Report - ducksisland.xyz/6dleck?click_id=ABvEuGbETwUAhWQCAFVTFwAMAAAAAADP&o=235&source=86782&t=download

Report Overview

Visited public
2024-08-11 14:01:38
Tags
URL
ducksisland.xyz/6dleck?click_id=ABvEuGbETwUAhWQCAFVTFwAMAAAAAADP&o=235&source=86782&t=download_o5&title=SSG.rar
Finishing URL
yesdownloadit.com/1abf058d1c965c0a2112edcde0134b1ffde293b68f44aaee39832b8ae4c85a82d39ec49e2fa4ab82f6a66997977adac16457ebdf00341de3
IP / ASN
172.67.215.169
#13335 CLOUDFLARENET
Title
SevenZip - Unpack SSG.rar

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Sent	Received	IP
o.pki.goog	unknown	975 B	2.1 kB	142.250.74.131
google.com	1	433 B	701 B	142.250.74.142
yourjsdelivery.com	unknown	404 B	14 kB	172.67.68.197
maxcdn.bootstrapcdn.com	724	483 B	35 kB	104.18.11.207
speedtest.net	4896	399 B	362 B	151.101.194.219
code.jquery.com	634	411 B	31 kB	151.101.194.137
yesdownloadit.com	unknown	2.2 kB	15 kB	104.21.56.247
	unknown	450 B	7.7 kB	104.17.24.14
www.google.com	7	438 B	2.2 kB	142.250.74.132
stats.webanalyticscounter.com	unknown	1.4 kB	1.1 MB	104.21.83.248
ducksisland.xyz	unknown	567 B	9.1 kB	172.67.215.169
r10.o.lencr.org	unknown	1.6 kB	4.4 kB	23.36.77.32
nostop.go2cloud.org	369893	646 B	555 B	18.202.12.61
www.speedtest.net	12523	403 B	6.9 kB	104.17.147.22

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-08-11 14:01:31	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2024-08-11 14:01:31	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2024-08-11 14:01:31	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2024-08-11 14:01:31	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2024-08-11 14:01:31	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2024-08-11 14:01:31	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2024-08-11 14:01:31	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2024-08-11 14:01:31	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2024-08-11 14:01:31	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2024-08-11 14:01:31	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (10)

	URL	From	Size	First Seen	Last Seen
	unknown	Function	47 B	2023-04-14	2025-05-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-05-20 01:07 Times Seen4465 Hash a01893d8e129ad16c1e0fc5c7537f411 0e46d1bf2718f848d9d596fa269eaedb31204772 cbe7b89533bcd75b69f3e54807308551d68242ec1761e63bee1a99fc6e560175 Loading...

	code.jquery.com/jquery-3.1.0.min.js	ScriptElement	86 kB	2023-03-07	2025-05-19
Pretty URL code.jquery.com/jquery-3.1.0.min.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-19 15:23 Times Seen4566 Hash 05e51b1db558320f1939f9789ccf5c8f c72c1735b4d903d90dd51225ebefb8c74ebbc51f 702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb Loading...

	unknown	Function	39 B	2023-04-14	2025-05-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-05-20 01:07 Times Seen4472 Hash bc51ed8c76553717f10d58b2df60fd76 e2d03a8fd8d280074b226c288880f9df299c7cb1 bee994eaf88453f6343ba57571a069054c12c9b4e42f8cbad4f2ad75c7fb264c Loading...

	unknown	Function	44 B	2023-04-14	2025-05-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-05-20 01:07 Times Seen4471 Hash 00beb9884d0391b342eadd30744b539a 3124c0bd593822379d22f13d3e08e70a1bf5ea14 92394eec5690449a4f6cfc9a7f97497a69e926b2365cb9a9aad3507a844f835c Loading...

	cdnjs.cloudflare.com:8443/ajax/libs/underscore.js/1.12.0/underscore-min.js	ScriptElement	19 kB	2023-11-10	2025-05-20
Pretty URL cdnjs.cloudflare.com:8443/ajax/libs/underscore.js/1.12.0/underscore-min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-10 16:02 Last Seen2025-05-20 01:07 Times Seen1171 Hash 5e69b8b4c93891157f2dac3721873c59 ac0bc40622bb3babcb228f3662b67ed8ae1012a3 1bc0ea4e2fe66ac337fb1863bbdb4c8f044ee4e84dbe0f0f1b3959bebfa539c1 Loading...

	unknown	Function	34 B	2023-04-14	2025-05-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-05-20 01:07 Times Seen4479 Hash 7bcdb973ab8af8e24ab11cb554a1ba6e 24e8a10f240f2b06f81d7c173cd0a90606641fc1 916ec4eb9b485eb47f43a17fe212e84e4b72600b45eb6d4588599ad495a57fcd Loading...

	unknown	Function	47 B	2023-04-14	2025-05-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-05-20 01:07 Times Seen4468 Hash 580b3e56fc9ab6e8b4655f43ee057cc1 5dfce565e446f4a167195de9a1a5dd26163c711c 446f07b6e56de61d2c2d5b6ba408cc580b492a6d1ede8fc51cfde4ef75a2b382 Loading...

	yourjsdelivery.com/dl.min.js	ScriptElement	18 kB	2024-06-18	2025-05-20
Pretty URL yourjsdelivery.com/dl.min.js IP 172.67.68.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-18 15:26 Last Seen2025-05-20 01:07 Times Seen1163 Hash 92a61d7deeeba56e60419c586eaadcb8 e94dfbcd81b5b5f066ebe7dfd66d50f6f0370936 e8c2f349ba55b5535973c1ec9a9ca11055628a11de616f587630830874e0cb40 Loading...

	yesdownloadit.com/1abf058d1c965c0a2112edcde0134b1ffde293b68f44aaee39832b8ae4c85a82d39ec49e2fa4ab82f6a66997977adac16457ebdf00341de3	ScriptElement	0 B	0001-01-01	2025-05-20
Pretty URL yesdownloadit.com/1abf058d1c965c0a2112edcde0134b1ffde293b68f44aaee39832b8ae4c85a82d39ec49e2fa4ab82f6a66997977adac16457ebdf00341de3 IP 104.21.56.247 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-20 03:35 Times Seen4732821 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	stats.webanalyticscounter.com/stats.js	ScriptElement	1.1 MB	2024-06-21	2025-05-20
Pretty URL stats.webanalyticscounter.com/stats.js IP 104.21.83.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-21 23:25 Last Seen2025-05-20 01:07 Times Seen1141 Hash d394fb9ed2790e60e4e49f04ba6ee58b fd24219b09c5883d9a5648e8495d7c200fe34850 98335defb854fc032623041d5f988eefd7e8e05714116f8395ddb1bcdf6597b0 Loading...

HTTP Transactions (25)

	URL	IP	Response	Size
	r10.o.lencr.org/	23.36.77.32		504 B
URL r10.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash b96a2e2a61618b383a9e34b94d845664 508437da0c55e16345ac599730326b8c45d712f6 703b542bdfee7a15f605417981dbb01fb43bd2814fa9989ecc707f3df06e7ec5 HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "703B542BDFEE7A15F605417981DBB01FB43BD2814FA9989ECC707F3DF06E7EC5" Last-Modified: Sun, 11 Aug 2024 06:28:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11115 Expires: Sun, 11 Aug 2024 17:06:27 GMT Date: Sun, 11 Aug 2024 14:01:12 GMT Connection: keep-alive`

	r10.o.lencr.org/	23.36.77.32		504 B
URL r10.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 14927ac0fa718432ac5839f70891b90c fa1224f50929eaf13800f1cefb874e57ebdd9c12 83614f2bb6b89c6f08c23a06ca037a68eb6557d42829cd1504eae2ddca77739a HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "83614F2BB6B89C6F08C23A06CA037A68EB6557D42829CD1504EAE2DDCA77739A" Last-Modified: Sun, 11 Aug 2024 06:27:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10468 Expires: Sun, 11 Aug 2024 16:55:40 GMT Date: Sun, 11 Aug 2024 14:01:12 GMT Connection: keep-alive`

	r10.o.lencr.org/	23.36.77.32		504 B
URL r10.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 84e0e906aa0fcfa00ac2d2f5c375aa77 c851ff2470d706678f0b6bc7db9cd6aba94a8e62 f7d885f0c7a03e52eac7b61b9e15651b78127d69bc77a6012a7f753c7f47b477 HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "F7D885F0C7A03E52EAC7B61B9E15651B78127D69BC77A6012A7F753C7F47B477" Last-Modified: Sun, 11 Aug 2024 06:26:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6401 Expires: Sun, 11 Aug 2024 15:47:53 GMT Date: Sun, 11 Aug 2024 14:01:12 GMT Connection: keep-alive`

	r10.o.lencr.org/	23.36.77.32		504 B
URL r10.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 24d5ac4a84272d86de181a7791544f41 fa835ee14a3cfcbed175acb393bdb09cd71031a4 8a07c5b6e3ed866da9b88f4fe543f285cf7fde46e2cdae44109fe5e998884240 HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "8A07C5B6E3ED866DA9B88F4FE543F285CF7FDE46E2CDAE44109FE5E998884240" Last-Modified: Sun, 11 Aug 2024 06:27:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13547 Expires: Sun, 11 Aug 2024 17:46:59 GMT Date: Sun, 11 Aug 2024 14:01:12 GMT Connection: keep-alive`

	code.jquery.com/jquery-3.1.0.min.js	151.101.194.137	200 OK	30 kB
URL GET HTTP/2 code.jquery.com/jquery-3.1.0.min.js IP 151.101.194.137:443 ASN #54113 FASTLY Requested by https://yesdownloadit.com/1abf058d1c965c0a2112edcde0134b1ffde293b68f44aaee39832b8ae4c85a82d39ec49e2fa4ab82f6a66997977adac16457ebdf00341de3 Certificate IssuerSectigo Limited Subject.jquery.com FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5 ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (32014) Size 30 kB (30019 bytes) Hash 05e51b1db558320f1939f9789ccf5c8f c72c1735b4d903d90dd51225ebefb8c74ebbc51f 702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb HTTP Headers `GET /jquery-3.1.0.min.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://yesdownloadit.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx content-type: application/javascript; charset=utf-8 last-modified: Fri, 18 Oct 1991 12:00:00 GMT etag: W/"28feccc0-1514f" cache-control: public, max-age=31536000, stale-while-revalidate=604800 access-control-allow-origin: * content-encoding: gzip via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Sun, 11 Aug 2024 14:01:13 GMT age: 4074146 x-served-by: cache-lga21948-LGA, cache-hel1410025-HEL x-cache: HIT, HIT x-cache-hits: 99, 16924 x-timer: S1723384874.759914,VS0,VE0 vary: Accept-Encoding content-length: 30019 X-Firefox-Spdy: h2

	nostop.go2cloud.org/aff_i?offer_id=235&aff_id=2719&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&source=2719-86782&adv_sub=https%3A%2F%2Fwww.7-zip.org%2Fa%2F7z2401.msi&adv_sub5=Firefox&adv_sub4=&adv_sub3=ducksisland.xyz&adv_sub2=yesdownloadit.com	18.202.12.61		57 B
URL GET nostop.go2cloud.org/aff_i?offer_id=235&aff_id=2719&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&source=2719-86782&adv_sub=https%3A%2F%2Fwww.7-zip.org%2Fa%2F7z2401.msi&adv_sub5=Firefox&adv_sub4=&adv_sub3=ducksisland.xyz&adv_sub2=yesdownloadit.com IP 18.202.12.61:0 ASN #16509 AMAZON-02 Requested by https://yesdownloadit.com/1abf058d1c965c0a2112edcde0134b1ffde293b68f44aaee39832b8ae4c85a82d39ec49e2fa4ab82f6a66997977adac16457ebdf00341de3 Certificate IssuerAmazon Subject.go2cloud.org FingerprintB0:71:4C:B1:87:BF:BF:D7:99:47:B0:47:9D:6E:E4:FB:3F:E4:D6:26 ValidityMon, 22 Jan 2024 00:00:00 GMT - Wed, 19 Feb 2025 23:59:59 GMT File type GIF image data, version 89a, 1 x 1 Size 57 B (57 bytes) Hash 77d96eebccea5801290ad68b3ccb4199 eaf3924bfd87bbf1f1137c395de8687f20c4f3a6 ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c HTTP Headers GET /aff_i?offer_id=235&aff_id=2719&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&source=2719-86782&adv_sub=https%3A%2F%2Fwww.7-zip.org%2Fa%2F7z2401.msi&adv_sub5=Firefox&adv_sub4=&adv_sub3=ducksisland.xyz&adv_sub2=yesdownloadit.com HTTP/1.1 Host: nostop.go2cloud.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://yesdownloadit.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx Date: Sun, 11 Aug 2024 14:01:14 GMT Content-Type: image/gif Transfer-Encoding: chunked Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Sat, 26 Jul 1997 05:00:00 GMT Pragma: no-cache Tracking_id: 10266c849ee84b6986bf8fd99d929f Access-Control-Allow-Origin: * X-Request-Id: bb05e00d32a5dcfbe38ca071d5967f68 Access-Control-Allow-Headers: Tune-SDK-Version Accept-CH: Sec-CH-UA-Model, Sec-CH-DPR, DPR Content-Encoding: gzip`

	r10.o.lencr.org/	23.36.76.226		504 B
URL r10.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash b3cb4fa78d48efd3475d6c2225a3a440 d25b7736221fe0073288e3ec4950389761ae2a06 799a896dc6357139a345e649d5cc7560ec07901f5a272e102018cb4dc18aebd7 HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "799A896DC6357139A345E649D5CC7560EC07901F5A272E102018CB4DC18AEBD7" Last-Modified: Sun, 11 Aug 2024 06:27:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7729 Expires: Sun, 11 Aug 2024 16:10:03 GMT Date: Sun, 11 Aug 2024 14:01:14 GMT Connection: keep-alive`

	yourjsdelivery.com/dl.min.js	172.67.68.197		14 kB
URL GET yourjsdelivery.com/dl.min.js IP 172.67.68.197:0 ASN #13335 CLOUDFLARENET Requested by https://yesdownloadit.com/1abf058d1c965c0a2112edcde0134b1ffde293b68f44aaee39832b8ae4c85a82d39ec49e2fa4ab82f6a66997977adac16457ebdf00341de3 Certificate IssuerGoogle Trust Services Subjectyourjsdelivery.com Fingerprint53:69:45:25:62:AB:14:5A:B1:16:62:7F:BF:69:EE:47:B2:32:C9:9B ValidityWed, 17 Jul 2024 07:42:59 GMT - Tue, 15 Oct 2024 07:42:58 GMT File type JavaScript source, ASCII text, with very long lines (18369) Size 14 kB (13845 bytes) Hash 92a61d7deeeba56e60419c586eaadcb8 e94dfbcd81b5b5f066ebe7dfd66d50f6f0370936 e8c2f349ba55b5535973c1ec9a9ca11055628a11de616f587630830874e0cb40 HTTP Headers `GET /dl.min.js HTTP/1.1 Host: yourjsdelivery.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://yesdownloadit.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sun, 11 Aug 2024 14:01:13 GMT content-type: text/html; charset=UTF-8 cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r9jhl%2FU1tRC%2FSwe5k8jDWCPP%2Bh1Btig9Ou39lnR5sD2dBmNHJ4LAwfxw9L31j9vwstHeinoTzoCLuDCdtlXx6LckvHuzaytDgDMcKXbGhc%2FVZHsZGRSizzCqA09hTj4Htvms7w%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8b18c1a4db8ab4fa-OSL content-encoding: br X-Firefox-Spdy: h2

	yesdownloadit.com/images/firefox/bundlehelp.css	104.21.56.247	200 OK	2.7 kB
URL GET HTTP/3 yesdownloadit.com/images/firefox/bundlehelp.css IP 104.21.56.247:443 ASN #13335 CLOUDFLARENET Requested by https://yesdownloadit.com/1abf058d1c965c0a2112edcde0134b1ffde293b68f44aaee39832b8ae4c85a82d39ec49e2fa4ab82f6a66997977adac16457ebdf00341de3 Certificate IssuerGoogle Trust Services Subjectyesdownloadit.com Fingerprint1D:92:F6:36:5D:2A:6C:22:25:35:6D:D0:F9:ED:0D:9E:FD:C9:4D:58 ValiditySat, 27 Jul 2024 14:47:23 GMT - Fri, 25 Oct 2024 14:47:22 GMT File type ASCII text, with CRLF line terminators Size 2.7 kB (2740 bytes) Hash 41fe9c5474ae1f51b2941f45b0e1e5b3 bd44fd7e9991cda5318cf56036d9a8644a5ccd60 b15b6fd698377d50ec470fedae69c52813e2d210ad87212c2cef4c950599b028 HTTP Headers GET /images/firefox/bundlehelp.css HTTP/1.1 Host: yesdownloadit.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://yesdownloadit.com/1abf058d1c965c0a2112edcde0134b1ffde293b68f44aaee39832b8ae4c85a82d39ec49e2fa4ab82f6a66997977adac16457ebdf00341de3 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Sun, 11 Aug 2024 14:01:13 GMT content-type: text/css last-modified: Wed, 07 Oct 2020 11:38:48 GMT etag: W/"5f7da8c8-876" cache-control: max-age=14400 cf-cache-status: HIT age: 4936 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JXpxL%2Fs76%2B1fY1pYQFWOjLwHkTsOUVnmxnpdFuXhg20%2BVvBjh1DK4f0Fv1vJWumZRN3%2FsvJ7rmTPSh1b5YEYXUqKOhRDofZJbtnXRNQamHnBo24mKEcm1zJuYzdSnvWEGjljSA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 8b18c1a47ac6b517-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css	104.18.11.207	200 OK	34 kB
URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css IP 104.18.11.207:443 ASN #13335 CLOUDFLARENET Requested by https://yesdownloadit.com/1abf058d1c965c0a2112edcde0134b1ffde293b68f44aaee39832b8ae4c85a82d39ec49e2fa4ab82f6a66997977adac16457ebdf00341de3 Certificate IssuerGoogle Trust Services Subjectbootstrapcdn.com FingerprintBE:14:2A:D4:32:CD:FF:FE:ED:79:48:4F:5C:7B:C4:52:09:C8:58:96 ValidityTue, 23 Jul 2024 01:50:30 GMT - Mon, 21 Oct 2024 01:50:29 GMT File type ASCII text, with very long lines (65325) Size 34 kB (34086 bytes) Hash 450fc463b8b1a349df717056fbb3e078 895125a4522a3b10ee7ada06ee6503587cbf95c5 2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d HTTP Headers `GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1 Host: maxcdn.bootstrapcdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://yesdownloadit.com DNT: 1 Connection: keep-alive Referer: https://yesdownloadit.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sun, 11 Aug 2024 14:01:13 GMT content-type: text/css; charset=utf-8 cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE vary: Accept-Encoding access-control-allow-origin: * cache-control: public, max-age=31919000 content-encoding: br etag: W/"450fc463b8b1a349df717056fbb3e078" last-modified: Mon, 25 Jan 2021 22:04:04 GMT cdn-cachedat: 03/18/2024 12:51:41 cdn-proxyver: 1.04 cdn-requestpullcode: 200 cdn-requestpullsuccess: True cdn-edgestorageid: 1048 timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-status: 200 cdn-requestid: 3542d95bd664ab393af267390691fe69 cdn-cache: HIT cf-cache-status: HIT age: 2798467 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 8b18c1a4892db52d-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	cdnjs.cloudflare.com:8443/ajax/libs/underscore.js/1.12.0/underscore-min.js	104.17.24.14	200 OK	6.7 kB
URL GET HTTP/2 cdnjs.cloudflare.com:8443/ajax/libs/underscore.js/1.12.0/underscore-min.js IP 104.17.24.14:8443 ASN #13335 CLOUDFLARENET Requested by https://yesdownloadit.com/1abf058d1c965c0a2112edcde0134b1ffde293b68f44aaee39832b8ae4c85a82d39ec49e2fa4ab82f6a66997977adac16457ebdf00341de3 Certificate IssuerGoogle Trust Services Subjectcdnjs.cloudflare.com Fingerprint00:EC:C6:E9:D9:C1:6D:05:88:6E:33:AF:3B:E7:7B:86:81:20:66:CA ValidityWed, 31 Jul 2024 04:16:10 GMT - Tue, 29 Oct 2024 04:16:09 GMT File type JavaScript source, ASCII text, with very long lines (18888) Size 6.7 kB (6749 bytes) Hash 5e69b8b4c93891157f2dac3721873c59 ac0bc40622bb3babcb228f3662b67ed8ae1012a3 1bc0ea4e2fe66ac337fb1863bbdb4c8f044ee4e84dbe0f0f1b3959bebfa539c1 HTTP Headers `GET /ajax/libs/underscore.js/1.12.0/underscore-min.js HTTP/1.1 Host: cdnjs.cloudflare.com:8443 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://yesdownloadit.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sun, 11 Aug 2024 14:01:15 GMT content-type: application/javascript; charset=utf-8 content-length: 6749 access-control-allow-origin: * cache-control: no-transform, public, max-age=30672000 content-encoding: br etag: "5fe06887-4b9e" last-modified: Mon, 21 Dec 2020 09:19:03 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yD2Z95pCOIRudgg4oRytqzIvE6wZ34NbGQ6P%2BRYS7Kwe7PwtvAWMm7drALTeER904wn6Fd%2F4pbrxlmf4Fow6E35VAYsKcz2pr5szMgvxPGIFRnKaJBjybPvlBSnw7lc4Uwd9Tg7nsOA77Fs%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 8b18c1b0b86bb4f9-OSL alt-svc: h3=":8443"; ma=86400 X-Firefox-Spdy: h2

	speedtest.net/favicon.ico?1723384875570	151.101.194.219		0 B
URL GET speedtest.net/favicon.ico?1723384875570 IP 151.101.194.219:0 ASN #54113 FASTLY Requested by https://yesdownloadit.com/1abf058d1c965c0a2112edcde0134b1ffde293b68f44aaee39832b8ae4c85a82d39ec49e2fa4ab82f6a66997977adac16457ebdf00341de3 Certificate IssuerGlobalSign nv-sa Subject.speedtest.net Fingerprint24:0B:36:28:3E:31:34:DA:77:CE:C2:B5:D6:36:88:D5:9D:41:DF:1B ValidityWed, 24 Jan 2024 15:29:31 GMT - Mon, 24 Feb 2025 15:29:30 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /favicon.ico?1723384875570 HTTP/1.1 Host: speedtest.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 301 Moved Permanently server: Varnish retry-after: 0 content-type: accept-ranges: bytes date: Sun, 11 Aug 2024 14:01:15 GMT via: 1.1 varnish x-served-by: cache-hel1410022-HEL x-cache: MISS x-cache-hits: 0 x-timer: S1723384876.934605,VS0,VE0 location: https://www.speedtest.net/favicon.ico?1723384875570 content-length: 0 X-Firefox-Spdy: h2`

	o.pki.goog/wr2	142.250.74.131		471 B
URL o.pki.goog/wr2 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash dfe009d34ca9462fda70ac630a09b9e3 cde02b3a6b7b40c97c5f04162270d990b0b7c533 d3234ffa0c1ff2d08feff3928375d30879bb29187fcc92852e50e21488c7fee3 HTTP Headers `POST /wr2 HTTP/1.1 Host: o.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 11 Aug 2024 14:01:16 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	google.com/favicon.ico?1723384875572	142.250.74.142		246 B
URL GET google.com/favicon.ico?1723384875572 IP 142.250.74.142:0 ASN #15169 GOOGLE Requested by https://yesdownloadit.com/1abf058d1c965c0a2112edcde0134b1ffde293b68f44aaee39832b8ae4c85a82d39ec49e2fa4ab82f6a66997977adac16457ebdf00341de3 Certificate IssuerGoogle Trust Services Subject.google.com FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69 ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT File type HTML document, ASCII text, with CRLF, LF line terminators Size 246 B (246 bytes) Hash 30adb4fbda1abd72145fc4dd8dfb7f65 a162c08553c59661007977563fb92ecd77e9f533 cfc353454c3a9b5e0199176955909cb2ce9b9950340d8e7796f27f9849d73c65 HTTP Headers `GET /favicon.ico?1723384875572 HTTP/1.1 Host: google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://yesdownloadit.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 301 Moved Permanently location: https://www.google.com/favicon.ico?1723384875572= cross-origin-resource-policy: cross-origin content-type: text/html; charset=UTF-8 x-content-type-options: nosniff date: Sun, 11 Aug 2024 14:01:16 GMT expires: Sun, 11 Aug 2024 14:31:16 GMT cache-control: public, max-age=1800 server: sffe content-length: 246 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	o.pki.goog/wr2	142.250.74.131		471 B
URL o.pki.goog/wr2 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash dfe009d34ca9462fda70ac630a09b9e3 cde02b3a6b7b40c97c5f04162270d990b0b7c533 d3234ffa0c1ff2d08feff3928375d30879bb29187fcc92852e50e21488c7fee3 HTTP Headers `POST /wr2 HTTP/1.1 Host: o.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 11 Aug 2024 14:01:16 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.speedtest.net/favicon.ico?1723384875570	104.17.147.22		6.1 kB
URL GET www.speedtest.net/favicon.ico?1723384875570 IP 104.17.147.22:0 ASN #13335 CLOUDFLARENET Requested by https://yesdownloadit.com/1abf058d1c965c0a2112edcde0134b1ffde293b68f44aaee39832b8ae4c85a82d39ec49e2fa4ab82f6a66997977adac16457ebdf00341de3 Certificate IssuerGoogle Trust Services Subjectwww.speedtest.net Fingerprint1D:17:F7:4A:24:3C:D9:50:FC:86:0E:D1:30:8F:70:4E:66:E5:28:8E ValiditySat, 03 Aug 2024 23:22:37 GMT - Fri, 01 Nov 2024 23:22:36 GMT File type MS Windows icon resource - 6 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel Size 6.1 kB (6109 bytes) Hash 4c2b709ede318666dcdb5e94f3597227 e5c414ab6d913b9e93a1e852f5e1f47c41fbd912 caca9270c3bccfaa6645272295c7c53725a58b506f34d64645d94b30be6968f5 HTTP Headers `GET /favicon.ico?1723384875570 HTTP/1.1 Host: www.speedtest.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sun, 11 Aug 2024 14:01:24 GMT content-type: image/x-icon content-length: 6109 x-frame-options: DENY content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests access-control-allow-credentials: true cache-control: public, max-age=86400 last-modified: Thu, 01 Aug 2024 17:55:10 GMT etag: W/"18e64-1910f14d830" content-encoding: gzip vary: Origin, Accept-Encoding cf-cache-status: MISS accept-ranges: bytes set-cookie: __cf_bm=i5jy977lZUoGQUYQVQKaX7A68OccXRXSDlXnL2Y._Rs-1723384884-1.0.1.1-oxI7jqxL3I_ilchqJ2D63oE14n9O_uwOSdOjS6PYOYWMx5WtpZIIJP0Grn8Dlz21KD9aegdrRol8LNIuaTeqNQ; path=/; expires=Sun, 11-Aug-24 14:31:24 GMT; domain=.www.speedtest.net; HttpOnly; Secure; SameSite=None server: cloudflare cf-ray: 8b18c1e65adcb4f1-OSL X-Firefox-Spdy: h2

	o.pki.goog/wr2	142.250.74.131		471 B
URL o.pki.goog/wr2 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 0e5be86fc3b07962f4c186e0b5e7d341 048f70c557164c9cfd184ecf031ea90e616c9594 820c19cb71a815f23c1d9ceefa7cdb7b6c8ddc639c47c746b4e2a37dc615bb1f HTTP Headers `POST /wr2 HTTP/1.1 Host: o.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 11 Aug 2024 14:01:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google.com/favicon.ico?1723384875572=	142.250.74.132		1.5 kB
URL GET www.google.com/favicon.ico?1723384875572= IP 142.250.74.132:0 ASN #15169 GOOGLE Requested by https://yesdownloadit.com/1abf058d1c965c0a2112edcde0134b1ffde293b68f44aaee39832b8ae4c85a82d39ec49e2fa4ab82f6a66997977adac16457ebdf00341de3 Certificate IssuerGoogle Trust Services Subjectwww.google.com Fingerprint78:90:10:00:62:E9:32:D2:E2:99:72:73:B5:44:27:CB:98:2E:AD:29 ValidityTue, 30 Jul 2024 12:50:13 GMT - Tue, 22 Oct 2024 12:50:12 GMT File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Size 1.5 kB (1494 bytes) Hash f3418a443e7d841097c714d69ec4bcb8 49263695f6b0cdd72f45cf1b775e660fdc36c606 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770 HTTP Headers `GET /favicon.ico?1723384875572= HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://yesdownloadit.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip content-type: image/x-icon cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable" report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-length: 1494 date: Sun, 11 Aug 2024 14:01:24 GMT expires: Mon, 19 Aug 2024 14:01:24 GMT cache-control: public, max-age=691200 last-modified: Tue, 22 Oct 2019 18:30:00 GMT x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	stats.webanalyticscounter.com/stats.php	104.21.83.248	200 OK	9.0 kB
URL POST HTTP/3 stats.webanalyticscounter.com/stats.php IP 104.21.83.248:443 ASN #13335 CLOUDFLARENET Requested by https://yesdownloadit.com/1abf058d1c965c0a2112edcde0134b1ffde293b68f44aaee39832b8ae4c85a82d39ec49e2fa4ab82f6a66997977adac16457ebdf00341de3 Certificate IssuerGoogle Trust Services Subjectwebanalyticscounter.com FingerprintF2:D7:6B:5D:68:7B:77:37:99:22:40:86:9E:D8:46:58:02:1A:70:AC ValidityMon, 22 Jul 2024 21:00:33 GMT - Sun, 20 Oct 2024 21:00:32 GMT File type data Size 9.0 kB (9041 bytes) Hash fcb9df358aa280be49ecbe58a48606af 45d53936e75eebcb7490e4168db4045ba0a0fa35 8ab4ab8bd4708b97ebceb1033e3f9353a48da99dda3d96a1a83e7b9041414ae0 HTTP Headers POST /stats.php HTTP/1.1 Host: stats.webanalyticscounter.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 1381 Origin: https://yesdownloadit.com DNT: 1 Connection: keep-alive Referer: https://yesdownloadit.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Sun, 11 Aug 2024 14:01:24 GMT content-type: text/html; charset=UTF-8 x-powered-by: PHP/7.4.24 access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gk8x8nEU%2Fa33weSrCTFpRUrsnI09Jgxm7BJLQFGrc4SEHvPUk5BM6ypM0Es%2BAl7P1%2F0u46LYFIhPAYFAAdYf1vIb%2BhgtWB81vFYb%2FJXSRjlH6d853Wj0%2BAW1Ne4cPJTwethzfE4jE0WaiOLELa5I3w%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8b18c1e5fc865696-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	ducksisland.xyz/6dleck?click_id=ABvEuGbETwUAhWQCAFVTFwAMAAAAAADP&o=235&source=86782&t=download_o5&title=SSG.rar	172.67.215.169	302 Found	8.3 kB
URL User Request GET HTTP/2 ducksisland.xyz/6dleck?click_id=ABvEuGbETwUAhWQCAFVTFwAMAAAAAADP&o=235&source=86782&t=download_o5&title=SSG.rar IP 172.67.215.169:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services Subjectducksisland.xyz Fingerprint88:86:7D:8C:2A:A4:64:7A:02:2D:2E:8A:08:9C:25:5A:13:15:28:E6 ValidityWed, 07 Aug 2024 08:20:49 GMT - Tue, 05 Nov 2024 08:20:48 GMT File type Size 8.3 kB (8301 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /6dleck?click_id=ABvEuGbETwUAhWQCAFVTFwAMAAAAAADP&o=235&source=86782&t=download_o5&title=SSG.rar HTTP/1.1 Host: ducksisland.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found date: Sun, 11 Aug 2024 14:01:12 GMT content-type: text/html; charset=UTF-8 location: https://yesdownloadit.com/1abf058d1c965c0a2112edcde0134b1ffde293b68f44aaee39832b8ae4c85a82d39ec49e2fa4ab82f6a66997977adac16457ebdf00341de3 x-powered-by: PHP/7.1.27 cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=89Avdq0HqsqddYwatO3CH66AEZ%2BhHE5id6ElJsuPKfQxM7nC1BHnlXbz%2BGGgDPUCptcAvLGjej7%2F8trJ7ggtnBG1dcs%2BWYZtd2jvhBt8PJs0AAHUm6P%2FFQhMpBpiQ3D85QQ%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 8b18c19d6a3a7131-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	stats.webanalyticscounter.com/stats.js	104.21.83.248	200 OK	1.1 MB
URL GET HTTP/2 stats.webanalyticscounter.com/stats.js IP 104.21.83.248:443 ASN #13335 CLOUDFLARENET Requested by https://yesdownloadit.com/1abf058d1c965c0a2112edcde0134b1ffde293b68f44aaee39832b8ae4c85a82d39ec49e2fa4ab82f6a66997977adac16457ebdf00341de3 Certificate IssuerGoogle Trust Services Subjectwebanalyticscounter.com FingerprintF2:D7:6B:5D:68:7B:77:37:99:22:40:86:9E:D8:46:58:02:1A:70:AC ValidityMon, 22 Jul 2024 21:00:33 GMT - Sun, 20 Oct 2024 21:00:32 GMT File type Size 1.1 MB (1075224 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /stats.js HTTP/1.1 Host: stats.webanalyticscounter.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://yesdownloadit.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sun, 11 Aug 2024 14:01:14 GMT content-type: application/javascript last-modified: Fri, 21 Jun 2024 21:25:59 GMT etag: W/"106818-61b6d13ead2cd" cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LC0GuCttPA9q5EpjtbJOzlLIhZDBevN28fou4h30E2HXEVpXlIE6YBX%2F1A0yVoU1MUqefMihKsBJ2jc4aI49QY3gHnPqtwOdxg6ZnRIZxFjnXl6OVdI7hfcdjTnpZUCrgsk%2FhDADeBji2rpYjQ3kCg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8b18c1a7bccf0b31-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	yesdownloadit.com/favicon.ico	104.21.56.247	404 Not Found	169 B
URL GET HTTP/3 yesdownloadit.com/favicon.ico IP 104.21.56.247:443 ASN #13335 CLOUDFLARENET Requested by https://yesdownloadit.com/1abf058d1c965c0a2112edcde0134b1ffde293b68f44aaee39832b8ae4c85a82d39ec49e2fa4ab82f6a66997977adac16457ebdf00341de3 Certificate IssuerGoogle Trust Services Subjectyesdownloadit.com Fingerprint1D:92:F6:36:5D:2A:6C:22:25:35:6D:D0:F9:ED:0D:9E:FD:C9:4D:58 ValiditySat, 27 Jul 2024 14:47:23 GMT - Fri, 25 Oct 2024 14:47:22 GMT File type HTML document, ASCII text, with no line terminators Size 169 B (169 bytes) Hash 8934dd15647ffb50ecb3f71b99c88d07 36b86f9413015f0f1f09b21d3cafa9132c213270 51c4e25e3493184a4c355c0aaf39c6ef0d60e36e524f23319d006a90602ec335 HTTP Headers GET /favicon.ico HTTP/1.1 Host: yesdownloadit.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://yesdownloadit.com/1abf058d1c965c0a2112edcde0134b1ffde293b68f44aaee39832b8ae4c85a82d39ec49e2fa4ab82f6a66997977adac16457ebdf00341de3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 404 Not Found date: Sun, 11 Aug 2024 14:01:14 GMT content-type: text/html cache-control: max-age=14400 cf-cache-status: EXPIRED report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BofbZa%2FNMGzWbAP5%2FkGIm7SuoXTTDNwoJlHG%2BJ20L9SD6cX39%2F93edGPPDHlKokMyrXFZhR14gga8C5OErwfA%2FoSNGe7mfldRLWRPKCH3xIQQmaMIZqqkhvu6X6rRopcEJRbmw%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 8b18c1a81fd5b517-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	stats.webanalyticscounter.com/favicon.ico	104.21.83.248	200 OK	0 B
URL GET HTTP/3 stats.webanalyticscounter.com/favicon.ico IP 104.21.83.248:443 ASN #13335 CLOUDFLARENET Requested by https://yesdownloadit.com/1abf058d1c965c0a2112edcde0134b1ffde293b68f44aaee39832b8ae4c85a82d39ec49e2fa4ab82f6a66997977adac16457ebdf00341de3 Certificate IssuerGoogle Trust Services Subjectwebanalyticscounter.com FingerprintF2:D7:6B:5D:68:7B:77:37:99:22:40:86:9E:D8:46:58:02:1A:70:AC ValidityMon, 22 Jul 2024 21:00:33 GMT - Sun, 20 Oct 2024 21:00:32 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: stats.webanalyticscounter.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://yesdownloadit.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Sun, 11 Aug 2024 14:01:15 GMT content-type: text/html; charset=UTF-8 x-powered-by: PHP/7.4.24 cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T6apSxSrgAgeA%2Frb3v67rRMSKEg66haE9hb7XSFZufpP8ddIiVC4t19e1CAS3fsltyWdf4hkFenVJGH33DHOHE1KuLL%2FHwhBOt6jX5bTe9sjk%2F2IBxDIynfevzU7Sj7Td4p7XRNvntgVydQLa7APsA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8b18c1b0988a5696-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	yesdownloadit.com/1abf058d1c965c0a2112edcde0134b1ffde293b68f44aaee39832b8ae4c85a82d39ec49e2fa4ab82f6a66997977adac16457ebdf00341de3	104.21.56.247	200 OK	8.3 kB
URL User Request GET HTTP/2 yesdownloadit.com/1abf058d1c965c0a2112edcde0134b1ffde293b68f44aaee39832b8ae4c85a82d39ec49e2fa4ab82f6a66997977adac16457ebdf00341de3 IP 104.21.56.247:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services Subjectyesdownloadit.com Fingerprint1D:92:F6:36:5D:2A:6C:22:25:35:6D:D0:F9:ED:0D:9E:FD:C9:4D:58 ValiditySat, 27 Jul 2024 14:47:23 GMT - Fri, 25 Oct 2024 14:47:22 GMT File type HTML document, ASCII text, with very long lines (9038), with no line terminators Size 8.3 kB (8301 bytes) Hash 48675b25b1e0eeff3674049e535cb227 12f4740b093f0215cbd1d683030f21e0406a325b f2de8517ddd3435fda8a5e321ee9f9cc7f7acdd74ea57bf39dd14eb1257bd8e8 HTTP Headers GET /1abf058d1c965c0a2112edcde0134b1ffde293b68f44aaee39832b8ae4c85a82d39ec49e2fa4ab82f6a66997977adac16457ebdf00341de3 HTTP/1.1 Host: yesdownloadit.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Sun, 11 Aug 2024 14:01:13 GMT content-type: text/html; charset=UTF-8 x-powered-by: PHP/7.1.27 cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=35weBjuFnrmHOt5QIx%2BbCip%2B96ujT8M8gLnjsLauhgglT8YGcjALU3hfD%2FbDmiPxfI27LPzz6bywnKhFz9K6tL62J4YaCgyG4pxcXMocYZHdsxsN65mZBBdmGuq%2BhzCv46AMtA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8b18c19fbb3d56c1-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	yesdownloadit.com/images/generalbundle.css	104.21.56.247	200 OK	1.6 kB
URL GET HTTP/3 yesdownloadit.com/images/generalbundle.css IP 104.21.56.247:443 ASN #13335 CLOUDFLARENET Requested by https://yesdownloadit.com/1abf058d1c965c0a2112edcde0134b1ffde293b68f44aaee39832b8ae4c85a82d39ec49e2fa4ab82f6a66997977adac16457ebdf00341de3 Certificate IssuerGoogle Trust Services Subjectyesdownloadit.com Fingerprint1D:92:F6:36:5D:2A:6C:22:25:35:6D:D0:F9:ED:0D:9E:FD:C9:4D:58 ValiditySat, 27 Jul 2024 14:47:23 GMT - Fri, 25 Oct 2024 14:47:22 GMT File type ASCII text, with very long lines (1854), with no line terminators Size 1.6 kB (1643 bytes) Hash 9328bf7d83de02d26ae0422fff9dd09a 5b7458fc1993fa8afd052ee38fcc0f54de0e625d 9c045f08f0a96cf97d9523d2e87b1745053d31616b7a4819b0cebb5d911951ab HTTP Headers GET /images/generalbundle.css HTTP/1.1 Host: yesdownloadit.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://yesdownloadit.com/1abf058d1c965c0a2112edcde0134b1ffde293b68f44aaee39832b8ae4c85a82d39ec49e2fa4ab82f6a66997977adac16457ebdf00341de3 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 11 Aug 2024 14:01:13 GMT content-type: text/css last-modified: Mon, 10 Jan 2022 19:22:59 GMT etag: W/"61dc8793-66b" cache-control: max-age=14400 cf-cache-status: HIT age: 4936 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fY9teoJ0Pzkym4hTB3NcT3mHbAiefgWHM8Jo%2F5eq39faZJYepWZ%2BmuGiaqpgFw85DG2M%2BveIr0JWK%2BZ0S4Jmlndr7lQVPfg7TNvUP55RPybra4xJ%2BuoxKY0VIfYTCuXrBgCzkQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 8b18c1a46ac2b517-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (25)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type