, 14 Mar 2024 13:45:41 GMT - Wed, 12 Jun 2024 13:45:40 GMT

File type
PNG image data, 196 x 74, 8-bit/color RGBA, non-interlaced
Size
7.0 kB (6997 bytes)
Hash
e781a5f87918fdc8ab2b9f0b1922c0bb
eab7d93ca044af7bbe20c64cbf8eb03bb5fa1f33
3f1e1b9a30c49fdeca79f5b77ef2d9defc6538b835a25f5d2483121e654020c1

HTTP Headers

GET /wp-content/uploads/2024/01/maclogo.png HTTP/1.1
Host: www.macfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.macfiles.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Mar 2024 21:51:50 GMT
content-type: image/png
content-length: 6997
cache-control: public, max-age=604800
expires: Sat, 30 Mar 2024 12:40:42 GMT
last-modified: Fri, 19 Jan 2024 13:31:10 GMT
cf-cache-status: HIT
age: 465068
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hUHADgLiraBLGccVTiSRhgbkgJa59osgw9XyPNOC4Wqmev%2BLzS%2BZYmQgDEhdmst9MBcrKmw75YUOSKeqTndZUYULi8YvpDpJ4ctUnjFui0PbLGGHQdn2mqAqPykZvMCxlkiS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad8050f7356c5-OSL
alt-svc: h3=":443"; ma=86400

ablecolony.com/a9/04/d2/a904d25cbc0e65d37e5cf79e2d057c1d.js

172.240.253.132

200 OK

16 kB

URL GET HTTP/1.1
ablecolony.com/a9/04/d2/a904d25cbc0e65d37e5cf79e2d057c1d.js
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectablecolony.com
Fingerprint72:52:48:30:ED:69:2D:E0:F6:1F:B2:28:46:E6:BF:09:21:CB:DD:D1
ValiditySun, 24 Mar 2024 10:22:04 GMT - Sat, 22 Jun 2024 10:22:03 GMT

File type
JavaScript source, ASCII text, with very long lines (43994), with no line terminators
Size
16 kB (15784 bytes)
Hash
7cd2e2fab339aae1809f9111df9f350c
d6935bcbef52be6545be5b6e960f0e8073284ba8
a3c7faf12628a85b427670948377401da8cf087f320490ebaaa4e8d12b397577

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /a9/04/d2/a904d25cbc0e65d37e5cf79e2d057c1d.js HTTP/1.1
Host: ablecolony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 28 Mar 2024 21:51:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 76536b05f995a7c5b50e136b6d6d0529
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ablecolony.com/watch.1427821070443.js?key=cc43d9e6e02d1d5141beb272805e2db1&kw=%5B%22adobe%22%2C%22illustrator%22%2C%22-%22%2C%22mac%22%2C%22torrents%22%5D&refer=https%3A%2F%2Fwww.macfiles.org%2Fcategory%2Fadobe%2Fadobe-illustrator%2F&tz=0&dev=e&res=14.2071&uuid=d5ca92e8-8af8-497f-8572-180e2ed1eb97%3A2%3A1

172.240.108.68

307 Temporary Redirect

0 B

URL GET HTTP/1.1
ablecolony.com/watch.1427821070443.js?key=cc43d9e6e02d1d5141beb272805e2db1&kw=%5B%22adobe%22%2C%22illustrator%22%2C%22-%22%2C%22mac%22%2C%22torrents%22%5D&refer=https%3A%2F%2Fwww.macfiles.org%2Fcategory%2Fadobe%2Fadobe-illustrator%2F&tz=0&dev=e&res=14.2071&uuid=d5ca92e8-8af8-497f-8572-180e2ed1eb97%3A2%3A1
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectablecolony.com
Fingerprint72:52:48:30:ED:69:2D:E0:F6:1F:B2:28:46:E6:BF:09:21:CB:DD:D1
ValiditySun, 24 Mar 2024 10:22:04 GMT - Sat, 22 Jun 2024 10:22:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1427821070443.js?key=cc43d9e6e02d1d5141beb272805e2db1&kw=%5B%22adobe%22%2C%22illustrator%22%2C%22-%22%2C%22mac%22%2C%22torrents%22%5D&refer=https%3A%2F%2Fwww.macfiles.org%2Fcategory%2Fadobe%2Fadobe-illustrator%2F&tz=0&dev=e&res=14.2071&uuid=d5ca92e8-8af8-497f-8572-180e2ed1eb97%3A2%3A1 HTTP/1.1
Host: ablecolony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.macfiles.org
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Thu, 28 Mar 2024 21:51:50 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.macfiles.org
Access-Control-Allow-Origin: https://www.macfiles.org
Access-Control-Allow-Credentials: true
Location: https://ablecolony.com/watch.1427821070443.js?dev=e&key=cc43d9e6e02d1d5141beb272805e2db1&kw=%5B%22adobe%22%2C%22illustrator%22%2C%22-%22%2C%22mac%22%2C%22torrents%22%5D&pst=1711662770&refer=https%3A%2F%2Fwww.macfiles.org%2Fcategory%2Fadobe%2Fadobe-illustrator%2F&res=14.2071&rmtc=t&shu=9687fa991ddd6ab135965c450b1e07f6e7ff7009ee84316f652ac7930be87c751e1542e2746fa77d970efbdd4e8856b258e9447cd6b53ef4b9ed6a81459cab5690364b9ebd58747cc40f90235585c6238fad83ede359a464b1d51a5f9c6f6d&tz=0&uuid=d5ca92e8-8af8-497f-8572-180e2ed1eb97%3A2%3A1
Set-Cookie: u_pl=17871235; expires=Fri, 29 Mar 2024 21:51:50 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg3MTIzNSwiayI6ImNjNDNkOWU2ZTAyZDFkNTE0MWJlYjI3MjgwNWUyZGIxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMjUzODYsInBpZCI6MTA0NDc2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE4LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJpdmRjdnJ5a2EiLCJjcGtzIjp7IjI5IjoiYTkwNGQyNWNiYzBlNjVkMzdlNWNmNzllMmQwNTdjMWQifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm1hY2ZpbGVzLm9yZy9jYXRlZ29yeS9hZG9iZS9hZG9iZS1pbGx1c3RyYXRvci8iLCJhciI6W119fQ.k7Hn6slaaqekdn0PlVTN2ucgLXq6UEnPv_CjL_OILh8; expires=Thu, 28 Mar 2024 21:52:50 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 073aab48df471e81adb0c2a87c5d2b4e
Strict-Transport-Security: max-age=0; includeSubdomains

ablecolony.com/watch.38320186739.js?key=ab41dcc89a8f02e3ef0be2e1b079565a&kw=%5B%22adobe%22%2C%22illustrator%22%2C%22-%22%2C%22mac%22%2C%22torrents%22%5D&refer=https%3A%2F%2Fwww.macfiles.org%2Fcategory%2Fadobe%2Fadobe-illustrator%2F&tz=0&dev=e&res=14.2071&uuid=d5ca92e8-8af8-497f-8572-180e2ed1eb97%3A2%3A1

172.240.108.68

307 Temporary Redirect

0 B

URL GET HTTP/1.1
ablecolony.com/watch.38320186739.js?key=ab41dcc89a8f02e3ef0be2e1b079565a&kw=%5B%22adobe%22%2C%22illustrator%22%2C%22-%22%2C%22mac%22%2C%22torrents%22%5D&refer=https%3A%2F%2Fwww.macfiles.org%2Fcategory%2Fadobe%2Fadobe-illustrator%2F&tz=0&dev=e&res=14.2071&uuid=d5ca92e8-8af8-497f-8572-180e2ed1eb97%3A2%3A1
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectablecolony.com
Fingerprint72:52:48:30:ED:69:2D:E0:F6:1F:B2:28:46:E6:BF:09:21:CB:DD:D1
ValiditySun, 24 Mar 2024 10:22:04 GMT - Sat, 22 Jun 2024 10:22:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.38320186739.js?key=ab41dcc89a8f02e3ef0be2e1b079565a&kw=%5B%22adobe%22%2C%22illustrator%22%2C%22-%22%2C%22mac%22%2C%22torrents%22%5D&refer=https%3A%2F%2Fwww.macfiles.org%2Fcategory%2Fadobe%2Fadobe-illustrator%2F&tz=0&dev=e&res=14.2071&uuid=d5ca92e8-8af8-497f-8572-180e2ed1eb97%3A2%3A1 HTTP/1.1
Host: ablecolony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.macfiles.org
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Thu, 28 Mar 2024 21:51:50 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.macfiles.org
Access-Control-Allow-Origin: https://www.macfiles.org
Access-Control-Allow-Credentials: true
Location: https://ablecolony.com/watch.38320186739.js?dev=e&key=ab41dcc89a8f02e3ef0be2e1b079565a&kw=%5B%22adobe%22%2C%22illustrator%22%2C%22-%22%2C%22mac%22%2C%22torrents%22%5D&pst=1711662770&refer=https%3A%2F%2Fwww.macfiles.org%2Fcategory%2Fadobe%2Fadobe-illustrator%2F&res=14.2071&rmtc=t&shu=a9000e48f47a62c48f0c706244a418c45ef121469730d0733c75bb8eb07b4a7fb6132339d52a9a6fc813072215023a665125df04159fd6b4263f3617901347ef62f7d27364a3fd96933e87f9359e8c95bdb0ec9132e5922ebdbabc073921fc&tz=0&uuid=d5ca92e8-8af8-497f-8572-180e2ed1eb97%3A2%3A1
Set-Cookie: u_pl=22061292; expires=Fri, 29 Mar 2024 21:51:50 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjA2MTI5MiwiayI6ImFiNDFkY2M4OWE4ZjAyZTNlZjBiZTJlMWIwNzk1NjVhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNDU0NDc3LCJwaWQiOjEwNDQ3NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJua2h0dzZyMHJ5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm1hY2ZpbGVzLm9yZy9jYXRlZ29yeS9hZG9iZS9hZG9iZS1pbGx1c3RyYXRvci8iLCJhciI6W119fQ.e7Cd-nnxH36SHOPXJUQ78WHTvrmsjTwO_y15aBrlgnA; expires=Thu, 28 Mar 2024 21:52:50 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2b53c528c3c4d884a64f127d392075a5
Strict-Transport-Security: max-age=0; includeSubdomains

ablecolony.com/watch.1427821070443.js?dev=e&key=cc43d9e6e02d1d5141beb272805e2db1&kw=%5B%22adobe%22%2C%22illustrator%22%2C%22-%22%2C%22mac%22%2C%22torrents%22%5D&pst=1711662770&refer=https%3A%2F%2Fwww.macfiles.org%2Fcategory%2Fadobe%2Fadobe-illustrator%2F&res=14.2071&rmtc=t&shu=9687fa991ddd6ab135965c450b1e07f6e7ff7009ee84316f652ac7930be87c751e1542e2746fa77d970efbdd4e8856b258e9447cd6b53ef4b9ed6a81459cab5690364b9ebd58747cc40f90235585c6238fad83ede359a464b1d51a5f9c6f6d&tz=0&uuid=d5ca92e8-8af8-497f-8572-180e2ed1eb97%3A2%3A1

172.240.253.132

200 OK

2.0 kB

URL GET HTTP/1.1
ablecolony.com/watch.1427821070443.js?dev=e&key=cc43d9e6e02d1d5141beb272805e2db1&kw=%5B%22adobe%22%2C%22illustrator%22%2C%22-%22%2C%22mac%22%2C%22torrents%22%5D&pst=1711662770&refer=https%3A%2F%2Fwww.macfiles.org%2Fcategory%2Fadobe%2Fadobe-illustrator%2F&res=14.2071&rmtc=t&shu=9687fa991ddd6ab135965c450b1e07f6e7ff7009ee84316f652ac7930be87c751e1542e2746fa77d970efbdd4e8856b258e9447cd6b53ef4b9ed6a81459cab5690364b9ebd58747cc40f90235585c6238fad83ede359a464b1d51a5f9c6f6d&tz=0&uuid=d5ca92e8-8af8-497f-8572-180e2ed1eb97%3A2%3A1
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectablecolony.com
Fingerprint72:52:48:30:ED:69:2D:E0:F6:1F:B2:28:46:E6:BF:09:21:CB:DD:D1
ValiditySun, 24 Mar 2024 10:22:04 GMT - Sat, 22 Jun 2024 10:22:03 GMT

File type
JavaScript source, ASCII text, with very long lines (2508)
Size
2.0 kB (2031 bytes)
Hash
6f527cb56e09f81ce86b39fc1a3f6f3e
ca330b8061144d53630ab56eb06a8c4e0c627838
a64ccfa56e8fe9c3cd61618cc929c8d82ad5dfbcfc9ea077b1651255e003f467

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1427821070443.js?dev=e&key=cc43d9e6e02d1d5141beb272805e2db1&kw=%5B%22adobe%22%2C%22illustrator%22%2C%22-%22%2C%22mac%22%2C%22torrents%22%5D&pst=1711662770&refer=https%3A%2F%2Fwww.macfiles.org%2Fcategory%2Fadobe%2Fadobe-illustrator%2F&res=14.2071&rmtc=t&shu=9687fa991ddd6ab135965c450b1e07f6e7ff7009ee84316f652ac7930be87c751e1542e2746fa77d970efbdd4e8856b258e9447cd6b53ef4b9ed6a81459cab5690364b9ebd58747cc40f90235585c6238fad83ede359a464b1d51a5f9c6f6d&tz=0&uuid=d5ca92e8-8af8-497f-8572-180e2ed1eb97%3A2%3A1 HTTP/1.1
Host: ablecolony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.macfiles.org
Referer: https://www.macfiles.org/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17871235; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg3MTIzNSwiayI6ImNjNDNkOWU2ZTAyZDFkNTE0MWJlYjI3MjgwNWUyZGIxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMjUzODYsInBpZCI6MTA0NDc2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE4LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJpdmRjdnJ5a2EiLCJjcGtzIjp7IjI5IjoiYTkwNGQyNWNiYzBlNjVkMzdlNWNmNzllMmQwNTdjMWQifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm1hY2ZpbGVzLm9yZy9jYXRlZ29yeS9hZG9iZS9hZG9iZS1pbGx1c3RyYXRvci8iLCJhciI6W119fQ.k7Hn6slaaqekdn0PlVTN2ucgLXq6UEnPv_CjL_OILh8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 28 Mar 2024 21:51:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.macfiles.org
Access-Control-Allow-Origin: https://www.macfiles.org
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=d5ca92e8-8af8-497f-8572-180e2ed1eb97:2:1; expires=Thu, 04 Apr 2024 21:51:50 GMT; secure; SameSite=None
iprc7310a3a6dff09f164680b853821fda9f=4471850; expires=Fri, 29 Mar 2024 21:51:50 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 29 Mar 2024 21:51:50 GMT; secure; SameSite=None
uncs=1; expires=Fri, 29 Mar 2024 21:51:50 GMT; secure; SameSite=None
pdhtkv23=true; expires=Fri, 29 Mar 2024 21:51:50 GMT; secure; SameSite=None
uncs23=1; expires=Fri, 29 Mar 2024 21:51:50 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 99c7731c50da853357ea84bdeb286922
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ablecolony.com/watch.38320186739.js?dev=e&key=ab41dcc89a8f02e3ef0be2e1b079565a&kw=%5B%22adobe%22%2C%22illustrator%22%2C%22-%22%2C%22mac%22%2C%22torrents%22%5D&pst=1711662770&refer=https%3A%2F%2Fwww.macfiles.org%2Fcategory%2Fadobe%2Fadobe-illustrator%2F&res=14.2071&rmtc=t&shu=a9000e48f47a62c48f0c706244a418c45ef121469730d0733c75bb8eb07b4a7fb6132339d52a9a6fc813072215023a665125df04159fd6b4263f3617901347ef62f7d27364a3fd96933e87f9359e8c95bdb0ec9132e5922ebdbabc073921fc&tz=0&uuid=d5ca92e8-8af8-497f-8572-180e2ed1eb97%3A2%3A1

172.240.108.68

200 OK

2.1 kB

URL GET HTTP/1.1
ablecolony.com/watch.38320186739.js?dev=e&key=ab41dcc89a8f02e3ef0be2e1b079565a&kw=%5B%22adobe%22%2C%22illustrator%22%2C%22-%22%2C%22mac%22%2C%22torrents%22%5D&pst=1711662770&refer=https%3A%2F%2Fwww.macfiles.org%2Fcategory%2Fadobe%2Fadobe-illustrator%2F&res=14.2071&rmtc=t&shu=a9000e48f47a62c48f0c706244a418c45ef121469730d0733c75bb8eb07b4a7fb6132339d52a9a6fc813072215023a665125df04159fd6b4263f3617901347ef62f7d27364a3fd96933e87f9359e8c95bdb0ec9132e5922ebdbabc073921fc&tz=0&uuid=d5ca92e8-8af8-497f-8572-180e2ed1eb97%3A2%3A1
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectablecolony.com
Fingerprint72:52:48:30:ED:69:2D:E0:F6:1F:B2:28:46:E6:BF:09:21:CB:DD:D1
ValiditySun, 24 Mar 2024 10:22:04 GMT - Sat, 22 Jun 2024 10:22:03 GMT

File type
JavaScript source, ASCII text, with very long lines (2654)
Size
2.1 kB (2114 bytes)
Hash
4b17423b118c7b982372e40334c9e76e
9c2bf7ffd47441f5a7bdf5d6f5606b4cb50749c0
55f014c3bcab99a15f76307e8a2b33b6e5411e8e54002fe7aca647e31eee14c9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.38320186739.js?dev=e&key=ab41dcc89a8f02e3ef0be2e1b079565a&kw=%5B%22adobe%22%2C%22illustrator%22%2C%22-%22%2C%22mac%22%2C%22torrents%22%5D&pst=1711662770&refer=https%3A%2F%2Fwww.macfiles.org%2Fcategory%2Fadobe%2Fadobe-illustrator%2F&res=14.2071&rmtc=t&shu=a9000e48f47a62c48f0c706244a418c45ef121469730d0733c75bb8eb07b4a7fb6132339d52a9a6fc813072215023a665125df04159fd6b4263f3617901347ef62f7d27364a3fd96933e87f9359e8c95bdb0ec9132e5922ebdbabc073921fc&tz=0&uuid=d5ca92e8-8af8-497f-8572-180e2ed1eb97%3A2%3A1 HTTP/1.1
Host: ablecolony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.macfiles.org
Referer: https://www.macfiles.org/
DNT: 1
Connection: keep-alive
Cookie: u_pl=22061292; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjA2MTI5MiwiayI6ImFiNDFkY2M4OWE4ZjAyZTNlZjBiZTJlMWIwNzk1NjVhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNDU0NDc3LCJwaWQiOjEwNDQ3NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJua2h0dzZyMHJ5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm1hY2ZpbGVzLm9yZy9jYXRlZ29yeS9hZG9iZS9hZG9iZS1pbGx1c3RyYXRvci8iLCJhciI6W119fQ.e7Cd-nnxH36SHOPXJUQ78WHTvrmsjTwO_y15aBrlgnA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 28 Mar 2024 21:51:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.macfiles.org
Access-Control-Allow-Origin: https://www.macfiles.org
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=d5ca92e8-8af8-497f-8572-180e2ed1eb97:2:1; expires=Thu, 04 Apr 2024 21:51:51 GMT; secure; SameSite=None
iprc2cac1dff8eb622378a9bb2c67be32d44=3569806; expires=Fri, 29 Mar 2024 01:51:51 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 29 Mar 2024 21:51:51 GMT; secure; SameSite=None
uncs=1; expires=Fri, 29 Mar 2024 21:51:51 GMT; secure; SameSite=None
pdhtkv5=true; expires=Fri, 29 Mar 2024 21:51:51 GMT; secure; SameSite=None
uncs5=1; expires=Fri, 29 Mar 2024 21:51:51 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 98d8bf06722053f365d676d10cdb92b5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

cdn.cloudimagesb.com/cti/94/aa/09/94aa09b91a894fc0cedf40ac5d66e99b/1711621599.jpg

45.133.44.9

200 OK

56 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/94/aa/09/94aa09b91a894fc0cedf40ac5d66e99b/1711621599.jpg
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
JPEG image data, baseline, precision 8, 728x90, components 3
Size
56 kB (56390 bytes)
Hash
7ff2f74f6785665152addbfcb0701dfe
1a341a2611fca540579f151e5b35c6719c4679cb
44009fdc87583404b2a7a687bfe7c0efbc99e094238f0ef4f540f0d9377ed3fb

HTTP Headers

GET /cti/94/aa/09/94aa09b91a894fc0cedf40ac5d66e99b/1711621599.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 21:51:51 GMT
content-type: image/jpeg
content-length: 56390
server: nginx/1.21.6
last-modified: Thu, 28 Mar 2024 10:26:47 GMT
etag: "660545e7-dc46"
expires: Sat, 30 Mar 2024 21:51:51 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png

45.133.44.9

200 OK

144 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced
Size
144 kB (144379 bytes)
Hash
33c304429dc1a4408a96e6a74ffa2feb
c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314

HTTP Headers

GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 28 Mar 2024 21:51:51 GMT
content-type: image/png
content-length: 144379
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Sat, 30 Mar 2024 21:51:51 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=d5ca92e8-8af8-497f-8572-180e2ed1eb97&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=a904d25cbc0e65d37e5cf79e2d057c1d&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=21

192.243.59.20

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=d5ca92e8-8af8-497f-8572-180e2ed1eb97&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=a904d25cbc0e65d37e5cf79e2d057c1d&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=21
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=d5ca92e8-8af8-497f-8572-180e2ed1eb97&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=a904d25cbc0e65d37e5cf79e2d057c1d&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 28 Mar 2024 21:51:51 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 16bb9cad8f9e97216d54487f7aa4f783
Strict-Transport-Security: max-age=0; includeSubdomains

sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://www.macfiles.org/wp-content/uploads/2020/09/Adobe-InDesign-2020-150x147.png

194.242.11.186

302 Found

0 B

URL GET HTTP/2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://www.macfiles.org/wp-content/uploads/2020/09/Adobe-InDesign-2020-150x147.png
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectsp-ao.shortpixel.ai
Fingerprint99:6C:0E:A5:42:E4:93:89:C4:87:7E:BA:54:2D:DE:9B:40:15:E8:C9
ValidityThu, 22 Feb 2024 14:09:44 GMT - Wed, 22 May 2024 14:09:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /client/to_webp,q_glossy,ret_img,w_150/https://www.macfiles.org/wp-content/uploads/2020/09/Adobe-InDesign-2020-150x147.png HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Thu, 28 Mar 2024 21:51:52 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.macfiles.org/wp-content/uploads/2020/09/Adobe-InDesign-2020-150x147.png
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
pragma: cache
cdn-cachedat: 03/28/2024 12:01:57
x-robots-tag: noindex
link: <https://www.macfiles.org/wp-content/uploads/2020/09/Adobe-InDesign-2020-150x147.png>; rel="canonical"
cdn-tag: 0; Domain: macfiles.org; 302
xtag-sp-ver: 2-ns61
cdn-proxyver: 1.04
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: d13a18361cdde922f374312244d59333
cdn-cache: HIT
X-Firefox-Spdy: h2

sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-After-Effects-2020-150x150.png

194.242.11.186

302 Found

0 B

URL GET HTTP/2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-After-Effects-2020-150x150.png
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectsp-ao.shortpixel.ai
Fingerprint99:6C:0E:A5:42:E4:93:89:C4:87:7E:BA:54:2D:DE:9B:40:15:E8:C9
ValidityThu, 22 Feb 2024 14:09:44 GMT - Wed, 22 May 2024 14:09:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /client/to_webp,q_glossy,ret_img,w_150/https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-After-Effects-2020-150x150.png HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Thu, 28 Mar 2024 21:51:52 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-After-Effects-2020-150x150.png
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
pragma: cache
cdn-cachedat: 03/28/2024 21:51:41
x-robots-tag: noindex
link: <https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-After-Effects-2020-150x150.png>; rel="canonical"
cdn-tag: 0; Domain: macfiles.org; 302
xtag-sp-ver: 2-ns62
cdn-proxyver: 1.04
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: c715e8d890c0fa9333280df434966846
cdn-cache: HIT
X-Firefox-Spdy: h2

www.macfiles.org/wp-content/uploads/2020/09/Adobe-InDesign-2020-150x147.png

104.21.73.82

200 OK

15 kB

URL GET HTTP/3
www.macfiles.org/wp-content/uploads/2020/09/Adobe-InDesign-2020-150x147.png
IP
104.21.73.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectmacfiles.org
Fingerprint05:B6:91:19:E8:3B:D4:01:2C:69:02:50:FC:D3:89:ED:19:1B:D3:49
ValidityThu, 14 Mar 2024 13:45:41 GMT - Wed, 12 Jun 2024 13:45:40 GMT

File type
PNG image data, 150 x 147, 8-bit/color RGBA, non-interlaced
Size
15 kB (15376 bytes)
Hash
f1f1693fe3c205d0bf08693c33808ea8
29231d53f9910fde114730d5abd65f2705652327
403adb552312e311d29baf18c8bd064b333d441ef9765b8e69f2d8c4ec7e7838

HTTP Headers

GET /wp-content/uploads/2020/09/Adobe-InDesign-2020-150x147.png HTTP/1.1
Host: www.macfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.macfiles.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Mar 2024 21:51:52 GMT
content-type: image/png
content-length: 15376
cache-control: public, max-age=604800
expires: Mon, 01 Apr 2024 14:42:40 GMT
last-modified: Mon, 28 Sep 2020 10:37:41 GMT
cf-cache-status: HIT
age: 284952
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xMObGfCsdErnmXBkdt9cWgpsyqaDnTW9xwXzWfhiEH7LT8j3fXWUfAU7LqZeDcfo0EbQzP7S7fBME6fTfBfa7jnpqeBXJAxaegTRyicWdmLNnEviabEPvTWpGm41JjsHEsom"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad80e18ea56c5-OSL
alt-svc: h3=":443"; ma=86400

www.macfiles.org/wp-content/uploads/2020/08/Adobe-After-Effects-2020-150x150.png

104.21.73.82

200 OK

10 kB

URL GET HTTP/3
www.macfiles.org/wp-content/uploads/2020/08/Adobe-After-Effects-2020-150x150.png
IP
104.21.73.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectmacfiles.org
Fingerprint05:B6:91:19:E8:3B:D4:01:2C:69:02:50:FC:D3:89:ED:19:1B:D3:49
ValidityThu, 14 Mar 2024 13:45:41 GMT - Wed, 12 Jun 2024 13:45:40 GMT

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
Size
10 kB (10492 bytes)
Hash
616e1562ee835c642d84ef4677d394ea
acafe43972e52bfc753d7414206dfa1fad20f012
b51dd98cd7227cee93a673c4c026e27ecb2f3b56ad4633491ea0b6b0f23336ec

HTTP Headers

GET /wp-content/uploads/2020/08/Adobe-After-Effects-2020-150x150.png HTTP/1.1
Host: www.macfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.macfiles.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Mar 2024 21:51:52 GMT
content-type: image/png
content-length: 10492
cache-control: public, max-age=604800
expires: Mon, 01 Apr 2024 14:42:40 GMT
last-modified: Mon, 17 Aug 2020 04:36:17 GMT
cf-cache-status: HIT
age: 284952
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RiEp1%2FCZtOkFXKj1BLVYPnKnHGo7WyUJFzjfLRyppZmKdJ99kNNlkQQJklOtw9KzgrQd%2F0tSKoAOWIPlx8T5ygfMu1xrBdZagGI1HqHCy8d6qAA%2Bz1U4c3gFYhdDMjScdAcm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad80e18ef56c5-OSL
alt-svc: h3=":443"; ma=86400

www.macfiles.org/favicon.ico

104.21.73.82

404 Not Found

8.6 kB

URL GET HTTP/3
www.macfiles.org/favicon.ico
IP
104.21.73.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectmacfiles.org
Fingerprint05:B6:91:19:E8:3B:D4:01:2C:69:02:50:FC:D3:89:ED:19:1B:D3:49
ValidityThu, 14 Mar 2024 13:45:41 GMT - Wed, 12 Jun 2024 13:45:40 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
8.6 kB (8613 bytes)
Hash
2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.macfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/category/adobe/adobe-illustrator/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=d5ca92e8-8af8-497f-8572-180e2ed1eb97%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Thu, 28 Mar 2024 21:51:51 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ifBIdiMovWoq0rJDZq8%2BzvlxkJux0hSPAtSFVk2P0gbpfvrYCxCmLuMOrnyhPy4ju55sSHiXAh3DN4wjl%2BMm0XXejrq2sGNCxc2fy5EtEihyh4sflKG1Vhn2MgKRgUcQl%2BAU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad8089b1c56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ablecolony.com/sbar.json?key=a904d25cbc0e65d37e5cf79e2d057c1d&uuid=d5ca92e8-8af8-497f-8572-180e2ed1eb97%3A2%3A1

172.240.108.68

200 OK

6.5 kB

URL GET HTTP/1.1
ablecolony.com/sbar.json?key=a904d25cbc0e65d37e5cf79e2d057c1d&uuid=d5ca92e8-8af8-497f-8572-180e2ed1eb97%3A2%3A1
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectablecolony.com
Fingerprint72:52:48:30:ED:69:2D:E0:F6:1F:B2:28:46:E6:BF:09:21:CB:DD:D1
ValiditySun, 24 Mar 2024 10:22:04 GMT - Sat, 22 Jun 2024 10:22:03 GMT

File type
JSON text data
Size
6.5 kB (6512 bytes)
Hash
93857b5e195fff20c40627424d00020f
49652c102ea58f75c2ccb9b94ae8a211bab8ec14
ce715922a4ae6ffa0150aa373fd30b5b8306fea5f2943d80dc8c1b3410e0f9d7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=a904d25cbc0e65d37e5cf79e2d057c1d&uuid=d5ca92e8-8af8-497f-8572-180e2ed1eb97%3A2%3A1 HTTP/1.1
Host: ablecolony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.macfiles.org
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Cookie: u_pl=22061292; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjA2MTI5MiwiayI6ImFiNDFkY2M4OWE4ZjAyZTNlZjBiZTJlMWIwNzk1NjVhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNDU0NDc3LCJwaWQiOjEwNDQ3NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJua2h0dzZyMHJ5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm1hY2ZpbGVzLm9yZy9jYXRlZ29yeS9hZG9iZS9hZG9iZS1pbGx1c3RyYXRvci8iLCJhciI6W119fQ.e7Cd-nnxH36SHOPXJUQ78WHTvrmsjTwO_y15aBrlgnA; uid_id2=d5ca92e8-8af8-497f-8572-180e2ed1eb97:2:1; iprc7310a3a6dff09f164680b853821fda9f=4471850; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; iprc2cac1dff8eb622378a9bb2c67be32d44=3569806; pdhtkv5=true; uncs5=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 28 Mar 2024 21:52:06 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.macfiles.org
Access-Control-Allow-Origin: https://www.macfiles.org
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=22061292,18323798; expires=Fri, 29 Mar 2024 21:52:06 GMT; secure; SameSite=None
uid_id2=d5ca92e8-8af8-497f-8572-180e2ed1eb97:2:1; expires=Thu, 04 Apr 2024 21:52:06 GMT; secure; SameSite=None
uncs=2; expires=Fri, 29 Mar 2024 21:52:06 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 29 Mar 2024 21:52:06 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 29 Mar 2024 21:52:06 GMT; secure; SameSite=None
sleca904d25cbc0e65d37e5cf79e2d057c1d=[5042730,5042729]; expires=Thu, 28 Mar 2024 21:52:11 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1e54edf0b3232b988c1f104b7fc2aaae
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ablecolony.com/ren.gif?sid=H4sIAAAAAAAC%2F1RTzYscRRSv3qwnD2IIiFFhDh5McHe7ez56xgjBdV0JrklM%2FLpJdVXNbrk1XU19TE%2F2FAyEnGTNSW89v%2F3yIwT9AwwyGxAMCDue9uDiSfGqkLP07OLoO9R77%2Fd7Bb%2F36tXtoT8iMTw9XHpbb0il6EJzPqy99GEUXaityMwPaoN266NW40LN9F%2FptObDc7U3BVvXC3EYhWEURrVlaURXDxYqEjK%2F14nmO%2BF8I56Pmg0MzP9z62dgaQDePyKnIfl49mFwBpKNkPW%2BXRJ23en85Td6XlGnDfp8771sPdNFht407JoA3WzvpBraHiw%2FgM52JnKh%2B%2F8WpnJMgh8fIM32TkQi7W9PdKYKIkPKn0TRH0GoESQdgelbkPyAAIzj8hVkvd3L2hT0xjFLK3ZMZh%2F%2FDVmMyeyvZ5D17i8qOahd18o7qTOLQbeEHIwgV0fI%2FT7cRgBZ7IO5TyD5z2Th8Qqy3vYVqzQkP3yRNxntxKI916bd9lyjk3Tn2s0knovaoYgFj0TaSSYDknIE2R1BibtjsvTq%2BTFpDT4FtTPwNoCXAXw3gM8D9PhhjUVRlISc0bDdYazOE5G2eBjRpBvRKGy14VnVzSZcvgmmNsHM7W2fMTuMvsz5mlvvx%2FVtZ7zYrcC4Poz2juHmBN2p0OYw2j0GJxhycxPr8rOD5mkY%2FwPsWgnLT8G6MQneydHnJQpBUFiCghIUkqBwBEW%2F3OHKxrbc5cr6NDrx8Ymvl1varQ7pjnarIiOgZhOGl8P8iDxdPUjwzBfvY10c1mgnbPC4yVIWilaT1xPRZN2kI2IeNhMWcVhZQtoZUBtgo1qOP39CXvnPn0dK92HVPpg8DepfAC1K0LUSG9l9p40RmetRNp8JB65L5G4W7kYwVEfkuclSrPx1HoI9uvgbmRiYKZGbEh%2FLhwSr6s7WNV2Q7Wu6sOS7K7mTPblBq4W57qgTp75%2BS9wotOGXluzmV6%2BxiqjCe%2B8K61ZoxmW2ask3i5JzYZa1YYJ8f8l%2BINKr3q4tepP5fOXq68uXerkR1kqdjUDlwWLVzJg8dfbZyU84%2F8dZSDOC8SV6%2FhE5MUi9D5bfhM2n6q0mMGpak%2BYBCl9umTidgkoSKDHNaVrC%2FidPp%2FGWodVtKsuhvYNVMwPqbiHrleibEn1VgqpNWH9qy%2BXm0cVf6hNDqma2UmVmtlNl1N3JkKvjHKw8rCX1ekhbnWaUJFQkaSNud1sRpzRutOJWi9bh7Lj7xO%2B3%2FwEAAP%2F%2FAQAA%2F%2F90u69R4wQAAA%3D%3D

172.240.108.68

200 OK

7 B

URL GET HTTP/1.1
ablecolony.com/ren.gif?sid=H4sIAAAAAAAC%2F1RTzYscRRSv3qwnD2IIiFFhDh5McHe7ez56xgjBdV0JrklM%2FLpJdVXNbrk1XU19TE%2F2FAyEnGTNSW89v%2F3yIwT9AwwyGxAMCDue9uDiSfGqkLP07OLoO9R77%2Fd7Bb%2F36tXtoT8iMTw9XHpbb0il6EJzPqy99GEUXaityMwPaoN266NW40LN9F%2FptObDc7U3BVvXC3EYhWEURrVlaURXDxYqEjK%2F14nmO%2BF8I56Pmg0MzP9z62dgaQDePyKnIfl49mFwBpKNkPW%2BXRJ23en85Td6XlGnDfp8771sPdNFht407JoA3WzvpBraHiw%2FgM52JnKh%2B%2F8WpnJMgh8fIM32TkQi7W9PdKYKIkPKn0TRH0GoESQdgelbkPyAAIzj8hVkvd3L2hT0xjFLK3ZMZh%2F%2FDVmMyeyvZ5D17i8qOahd18o7qTOLQbeEHIwgV0fI%2FT7cRgBZ7IO5TyD5z2Th8Qqy3vYVqzQkP3yRNxntxKI916bd9lyjk3Tn2s0knovaoYgFj0TaSSYDknIE2R1BibtjsvTq%2BTFpDT4FtTPwNoCXAXw3gM8D9PhhjUVRlISc0bDdYazOE5G2eBjRpBvRKGy14VnVzSZcvgmmNsHM7W2fMTuMvsz5mlvvx%2FVtZ7zYrcC4Poz2juHmBN2p0OYw2j0GJxhycxPr8rOD5mkY%2FwPsWgnLT8G6MQneydHnJQpBUFiCghIUkqBwBEW%2F3OHKxrbc5cr6NDrx8Ymvl1varQ7pjnarIiOgZhOGl8P8iDxdPUjwzBfvY10c1mgnbPC4yVIWilaT1xPRZN2kI2IeNhMWcVhZQtoZUBtgo1qOP39CXvnPn0dK92HVPpg8DepfAC1K0LUSG9l9p40RmetRNp8JB65L5G4W7kYwVEfkuclSrPx1HoI9uvgbmRiYKZGbEh%2FLhwSr6s7WNV2Q7Wu6sOS7K7mTPblBq4W57qgTp75%2BS9wotOGXluzmV6%2BxiqjCe%2B8K61ZoxmW2ask3i5JzYZa1YYJ8f8l%2BINKr3q4tepP5fOXq68uXerkR1kqdjUDlwWLVzJg8dfbZyU84%2F8dZSDOC8SV6%2FhE5MUi9D5bfhM2n6q0mMGpak%2BYBCl9umTidgkoSKDHNaVrC%2FidPp%2FGWodVtKsuhvYNVMwPqbiHrleibEn1VgqpNWH9qy%2BXm0cVf6hNDqma2UmVmtlNl1N3JkKvjHKw8rCX1ekhbnWaUJFQkaSNud1sRpzRutOJWi9bh7Lj7xO%2B3%2FwEAAP%2F%2FAQAA%2F%2F90u69R4wQAAA%3D%3D
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectablecolony.com
Fingerprint72:52:48:30:ED:69:2D:E0:F6:1F:B2:28:46:E6:BF:09:21:CB:DD:D1
ValiditySun, 24 Mar 2024 10:22:04 GMT - Sat, 22 Jun 2024 10:22:03 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RTzYscRRSv3qwnD2IIiFFhDh5McHe7ez56xgjBdV0JrklM%2FLpJdVXNbrk1XU19TE%2F2FAyEnGTNSW89v%2F3yIwT9AwwyGxAMCDue9uDiSfGqkLP07OLoO9R77%2Fd7Bb%2F36tXtoT8iMTw9XHpbb0il6EJzPqy99GEUXaityMwPaoN266NW40LN9F%2FptObDc7U3BVvXC3EYhWEURrVlaURXDxYqEjK%2F14nmO%2BF8I56Pmg0MzP9z62dgaQDePyKnIfl49mFwBpKNkPW%2BXRJ23en85Td6XlGnDfp8771sPdNFht407JoA3WzvpBraHiw%2FgM52JnKh%2B%2F8WpnJMgh8fIM32TkQi7W9PdKYKIkPKn0TRH0GoESQdgelbkPyAAIzj8hVkvd3L2hT0xjFLK3ZMZh%2F%2FDVmMyeyvZ5D17i8qOahd18o7qTOLQbeEHIwgV0fI%2FT7cRgBZ7IO5TyD5z2Th8Qqy3vYVqzQkP3yRNxntxKI916bd9lyjk3Tn2s0knovaoYgFj0TaSSYDknIE2R1BibtjsvTq%2BTFpDT4FtTPwNoCXAXw3gM8D9PhhjUVRlISc0bDdYazOE5G2eBjRpBvRKGy14VnVzSZcvgmmNsHM7W2fMTuMvsz5mlvvx%2FVtZ7zYrcC4Poz2juHmBN2p0OYw2j0GJxhycxPr8rOD5mkY%2FwPsWgnLT8G6MQneydHnJQpBUFiCghIUkqBwBEW%2F3OHKxrbc5cr6NDrx8Ymvl1varQ7pjnarIiOgZhOGl8P8iDxdPUjwzBfvY10c1mgnbPC4yVIWilaT1xPRZN2kI2IeNhMWcVhZQtoZUBtgo1qOP39CXvnPn0dK92HVPpg8DepfAC1K0LUSG9l9p40RmetRNp8JB65L5G4W7kYwVEfkuclSrPx1HoI9uvgbmRiYKZGbEh%2FLhwSr6s7WNV2Q7Wu6sOS7K7mTPblBq4W57qgTp75%2BS9wotOGXluzmV6%2BxiqjCe%2B8K61ZoxmW2ask3i5JzYZa1YYJ8f8l%2BINKr3q4tepP5fOXq68uXerkR1kqdjUDlwWLVzJg8dfbZyU84%2F8dZSDOC8SV6%2FhE5MUi9D5bfhM2n6q0mMGpak%2BYBCl9umTidgkoSKDHNaVrC%2FidPp%2FGWodVtKsuhvYNVMwPqbiHrleibEn1VgqpNWH9qy%2BXm0cVf6hNDqma2UmVmtlNl1N3JkKvjHKw8rCX1ekhbnWaUJFQkaSNud1sRpzRutOJWi9bh7Lj7xO%2B3%2FwEAAP%2F%2FAQAA%2F%2F90u69R4wQAAA%3D%3D HTTP/1.1
Host: ablecolony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Cookie: u_pl=22061292,18323798; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjA2MTI5MiwiayI6ImFiNDFkY2M4OWE4ZjAyZTNlZjBiZTJlMWIwNzk1NjVhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNDU0NDc3LCJwaWQiOjEwNDQ3NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJua2h0dzZyMHJ5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm1hY2ZpbGVzLm9yZy9jYXRlZ29yeS9hZG9iZS9hZG9iZS1pbGx1c3RyYXRvci8iLCJhciI6W119fQ.e7Cd-nnxH36SHOPXJUQ78WHTvrmsjTwO_y15aBrlgnA; uid_id2=d5ca92e8-8af8-497f-8572-180e2ed1eb97:2:1; iprc7310a3a6dff09f164680b853821fda9f=4471850; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; iprc2cac1dff8eb622378a9bb2c67be32d44=3569806; pdhtkv5=true; uncs5=1; pdhtkv29=true; uncs29=1; sleca904d25cbc0e65d37e5cf79e2d057c1d=[5042730,5042729]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 28 Mar 2024 21:52:06 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 11c4ee260c95f398767d5a40e43fded8
Strict-Transport-Security: max-age=0; includeSubdomains

ablecolony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F8e%2Fff%2F66%2F8eff6635b7ed4954a8b4e92629e58a35%2F1698745384.html&l=1495&fd=104

172.240.108.68

200 OK

0 B

URL GET HTTP/1.1
ablecolony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F8e%2Fff%2F66%2F8eff6635b7ed4954a8b4e92629e58a35%2F1698745384.html&l=1495&fd=104
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectablecolony.com
Fingerprint72:52:48:30:ED:69:2D:E0:F6:1F:B2:28:46:E6:BF:09:21:CB:DD:D1
ValiditySun, 24 Mar 2024 10:22:04 GMT - Sat, 22 Jun 2024 10:22:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F8e%2Fff%2F66%2F8eff6635b7ed4954a8b4e92629e58a35%2F1698745384.html&l=1495&fd=104 HTTP/1.1
Host: ablecolony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Cookie: u_pl=22061292,18323798; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjA2MTI5MiwiayI6ImFiNDFkY2M4OWE4ZjAyZTNlZjBiZTJlMWIwNzk1NjVhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNDU0NDc3LCJwaWQiOjEwNDQ3NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJua2h0dzZyMHJ5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm1hY2ZpbGVzLm9yZy9jYXRlZ29yeS9hZG9iZS9hZG9iZS1pbGx1c3RyYXRvci8iLCJhciI6W119fQ.e7Cd-nnxH36SHOPXJUQ78WHTvrmsjTwO_y15aBrlgnA; uid_id2=d5ca92e8-8af8-497f-8572-180e2ed1eb97:2:1; iprc7310a3a6dff09f164680b853821fda9f=4471850; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; iprc2cac1dff8eb622378a9bb2c67be32d44=3569806; pdhtkv5=true; uncs5=1; pdhtkv29=true; uncs29=1; sleca904d25cbc0e65d37e5cf79e2d057c1d=[5042730,5042729]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 28 Mar 2024 21:52:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.cloudimagesb.com/si/d5/61/f7/d561f7014032b90fda7c12cd6e599486/1706691936.png

45.133.44.9

200 OK

67 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/d5/61/f7/d561f7014032b90fda7c12cd6e599486/1706691936.png
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
67 kB (66643 bytes)
Hash
c69e439e75c5e30952ae844b5a7fe41a
a7812087bfa98385ae2a7f82cbafffd97728b690
8d4dab9cdd6a3ced483812c5383ae2be4b7153593580a8a7d2b42214982240b7

HTTP Headers

GET /si/d5/61/f7/d561f7014032b90fda7c12cd6e599486/1706691936.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 28 Mar 2024 21:52:07 GMT
content-type: image/png
content-length: 66643
server: nginx/1.21.6
last-modified: Wed, 31 Jan 2024 09:05:45 GMT
etag: "65ba0d69-10453"
expires: Sat, 30 Mar 2024 21:52:07 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

ablecolony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Finterstitial%2Fmessage_redcircle%2F1%2Fcss%2Fstyle.css&l=5327&fd=91

172.240.108.68

200 OK

0 B

URL GET HTTP/1.1
ablecolony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Finterstitial%2Fmessage_redcircle%2F1%2Fcss%2Fstyle.css&l=5327&fd=91
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectablecolony.com
Fingerprint72:52:48:30:ED:69:2D:E0:F6:1F:B2:28:46:E6:BF:09:21:CB:DD:D1
ValiditySun, 24 Mar 2024 10:22:04 GMT - Sat, 22 Jun 2024 10:22:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Finterstitial%2Fmessage_redcircle%2F1%2Fcss%2Fstyle.css&l=5327&fd=91 HTTP/1.1
Host: ablecolony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Cookie: u_pl=22061292,18323798; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjA2MTI5MiwiayI6ImFiNDFkY2M4OWE4ZjAyZTNlZjBiZTJlMWIwNzk1NjVhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNDU0NDc3LCJwaWQiOjEwNDQ3NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJua2h0dzZyMHJ5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm1hY2ZpbGVzLm9yZy9jYXRlZ29yeS9hZG9iZS9hZG9iZS1pbGx1c3RyYXRvci8iLCJhciI6W119fQ.e7Cd-nnxH36SHOPXJUQ78WHTvrmsjTwO_y15aBrlgnA; uid_id2=d5ca92e8-8af8-497f-8572-180e2ed1eb97:2:1; iprc7310a3a6dff09f164680b853821fda9f=4471850; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; iprc2cac1dff8eb622378a9bb2c67be32d44=3569806; pdhtkv5=true; uncs5=1; pdhtkv29=true; uncs29=1; sleca904d25cbc0e65d37e5cf79e2d057c1d=[5042730,5042729]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 28 Mar 2024 21:52:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

ablecolony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Finterstitial%2Fmessage_redcircle%2F1%2Fcss%2Fanimate.css&l=78689&fd=94

172.240.108.68

200 OK

0 B

URL GET HTTP/1.1
ablecolony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Finterstitial%2Fmessage_redcircle%2F1%2Fcss%2Fanimate.css&l=78689&fd=94
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectablecolony.com
Fingerprint72:52:48:30:ED:69:2D:E0:F6:1F:B2:28:46:E6:BF:09:21:CB:DD:D1
ValiditySun, 24 Mar 2024 10:22:04 GMT - Sat, 22 Jun 2024 10:22:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Finterstitial%2Fmessage_redcircle%2F1%2Fcss%2Fanimate.css&l=78689&fd=94 HTTP/1.1
Host: ablecolony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Cookie: u_pl=22061292,18323798; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjA2MTI5MiwiayI6ImFiNDFkY2M4OWE4ZjAyZTNlZjBiZTJlMWIwNzk1NjVhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNDU0NDc3LCJwaWQiOjEwNDQ3NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJua2h0dzZyMHJ5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm1hY2ZpbGVzLm9yZy9jYXRlZ29yeS9hZG9iZS9hZG9iZS1pbGx1c3RyYXRvci8iLCJhciI6W119fQ.e7Cd-nnxH36SHOPXJUQ78WHTvrmsjTwO_y15aBrlgnA; uid_id2=d5ca92e8-8af8-497f-8572-180e2ed1eb97:2:1; iprc7310a3a6dff09f164680b853821fda9f=4471850; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; iprc2cac1dff8eb622378a9bb2c67be32d44=3569806; pdhtkv5=true; uncs5=1; pdhtkv29=true; uncs29=1; sleca904d25cbc0e65d37e5cf79e2d057c1d=[5042730,5042729]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 28 Mar 2024 21:52:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.creative-bars1.com/sb/ssp/interstitial/message_redcircle/1/css/animate.css

172.64.160.4

200 OK

6.1 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/interstitial/message_redcircle/1/css/animate.css
IP
172.64.160.4:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint10:69:48:04:3B:B6:11:3A:D4:D0:E1:5F:B2:F9:B4:75:BB:EE:39:22
ValidityFri, 16 Feb 2024 15:25:59 GMT - Thu, 16 May 2024 15:25:58 GMT

File type
ASCII text
Size
6.1 kB (6095 bytes)
Hash
3d4123dbfb33d27a5cfdfcfa91df6783
e7d0eeeec54b848f0bc3da8685fa3bc88429d660
cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887

HTTP Headers

GET /sb/ssp/interstitial/message_redcircle/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.macfiles.org
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 21:52:07 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:19:45 GMT
etag: W/"65aa8501-13361"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 29734
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4qEbEGre9nB44ZsF381b3pPoGi1xKYTSN%2FJ6QHlxkcM%2Fr50E%2BUSWG%2B7F%2BNFY6Z8i5ut47vp4Gd9btXrLuw7OT%2FZUYxpWk9qw2SnY18%2F5yC8zWkMuCkjLvc3ob35mAzTHgiEaQWnHo04R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad86c0f2e4888-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/interstitial/message_redcircle/1/img/number.png

172.64.160.4

200 OK

1.1 kB

URL GET HTTP/3
cdn.creative-bars1.com/sb/ssp/interstitial/message_redcircle/1/img/number.png
IP
172.64.160.4:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint10:69:48:04:3B:B6:11:3A:D4:D0:E1:5F:B2:F9:B4:75:BB:EE:39:22
ValidityFri, 16 Feb 2024 15:25:59 GMT - Thu, 16 May 2024 15:25:58 GMT

File type
PNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced
Size
1.1 kB (1138 bytes)
Hash
9e4414e85c588bf7db195e49c02ab2bb
09254e79b255f1b2dfe45adbbe44583a4b433782
0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762

HTTP Headers

GET /sb/ssp/interstitial/message_redcircle/1/img/number.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Mar 2024 21:52:07 GMT
content-type: image/png
content-length: 1138
last-modified: Fri, 19 Jan 2024 14:19:45 GMT
etag: "65aa8501-472"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 531486
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AZjSUktMDdadLRiTR9%2FAEQv%2F0IA%2FnYBmihLnmTxbzXAhJyWrhCvsz5G5acq6vgE66RtSFwcf%2FtXYJ%2Bdzbgxf7K6lovJ61CoQa%2BH4cK9DuFe0EvrjYoBzhO%2FJCpid%2Bn5017SuC6kZNyng"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad86efb3448bb-LHR
alt-svc: h3=":443"; ma=86400

ablecolony.com/impr.gif?sid=H4sIAAAAAAAC%2F1RTzYscRRSv3qwnD2IIiFFhDh5McHe7e6bnwwjBdV0JrklM%2FLpJdVX1brndXU19TE%2F2FAyEnGTNSW89v%2F3yIwT9AwwyGxAMCDue9uDiSfGqkLP07OLoO9R77%2Fd7Bb%2F36tXtoTsiIRw9XHpbbcg0pQvRvN946cMguNBYkbkbNAbd9kft1oWG7r%2FSa8%2F75xpvCrauFkI%2F8P3ADxrLUotEDRZqErK41wvme%2F58K5wPohYG%2Bv%2B5cTMw1APvH5HTkHw8%2B9A7A8lGyLNvl4RZt6p4%2BY3MpdQqjT7fey9fz1WZI5uGifaQ5Hsn1VDmYPkBVL4zkQvV%2F7cwlmPi%2FfgAcb53IhJxf3uiM04hcsT8SZT9EUQ6gqQjMHULkh8QgHFcvoI8272sdElvHLO0Zsdk9vHfkOWYzP56Bnl2fzGVg8Z1lTorVW4wSCrIwQhydYTC7cNueJDlPpj9BJL%2FTBYeryDPtq%2BYVEHywxd5xGgvFN25Lk26c61eJ5nrRp1wLuj6IhQ8EHGvMxmQlCPIZIRU3B2TpVfPj0l78CmomYEzHpz04BIPrvCQ8cMGC4Kg43NG%2FW6PsSbviLjN%2FYB2koAGfrsLx%2BpuNmGLTbB0E0zf3i34ml3vb1vtxLbLmRkGXx5DYXMC7tZg2BwGe8dwNEF3ajQaBij0TazLzw6i09DuB5i1CoafgrFj4r1ToM8rlIKgNAQlJSglQWkJyn61w1MTmmqXp8bFwYkPT3yz2lJ2dUh3lF0VOQHVm9C8GhZH5On6Qbxnvngf6%2BKwQXt%2Bi4cRi5kv2hFvdkTEkk5PhNyPOizgMLKCNDOgxsNGvRx%2F%2FoSi9p8%2Fj5juw6T7YPI0qHsBtKxA1yps5Pet0lrkNqNsPhcWXFUo7CzsDW%2BYHpHnJkux8td5CPbo4m9kYmC6QqErfCwfEqymd7auqZJsX1OlId9dKazM5AatF%2Ba6pVac%2BvotcaNUml9aMptfvcZqog7vvSuMXaE5l%2FmqId8sSs6FXlaaCfL9JfOBiK86s7bodO6KlauvL1%2FKCi2MkSofgcqDxbqZMXnq7LOTn3D%2Bj7OQegTtKmTuETkxSLUPVtyEKabqjSLQ6bQmLjyUrtrSYTwFU0mQimlO4wrmP3k8jbc0rW9TWQ3NHazqGVB7C3lWoa8r9NMKNN2Ecae2bKEfXfylOTHE6cxWnOqZ7TjV6d3JkOvjHIw8bDR93olFIjqxaEWtRDAeR1Hss4TFTd7tMlgzTp74%2FfY%2FAAAA%2F%2F8BAAD%2F%2F%2BodEC3jBAAA

172.240.108.68

200 OK

7 B

URL GET HTTP/1.1
ablecolony.com/impr.gif?sid=H4sIAAAAAAAC%2F1RTzYscRRSv3qwnD2IIiFFhDh5McHe7e6bnwwjBdV0JrklM%2FLpJdVX1brndXU19TE%2F2FAyEnGTNSW89v%2F3yIwT9AwwyGxAMCDue9uDiSfGqkLP07OLoO9R77%2Fd7Bb%2F36tXtoTsiIRw9XHpbbcg0pQvRvN946cMguNBYkbkbNAbd9kft1oWG7r%2FSa8%2F75xpvCrauFkI%2F8P3ADxrLUotEDRZqErK41wvme%2F58K5wPohYG%2Bv%2B5cTMw1APvH5HTkHw8%2B9A7A8lGyLNvl4RZt6p4%2BY3MpdQqjT7fey9fz1WZI5uGifaQ5Hsn1VDmYPkBVL4zkQvV%2F7cwlmPi%2FfgAcb53IhJxf3uiM04hcsT8SZT9EUQ6gqQjMHULkh8QgHFcvoI8272sdElvHLO0Zsdk9vHfkOWYzP56Bnl2fzGVg8Z1lTorVW4wSCrIwQhydYTC7cNueJDlPpj9BJL%2FTBYeryDPtq%2BYVEHywxd5xGgvFN25Lk26c61eJ5nrRp1wLuj6IhQ8EHGvMxmQlCPIZIRU3B2TpVfPj0l78CmomYEzHpz04BIPrvCQ8cMGC4Kg43NG%2FW6PsSbviLjN%2FYB2koAGfrsLx%2BpuNmGLTbB0E0zf3i34ml3vb1vtxLbLmRkGXx5DYXMC7tZg2BwGe8dwNEF3ajQaBij0TazLzw6i09DuB5i1CoafgrFj4r1ToM8rlIKgNAQlJSglQWkJyn61w1MTmmqXp8bFwYkPT3yz2lJ2dUh3lF0VOQHVm9C8GhZH5On6Qbxnvngf6%2BKwQXt%2Bi4cRi5kv2hFvdkTEkk5PhNyPOizgMLKCNDOgxsNGvRx%2F%2FoSi9p8%2Fj5juw6T7YPI0qHsBtKxA1yps5Pet0lrkNqNsPhcWXFUo7CzsDW%2BYHpHnJkux8td5CPbo4m9kYmC6QqErfCwfEqymd7auqZJsX1OlId9dKazM5AatF%2Ba6pVac%2BvotcaNUml9aMptfvcZqog7vvSuMXaE5l%2FmqId8sSs6FXlaaCfL9JfOBiK86s7bodO6KlauvL1%2FKCi2MkSofgcqDxbqZMXnq7LOTn3D%2Bj7OQegTtKmTuETkxSLUPVtyEKabqjSLQ6bQmLjyUrtrSYTwFU0mQimlO4wrmP3k8jbc0rW9TWQ3NHazqGVB7C3lWoa8r9NMKNN2Ecae2bKEfXfylOTHE6cxWnOqZ7TjV6d3JkOvjHIw8bDR93olFIjqxaEWtRDAeR1Hss4TFTd7tMlgzTp74%2FfY%2FAAAA%2F%2F8BAAD%2F%2F%2BodEC3jBAAA
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectablecolony.com
Fingerprint72:52:48:30:ED:69:2D:E0:F6:1F:B2:28:46:E6:BF:09:21:CB:DD:D1
ValiditySun, 24 Mar 2024 10:22:04 GMT - Sat, 22 Jun 2024 10:22:03 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RTzYscRRSv3qwnD2IIiFFhDh5McHe7e6bnwwjBdV0JrklM%2FLpJdVX1brndXU19TE%2F2FAyEnGTNSW89v%2F3yIwT9AwwyGxAMCDue9uDiSfGqkLP07OLoO9R77%2Fd7Bb%2F36tXtoTsiIRw9XHpbbcg0pQvRvN946cMguNBYkbkbNAbd9kft1oWG7r%2FSa8%2F75xpvCrauFkI%2F8P3ADxrLUotEDRZqErK41wvme%2F58K5wPohYG%2Bv%2B5cTMw1APvH5HTkHw8%2B9A7A8lGyLNvl4RZt6p4%2BY3MpdQqjT7fey9fz1WZI5uGifaQ5Hsn1VDmYPkBVL4zkQvV%2F7cwlmPi%2FfgAcb53IhJxf3uiM04hcsT8SZT9EUQ6gqQjMHULkh8QgHFcvoI8272sdElvHLO0Zsdk9vHfkOWYzP56Bnl2fzGVg8Z1lTorVW4wSCrIwQhydYTC7cNueJDlPpj9BJL%2FTBYeryDPtq%2BYVEHywxd5xGgvFN25Lk26c61eJ5nrRp1wLuj6IhQ8EHGvMxmQlCPIZIRU3B2TpVfPj0l78CmomYEzHpz04BIPrvCQ8cMGC4Kg43NG%2FW6PsSbviLjN%2FYB2koAGfrsLx%2BpuNmGLTbB0E0zf3i34ml3vb1vtxLbLmRkGXx5DYXMC7tZg2BwGe8dwNEF3ajQaBij0TazLzw6i09DuB5i1CoafgrFj4r1ToM8rlIKgNAQlJSglQWkJyn61w1MTmmqXp8bFwYkPT3yz2lJ2dUh3lF0VOQHVm9C8GhZH5On6Qbxnvngf6%2BKwQXt%2Bi4cRi5kv2hFvdkTEkk5PhNyPOizgMLKCNDOgxsNGvRx%2F%2FoSi9p8%2Fj5juw6T7YPI0qHsBtKxA1yps5Pet0lrkNqNsPhcWXFUo7CzsDW%2BYHpHnJkux8td5CPbo4m9kYmC6QqErfCwfEqymd7auqZJsX1OlId9dKazM5AatF%2Ba6pVac%2BvotcaNUml9aMptfvcZqog7vvSuMXaE5l%2FmqId8sSs6FXlaaCfL9JfOBiK86s7bodO6KlauvL1%2FKCi2MkSofgcqDxbqZMXnq7LOTn3D%2Bj7OQegTtKmTuETkxSLUPVtyEKabqjSLQ6bQmLjyUrtrSYTwFU0mQimlO4wrmP3k8jbc0rW9TWQ3NHazqGVB7C3lWoa8r9NMKNN2Ecae2bKEfXfylOTHE6cxWnOqZ7TjV6d3JkOvjHIw8bDR93olFIjqxaEWtRDAeR1Hss4TFTd7tMlgzTp74%2FfY%2FAAAA%2F%2F8BAAD%2F%2F%2BodEC3jBAAA HTTP/1.1
Host: ablecolony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Cookie: u_pl=22061292,18323798; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjA2MTI5MiwiayI6ImFiNDFkY2M4OWE4ZjAyZTNlZjBiZTJlMWIwNzk1NjVhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNDU0NDc3LCJwaWQiOjEwNDQ3NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJua2h0dzZyMHJ5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm1hY2ZpbGVzLm9yZy9jYXRlZ29yeS9hZG9iZS9hZG9iZS1pbGx1c3RyYXRvci8iLCJhciI6W119fQ.e7Cd-nnxH36SHOPXJUQ78WHTvrmsjTwO_y15aBrlgnA; uid_id2=d5ca92e8-8af8-497f-8572-180e2ed1eb97:2:1; iprc7310a3a6dff09f164680b853821fda9f=4471850; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; iprc2cac1dff8eb622378a9bb2c67be32d44=3569806; pdhtkv5=true; uncs5=1; pdhtkv29=true; uncs29=1; sleca904d25cbc0e65d37e5cf79e2d057c1d=[5042730,5042729]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 28 Mar 2024 21:52:07 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: be33b436ade1f2aa3b1548329d7b34aa
Strict-Transport-Security: max-age=0; includeSubdomains

ablecolony.com/pixel/sbs?c=1

172.240.108.68

200 OK

0 B

URL GET HTTP/1.1
ablecolony.com/pixel/sbs?c=1
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectablecolony.com
Fingerprint72:52:48:30:ED:69:2D:E0:F6:1F:B2:28:46:E6:BF:09:21:CB:DD:D1
ValiditySun, 24 Mar 2024 10:22:04 GMT - Sat, 22 Jun 2024 10:22:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: ablecolony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Cookie: u_pl=22061292,18323798; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjA2MTI5MiwiayI6ImFiNDFkY2M4OWE4ZjAyZTNlZjBiZTJlMWIwNzk1NjVhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNDU0NDc3LCJwaWQiOjEwNDQ3NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJua2h0dzZyMHJ5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm1hY2ZpbGVzLm9yZy9jYXRlZ29yeS9hZG9iZS9hZG9iZS1pbGx1c3RyYXRvci8iLCJhciI6W119fQ.e7Cd-nnxH36SHOPXJUQ78WHTvrmsjTwO_y15aBrlgnA; uid_id2=d5ca92e8-8af8-497f-8572-180e2ed1eb97:2:1; iprc7310a3a6dff09f164680b853821fda9f=4471850; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; iprc2cac1dff8eb622378a9bb2c67be32d44=3569806; pdhtkv5=true; uncs5=1; pdhtkv29=true; uncs29=1; sleca904d25cbc0e65d37e5cf79e2d057c1d=[5042730,5042729]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 28 Mar 2024 21:52:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.macfiles.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:37:50 GMT
expires: Fri, 28 Mar 2025 17:37:50 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 15257
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.macfiles.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:46:08 GMT
expires: Fri, 28 Mar 2025 17:46:08 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 14759
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.macfiles.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 02:32:46 GMT
expires: Fri, 28 Mar 2025 02:32:46 GMT
cache-control: public, max-age=31536000
age: 69561
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/interstitial/message_redcircle/1/css/style.css

172.64.160.4

200 OK

5.3 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/interstitial/message_redcircle/1/css/style.css
IP
172.64.160.4:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint10:69:48:04:3B:B6:11:3A:D4:D0:E1:5F:B2:F9:B4:75:BB:EE:39:22
ValidityFri, 16 Feb 2024 15:25:59 GMT - Thu, 16 May 2024 15:25:58 GMT

File type
ASCII text, with very long lines (5650), with no line terminators
Size
5.3 kB (5327 bytes)
Hash
22a53a4359ce7c5a288c51ac71215963
1887d5f33b71c7ecb28012cd260b1d2e88a4e39d
55b6a3ef295f668f95e2fa9ce2cc3cd6cbbf5a95469d21d2f1faab18b69c48fa

HTTP Headers

GET /sb/ssp/interstitial/message_redcircle/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.macfiles.org
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 21:52:07 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:19:45 GMT
etag: W/"65aa8501-14cf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 29734
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nvm96g3GEpO559k%2Ba7PbjO%2FwRiwculTFl%2BGMHdMQSefUNG0vEVzXlcYtR04ochrq6LZqxGHgXAKLglsvI53jf5V6hwlZ2zZ8Zt76oTtlruQind1nPtVFO7yXh60rtjpc9rLD%2FysFFyDv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad86c1f4a4888-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/interstitial/message_redcircle/1/img/close.svg

172.64.160.4

200 OK

1.3 kB

URL GET HTTP/3
cdn.creative-bars1.com/sb/ssp/interstitial/message_redcircle/1/img/close.svg
IP
172.64.160.4:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint10:69:48:04:3B:B6:11:3A:D4:D0:E1:5F:B2:F9:B4:75:BB:EE:39:22
ValidityFri, 16 Feb 2024 15:25:59 GMT - Thu, 16 May 2024 15:25:58 GMT

File type
SVG Scalable Vector Graphics image
Size
1.3 kB (1279 bytes)
Hash
5ff33e884803785a8002a2aa5fa03b0e
a04406f2592e23e648bee499477f823da0c48362
6ba65121162b5b03e75501501ddaa928f73be8d1fe81c032a4879561de63ff58

HTTP Headers

GET /sb/ssp/interstitial/message_redcircle/1/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 28 Mar 2024 21:52:07 GMT
content-type: image/svg+xml
last-modified: Fri, 19 Jan 2024 14:19:45 GMT
etag: W/"65aa8501-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 520130
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xv1mkFDkMUkW4rgbEa02gn6uCg1bYip0bSOHQZCf82oVSk43BcEAkP3nbQ4e37AaDh9GMuWXlbuvc6b6%2BJVCYRpUcDMT8MOtrXs%2F%2BocdlVNxA4v92u6afmZut8oNkcKr0xkJpoBks8J8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad86cd8d048bb-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.creative-bars1.com/sb/ssp/interstitial/message_redcircle/1/js/jquery.min.js

172.64.160.4

200 OK

90 kB

URL GET HTTP/3
cdn.creative-bars1.com/sb/ssp/interstitial/message_redcircle/1/js/jquery.min.js
IP
172.64.160.4:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint10:69:48:04:3B:B6:11:3A:D4:D0:E1:5F:B2:F9:B4:75:BB:EE:39:22
ValidityFri, 16 Feb 2024 15:25:59 GMT - Thu, 16 May 2024 15:25:58 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
90 kB (89492 bytes)
Hash
561acb3e541133bbdd2c0c19f8ee35a1
ffd1353cf3f77d25f801c84d8208613eb0d3d548
9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc

HTTP Headers

GET /sb/ssp/interstitial/message_redcircle/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 28 Mar 2024 21:52:07 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:19:45 GMT
etag: W/"65aa8501-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 516310
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wb%2B0VwYLPFmHseXFYBHDS%2F4YbWIWZEld8HV2uwfzMbkkubaCtzkUZpp0vx6VzSLw0BWQUMY3aqQLH%2FL6gafeIfgh8WmNG6LpKPnqHwaxBuGRRRB7vU8Vc4awLI94mH%2Btc2LMgTXUzrAi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad86cd8d848bb-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css

104.18.10.207

200 OK

29 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (28900)
Size
29 kB (29063 bytes)
Hash
4083f5d376eb849a458cc790b53ba080
fb5b49426dee7f1508500e698d1b3c6b04c8fcce
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

HTTP Headers

GET /font-awesome/4.6.3/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 21:51:49 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"4083f5d376eb849a458cc790b53ba080"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/11/2022 02:14:14
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1047
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 601a9a422917d5011204b75b2a4627c5
cdn-cache: HIT
cf-cache-status: HIT
age: 11029236
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 86bad7ffcc7656ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

downstairsnegotiatebarren.com/sfp.js

188.114.96.1

200 OK

86 kB

URL GET HTTP/2
downstairsnegotiatebarren.com/sfp.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44
ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT

File type

Size
86 kB (85468 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 21:51:50 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 155606160ff0d30c3387be2ab18ec6b7
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 28 Mar 2024 21:51:50 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bcasyJrnh31tDquYBU%2BIzr2Cu4hirsBXAhOZZDE2rIQdU2aI%2B73eUe3ldZ%2F0hXdsvhEn6Nfwegx0klLoT68Hqz2LfN%2BiwBf%2B3mGzcwxBRJVxK7Np3%2FC8LADmI05MdbD4Hts2xKFM9F%2Fyc7C%2Bxdbguw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad806c817b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.macfiles.org/category/adobe/adobe-illustrator/

104.21.73.82

200 OK

78 kB

URL User Request GET HTTP/2
www.macfiles.org/category/adobe/adobe-illustrator/
IP
104.21.73.82:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectmacfiles.org
Fingerprint05:B6:91:19:E8:3B:D4:01:2C:69:02:50:FC:D3:89:ED:19:1B:D3:49
ValidityThu, 14 Mar 2024 13:45:41 GMT - Wed, 12 Jun 2024 13:45:40 GMT

File type
HTML document, ASCII text, with very long lines (10727)
Size
78 kB (78316 bytes)
Hash
c9cc314286efc8cef2db0e96a76bcfed
4fed6c85f431186a42205107db6b7679ab001f32
6f38a0cd903ab58246c923fcfe3057d37c5957b34f51deace21e8f7590783fed

HTTP Headers

GET /category/adobe/adobe-illustrator/ HTTP/1.1
Host: www.macfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 21:51:49 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Cookie
cache-control: max-age=3, must-revalidate
last-modified: Thu, 28 Mar 2024 21:27:19 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lW3jeLo6m7W4LHdBBAySbd0voGeKAXsyiV7WEBoZ54Bdvvs9fX8wpR7TY%2FX8WN%2FQZ6T1WnS7bPxldGCIprQ36kheWsOGqCkm5G5CRW33WzBqzCiVByGekQw%2BOBMHzFQXU3ka"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bad7fde87d56c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.macfiles.org/category/adobe/adobe-illustrator/page/2/

0.0.0.0

0 B

URL GET
www.macfiles.org/category/adobe/adobe-illustrator/page/2/
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectmacfiles.org
Fingerprint05:B6:91:19:E8:3B:D4:01:2C:69:02:50:FC:D3:89:ED:19:1B:D3:49
ValidityThu, 14 Mar 2024 13:45:41 GMT - Wed, 12 Jun 2024 13:45:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /category/adobe/adobe-illustrator/page/2/ HTTP/1.1
Host: www.macfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/category/adobe/adobe-illustrator/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=d5ca92e8-8af8-497f-8572-180e2ed1eb97%3A2%3A1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

www.macfiles.org/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.1.11

104.21.73.82

200 OK

9.8 kB

URL GET HTTP/3
www.macfiles.org/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.1.11
IP
104.21.73.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectmacfiles.org
Fingerprint05:B6:91:19:E8:3B:D4:01:2C:69:02:50:FC:D3:89:ED:19:1B:D3:49
ValidityThu, 14 Mar 2024 13:45:41 GMT - Wed, 12 Jun 2024 13:45:40 GMT

File type
JavaScript source, ASCII text, with very long lines (10063), with no line terminators
Size
9.8 kB (9813 bytes)
Hash
73122fbfabbe773c0aab1d1f94316beb
02e58a96ce045594633f49373c27e8301c5d63f3
17b4bf0bd4f257f50c543a37080596a2d928c7ee8fc4f996234650175e0b03bb

HTTP Headers

GET /wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.1.11 HTTP/1.1
Host: www.macfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/category/adobe/adobe-illustrator/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 28 Mar 2024 21:51:49 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Wed, 03 Apr 2024 13:01:12 GMT
last-modified: Wed, 13 Mar 2024 09:02:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 118237
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v38HZmWI3e0gdr1uIre%2Fc%2FLV6sjZUeSzlwEntH51VcoOXV4nyWGaeU2wfwruLHxGlMpx9SmO%2BPk9DrjOu8CiIPX%2Bi9ZRb6%2FI5JhBw4zFClwyYlNLytEj8YLge1dBrNHuMhSV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bad7ffca5956c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

accidentallyrussian.com/cc43d9e6e02d1d5141beb272805e2db1/invoke.js

172.240.108.76

200 OK

31 kB

URL GET HTTP/1.1
accidentallyrussian.com/cc43d9e6e02d1d5141beb272805e2db1/invoke.js
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectaccidentallyrussian.com
Fingerprint3E:C7:58:F1:C6:88:A7:93:4D:44:9B:CF:A9:90:F1:C7:E1:A3:1C:12
ValidityTue, 20 Feb 2024 06:04:20 GMT - Mon, 20 May 2024 06:04:19 GMT

File type
JavaScript source, ASCII text, with very long lines (31275), with no line terminators
Size
31 kB (31275 bytes)
Hash
32dc964f69ada574b44404c2895c5615
ce95ae0072faac8b8b092e8970237cd7ad1386d5
ac6b7c3d7de6a7df176391a27c6eb48c93de89517fc79b572e6f45973155b1fc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cc43d9e6e02d1d5141beb272805e2db1/invoke.js HTTP/1.1
Host: accidentallyrussian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 28 Mar 2024 21:51:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 823f5a4ba37138699f27c66c3e08309e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.macfiles.org/wp-content/cache/autoptimize/css/autoptimize_ea41aa15be79aeb4f11d6294c6075823.css

104.21.73.82

200 OK

181 kB

URL GET HTTP/3
www.macfiles.org/wp-content/cache/autoptimize/css/autoptimize_ea41aa15be79aeb4f11d6294c6075823.css
IP
104.21.73.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectmacfiles.org
Fingerprint05:B6:91:19:E8:3B:D4:01:2C:69:02:50:FC:D3:89:ED:19:1B:D3:49
ValidityThu, 14 Mar 2024 13:45:41 GMT - Wed, 12 Jun 2024 13:45:40 GMT

File type

Size
181 kB (181020 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/cache/autoptimize/css/autoptimize_ea41aa15be79aeb4f11d6294c6075823.css HTTP/1.1
Host: www.macfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/category/adobe/adobe-illustrator/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 28 Mar 2024 21:51:49 GMT
content-type: text/css
cache-control: public, max-age=30672000, immutable
expires: Fri, 21 Feb 2025 09:28:59 GMT
last-modified: Sun, 03 Mar 2024 08:36:06 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2204570
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LPdj4m8v0149z%2F%2FkpAP9KnB8tpEgVPNrZXiwn%2FBnkx5c4eRIynCIVHm1gyqmWdHBuLw3TgYT10MhFR%2BqCr06sy%2ByEulD0DGxglAGDgD%2FAJjXiAH%2BWewLENMbd5Bus0iW%2BGtQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bad7ffba3e56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.barscreative1.com/sb/au/8e/ff/66/8eff6635b7ed4954a8b4e92629e58a35/1698745384.html

45.133.44.3

200 OK

1.5 kB

URL GET HTTP/2
cdn.barscreative1.com/sb/au/8e/ff/66/8eff6635b7ed4954a8b4e92629e58a35/1698745384.html
IP
45.133.44.3:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectcdn.barscreative1.com
FingerprintF6:54:F4:B9:EB:AD:1E:FA:8F:76:B9:75:20:9B:41:57:32:37:94:E3
ValiditySun, 10 Mar 2024 03:01:32 GMT - Sat, 08 Jun 2024 03:01:31 GMT

File type
HTML document, ASCII text, with very long lines (1591), with no line terminators
Size
1.5 kB (1495 bytes)
Hash
89e8147eac31b07a5d8a33234d6fff1d
be1dbeb24905d599d142040286e70df41aae890f
6a430d707fa5a7883e7de96699b2d845ce1564ffa27a33ae351fece1f2a8e12d

HTTP Headers

GET /sb/au/8e/ff/66/8eff6635b7ed4954a8b4e92629e58a35/1698745384.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.macfiles.org
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 21:52:06 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Tue, 31 Oct 2023 09:43:09 GMT
etag: W/"6540cc2d-5d7"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Thu, 28 Mar 2024 22:52:06 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700&display=swap

142.250.74.74

200 OK

12 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700&display=swap
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B
ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT

File type
ASCII text
Size
12 kB (11685 bytes)
Hash
699943ff7d76537f564620e8254074fa
6d31accf3b47879026de42fd5ea9b7a2f46908b6
59031fbe9c55f4bb1626065b56161ab7bdd3ae68912586f6f0e9735cc4badb64

HTTP Headers

GET /css2?family=Roboto:wght@100;300;400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 28 Mar 2024 21:52:07 GMT
date: Thu, 28 Mar 2024 21:52:07 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

216.58.207.227

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.macfiles.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:21:46 GMT
expires: Fri, 28 Mar 2025 17:21:46 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
age: 16203
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/interstitial/message_redcircle/1/js/script.js

172.64.160.4

200 OK

1.1 kB

URL GET HTTP/3
cdn.creative-bars1.com/sb/ssp/interstitial/message_redcircle/1/js/script.js
IP
172.64.160.4:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint10:69:48:04:3B:B6:11:3A:D4:D0:E1:5F:B2:F9:B4:75:BB:EE:39:22
ValidityFri, 16 Feb 2024 15:25:59 GMT - Thu, 16 May 2024 15:25:58 GMT

File type
ASCII text, with very long lines (1206), with no line terminators
Size
1.1 kB (1144 bytes)
Hash
2c0038bc0b2d7ceb4556b4afb29397f4
134baba1705d1a938adc3eec488931e623d85358
2721da98a99444e20ee6eefc2d9ce4edbbe5d1492495de726350d9f12f2e520a

HTTP Headers

GET /sb/ssp/interstitial/message_redcircle/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.macfiles.org
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 28 Mar 2024 21:52:07 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:19:45 GMT
etag: W/"65aa8501-478"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LdMUTRak%2BThIBvqpvOoxWbRslEQmKCACCldDx1arUmNS%2BQ9XkPt7vNKEjmZ0gDO6HWAmx8YJkerldlaCyCcDTYLgJHuvWMBcrNX22kpqXxrNNxp0qc55knq%2FL9Kgx8t1gs3lZ4ZGaHrc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad86d696848bb-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

ablecolony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Finterstitial%2Fmessage_redcircle%2F1%2Fjs%2Fscript.js&l=1144&fd=151

172.240.108.68

200 OK

0 B

URL GET HTTP/1.1
ablecolony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Finterstitial%2Fmessage_redcircle%2F1%2Fjs%2Fscript.js&l=1144&fd=151
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://www.macfiles.org/category/adobe/adobe-illustrator/
Certificate
IssuerLet's Encrypt
Subjectablecolony.com
Fingerprint72:52:48:30:ED:69:2D:E0:F6:1F:B2:28:46:E6:BF:09:21:CB:DD:D1
ValiditySun, 24 Mar 2024 10:22:04 GMT - Sat, 22 Jun 2024 10:22:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Finterstitial%2Fmessage_redcircle%2F1%2Fjs%2Fscript.js&l=1144&fd=151 HTTP/1.1
Host: ablecolony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Cookie: u_pl=22061292,18323798; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjA2MTI5MiwiayI6ImFiNDFkY2M4OWE4ZjAyZTNlZjBiZTJlMWIwNzk1NjVhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNDU0NDc3LCJwaWQiOjEwNDQ3NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJua2h0dzZyMHJ5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm1hY2ZpbGVzLm9yZy9jYXRlZ29yeS9hZG9iZS9hZG9iZS1pbGx1c3RyYXRvci8iLCJhciI6W119fQ.e7Cd-nnxH36SHOPXJUQ78WHTvrmsjTwO_y15aBrlgnA; uid_id2=d5ca92e8-8af8-497f-8572-180e2ed1eb97:2:1; iprc7310a3a6dff09f164680b853821fda9f=4471850; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; iprc2cac1dff8eb622378a9bb2c67be32d44=3569806; pdhtkv5=true; uncs5=1; pdhtkv29=true; uncs29=1; sleca904d25cbc0e65d37e5cf79e2d057c1d=[5042730,5042729]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 28 Mar 2024 21:52:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (27)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL