Report - www.file-upload.net/download-13050359/KillaHackz.ahk.html

Report Overview

Visited public
2024-10-13 20:15:23
Tags
URL
www.file-upload.net/download-13050359/KillaHackz.ahk.html
Finishing URL
www.file-upload.net/download-13050359/KillaHackz.ahk.html
IP / ASN
104.26.4.82
#13335 CLOUDFLARENET
Title
(1) New Message!

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-10-13	878 B	852 B	3.66.59.129
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-10-13	1.5 kB	990 B	192.243.59.20
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2024-10-13	512 B	1.2 kB	35.244.181.201
r11.o.lencr.org	unknown	2020-06-29	2024-06-07	2024-10-13	2.0 kB	5.3 kB	23.36.77.32
www.file-upload.net	unknown	2005-01-01	2013-07-11	2024-04-17	12 kB	401 kB	172.67.69.252
firefox-settings-attachments.cdn.mozilla.net	11509	1998-01-31	2019-11-30	2024-10-13	400 B	842 kB	34.117.121.53
sophomorelink.com	unknown	2024-08-12	2024-10-13	2024-10-13	8.0 kB	14 kB	192.243.59.12
cdn.show-sb.com	unknown	2024-08-20	2024-10-13	2024-10-13	490 B	17 kB	172.67.170.115
r10.o.lencr.org	unknown	2020-06-29	2024-06-06	2024-10-13	3.3 kB	8.9 kB	23.36.76.226
christmascalled.com	unknown	2024-02-05	2024-02-06	2024-02-10	916 B	52 kB	172.240.127.234
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-10-13	676 B	1.9 kB	54.230.218.11
capaciousdrewreligion.com	unknown	2023-11-07	2023-11-27	2024-10-13	418 B	375 B	185.196.197.71
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-10-13	1.6 kB	49 kB	142.250.74.131
cdn.storageimagedisplay.com	unknown	2024-09-13	2024-10-13	2024-10-13	459 B	18 kB	45.133.44.2
cdn.creative-stat1.com	unknown	2024-08-20	2024-10-13	2024-10-13	2.0 kB	95 kB	172.67.133.15
o.pki.goog	unknown	2016-06-13	2024-04-24	2024-10-13	1.3 kB	2.8 kB	216.58.207.195
recordedthereby.com	unknown	2024-05-08	2024-05-14	2024-10-13	808 B	172 kB	185.196.197.71
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-10-13	4.4 kB	758 kB	142.250.74.99
www.google.com	7	1997-09-15	2015-05-10	2024-10-13	4.2 kB	301 kB	142.250.74.164

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Mnemonic Secure DNS

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-10-13	medium	unseenreport.com	Sinkholed
2024-10-13	medium	unseenreport.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (26)

	URL	From	Size	First Seen	Last Seen
	www.file-upload.net/download-13050359/KillaHackz.ahk.html	ScriptElement	310 B	2023-03-07	2025-03-16
Pretty URL www.file-upload.net/download-13050359/KillaHackz.ahk.html IP 172.67.69.252 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:39 Last Seen2025-03-16 18:17 Times Seen36 Hash 5dc88cf7e217c8a9f4a118e1c333bf12 b69700d1e111cc14e424d39b1d689427f1f13372 0ef03d8461de3d0133b28b168608ba25783396bbd3f91c3e856080f61538ed7c Loading...

	www.file-upload.net/download-13050359/KillaHackz.ahk.html	ScriptElement	57 B	2023-03-07	2025-06-14
Pretty URL www.file-upload.net/download-13050359/KillaHackz.ahk.html IP 172.67.69.252 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:06 Last Seen2025-06-14 14:38 Times Seen9999 Hash 2a2781f9bb6302c2f96df0d1e96ef524 796bb90146495848c0c479533c367edadb94f1a9 1b60af0ce49d65e8b1006457c16883d60e53a0054bb157c57c3b03a82ee9964d Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w&co=aHR0cHM6Ly93d3cuZmlsZS11cGxvYWQubmV0OjQ0Mw..&hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=honqu8mgwafn	ScriptElement	69 B	2023-03-07	2025-06-14
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w&co=aHR0cHM6Ly93d3cuZmlsZS11cGxvYWQubmV0OjQ0Mw..&hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=honqu8mgwafn IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-06-14 14:32 Times Seen120573 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	www.google.com/js/bg/RI3Pk2QfVraTqUQvmENYAwISRapPH8Lx3ZoW8uCkQH4.js	ScriptElement	19 kB	2024-09-18	2025-04-05
Pretty URL www.google.com/js/bg/RI3Pk2QfVraTqUQvmENYAwISRapPH8Lx3ZoW8uCkQH4.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-18 13:54 Last Seen2025-04-05 16:46 Times Seen763 Hash 8c81f651f7ef773443b3729ff378aa6b e55c3c8766ba6f875b905a5f5faead610476bd4b 448dcf93641f56b693a9442f98435803021245aa4f1fc2f1dd9a16f2e0a4407e Loading...

	www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__en.js	ScriptElement	559 kB	2024-10-08	2025-04-05
Pretty URL www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__en.js IP 142.250.74.99 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-08 05:12 Last Seen2025-04-05 16:46 Times Seen2115 Hash 99210e7c2195de81c0eedf98787a69b3 7b26c66058385b60109aa6129c2161a399a6034d 5f75bfbfbf0c7cac2c87d6ca5de0661aedc188b0900b6cef5efbaea134b53302 Loading...

	www.google.com/recaptcha/api.js	ScriptElement	870 B	2024-10-08	2024-10-17
Pretty URL www.google.com/recaptcha/api.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-08 05:29 Last Seen2024-10-17 18:24 Times Seen584 Hash 0f193e774135c524efc628d561555bb5 db82d62c0536579d3bbd770064543fe041e5e6c9 201beb2da2d2460893d75c7f140c73eefcf24e10e822df826788e72a04bf8b3a Loading...

	www.file-upload.net/js/jquery-1.7.2.min.js	ScriptElement	95 kB	2023-03-07	2025-06-14
Pretty URL www.file-upload.net/js/jquery-1.7.2.min.js IP 172.67.69.252 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-14 14:29 Times Seen8426 Hash b8d64d0bc142b3f670cc0611b0aebcae abcd2ba13348f178b17141b445bc99f1917d47af 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4 Loading...

	capaciousdrewreligion.com/advertisers.js	ScriptElement	0 B	0001-01-01	2025-06-14
Pretty URL capaciousdrewreligion.com/advertisers.js IP 185.196.197.71 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-06-14 14:38 Times Seen4958752 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	christmascalled.com/f5/29/02/f5290245e2d0af25a9b4828613ce8328.js	ScriptElement	44 kB	2024-10-13	2024-10-13
Pretty URL christmascalled.com/f5/29/02/f5290245e2d0af25a9b4828613ce8328.js IP 172.240.127.234 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-13 20:15 Last Seen2024-10-13 20:15 Times Seen1 Hash d349a3b853caf53f69fb5263e22c2530 88e10b639f82cb9af7c759d9f1d3eec75c6165be 82de6d90477a0197c42965924d6a8351a8dd4167139a232d0e8dd6dd8a0ef9d6 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w&co=aHR0cHM6Ly93d3cuZmlsZS11cGxvYWQubmV0OjQ0Mw..&hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=honqu8mgwafn	ScriptElement	40 kB	2024-10-13	2024-10-13
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w&co=aHR0cHM6Ly93d3cuZmlsZS11cGxvYWQubmV0OjQ0Mw..&hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=honqu8mgwafn IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-13 20:15 Last Seen2024-10-13 20:15 Times Seen1 Hash a1b56f854337a50907f2b77b2248c069 e56f80aa33426ea9b360b2727e9232e001ea332b 66812598aa848c479c352a1cb1f64dc967681f1b70d4f52af36f6e2e83ceab6c Loading...

	www.google.com/recaptcha/api2/bframe?hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w	ScriptElement	0 B	0001-01-01	2025-06-14
Pretty URL www.google.com/recaptcha/api2/bframe?hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-06-14 14:38 Times Seen4958752 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	christmascalled.com/api/posts?token=Lzg0LzRhLzcxLzg0NGE3MWZkZjBlMzBjMWI4MTM5NWRiNTU0NzNhNzM3Lmpz	ScriptElement	96 kB	2024-10-13	2024-10-13
Pretty URL christmascalled.com/api/posts?token=Lzg0LzRhLzcxLzg0NGE3MWZkZjBlMzBjMWI4MTM5NWRiNTU0NzNhNzM3Lmpz IP 172.240.127.234 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-13 20:15 Last Seen2024-10-13 20:15 Times Seen1 Hash c87f8f8cbf8cf8d204e24c464cac9023 e2deba780ec126fa4473dcc4cabbfaa8c96444d5 d9c14d0bc5d45880217e4520cd6b8386fa3b26eddfedf1d5a5d83bfe87c6538c Loading...

	www.file-upload.net/byteflex/bf.js	ScriptElement	22 kB	2023-03-07	2025-03-16
Pretty URL www.file-upload.net/byteflex/bf.js IP 172.67.69.252 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39 Last Seen2025-03-16 18:17 Times Seen38 Hash ca8069c7fc1f480d1d1e7c145b8766ad 3668be82e619922af9827390a9cf1964c268701f cf7bcef3da9b76eb9ce2747e411068faa92f43e3b69b257c7bc84eeffa749f64 Loading...

	recordedthereby.com/sfp.js	ScriptElement	85 kB	2024-05-17	2025-01-21
Pretty URL recordedthereby.com/sfp.js IP 185.196.197.71 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-17 16:43 Last Seen2025-01-21 11:22 Times Seen13574 Hash 7e3e44049654b6e244c1777e68ffb8e7 8f2a8298666d607afd92a0baa362ef4dc9ccd039 4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b Loading...

	unknown	ScriptElement	1.1 kB	2024-10-13	2024-10-13
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-13 20:15 Last Seen2024-10-13 20:15 Times Seen1 Hash d3e141600421918519b88787c61bfe92 2442c67d88479a1411055b5965bae3219131afd8 f4928901fd19d832df08f6d5cf17578cafb88ba7f056ed18f39f771f1d1cc658 Loading...

	www.file-upload.net/download-13050359/KillaHackz.ahk.html	ScriptElement	693 B	2024-10-13	2024-10-13
Pretty URL www.file-upload.net/download-13050359/KillaHackz.ahk.html IP 172.67.69.252 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-13 20:15 Last Seen2024-10-13 20:15 Times Seen1 Hash 87591ea861b622bba5959b4669a1ad36 59533044e5b4c83ad9df78890e3145dbee5c6353 44ec7f43e7804e15755da63482964b8c46a94939f443e70c579dc359a28cc287 Loading...

	www.file-upload.net/include/cookie-consent.js	ScriptElement	110 kB	2023-03-07	2025-03-16
Pretty URL www.file-upload.net/include/cookie-consent.js IP 172.67.69.252 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39 Last Seen2025-03-16 18:17 Times Seen39 Hash c5ed86b8862d3254bc8c9383efd54552 561793df221bb3a3425e14d804fe0c3623b6d5fd 9ba915311d044df920a3cf05259659f562ba103cf516f72a2ff842e7fee89522 Loading...

	www.file-upload.net/download-13050359/KillaHackz.ahk.html	ScriptElement	296 B	2023-03-07	2025-03-16
Pretty URL www.file-upload.net/download-13050359/KillaHackz.ahk.html IP 172.67.69.252 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:39 Last Seen2025-03-16 18:17 Times Seen37 Hash 3424e78249e71733a5c57dd9ceca1b15 6b7f854b9a922916413f12a4ce1025402ce4e5b5 6fae4ee14b7c7ad1b6d78dd2c3fa62cfcf9cb3c4b1ef5a8f88815dcd0ba701ca Loading...

	www.file-upload.net/js/custom.js	ScriptElement	266 B	2023-03-07	2025-03-16
Pretty URL www.file-upload.net/js/custom.js IP 172.67.69.252 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39 Last Seen2025-03-16 18:17 Times Seen38 Hash 6cba1104979a33c88429c6e9d9889d97 a80c2fe7e66df58eb1c40a85eb9e0e0f63e4e1f3 7f30f44c78b17c1a261b4d52c719406ef9f8df4569dce452e22dcf5198a2c6ab Loading...

	www.file-upload.net/include/werbebanner-ad.js	ScriptElement	25 B	2023-03-07	2025-03-16
Pretty URL www.file-upload.net/include/werbebanner-ad.js IP 172.67.69.252 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39 Last Seen2025-03-16 18:17 Times Seen38 Hash 7c6bd0b89a8dc214296b7dbcea7d1a66 65e461ce823a6bb0597c361d65dc994f4eb3dbe7 2bcd607d4aa3c03220e7e0ccfd77f57bd8f2717627e933061f8dbe5b9d47dd71 Loading...

	www.file-upload.net/download-13050359/KillaHackz.ahk.html	ScriptElement	205 B	2023-05-12	2025-03-16
Pretty URL www.file-upload.net/download-13050359/KillaHackz.ahk.html IP 172.67.69.252 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-12 18:13 Last Seen2025-03-16 18:17 Times Seen34 Hash 0a28fe441c05728c63fe54e3df4dc8f8 3a1531b77b5a1d6994c10c37283942a11980b94a a7c4437986454729b115756a34e2b7a112098f4cc624cdb8da717e35f35c1052 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 0447827b0daaa1d81f6d89511c530c33	22 kB	2024-10-13 20:15	2024-10-13 20:15
Pretty Observations First Seen2024-10-13 20:15 Last Seen2024-10-13 20:15 Times Seen1 Hash 0447827b0daaa1d81f6d89511c530c33 ec02fd1fd1edd4a3f2683961d35257db6e79c9bb 193a1f91e7d9d5dd07ceb104b8b4ab63f5dde377c7e67f1d61c767d77b33acb5 Loading...

	#2 Eval - cf89f8613c7c32512b5fc4c3e9bfc851	22 B	2024-09-18 13:54	2024-10-17 06:41
Pretty Observations First Seen2024-09-18 13:54 Last Seen2024-10-17 06:41 Times Seen754 Hash cf89f8613c7c32512b5fc4c3e9bfc851 884da5f58c5cbd50ec6c4a758828f8f097a4b24c 89ef3198d27e7fb77aebc384da2d641c319ee05cbfc7ab7ab6264f2b5841f4a6 Loading...

	#3 Eval - dfa9cbe165c12a8fc73b516e65c725af	64 B	2024-09-18 13:54	2024-10-17 06:41
Pretty Observations First Seen2024-09-18 13:54 Last Seen2024-10-17 06:41 Times Seen760 Hash dfa9cbe165c12a8fc73b516e65c725af ac45b9a3c010ef54c1aa3afe47c09a810204e608 84bca82da51af7128f1083beefd75aaa3e7dd05f13a49a0445e874fdfc5e799e Loading...

	#4 Eval - 6fd9e511965fb63d74295e322eaf320f	22 B	2024-09-18 13:54	2024-10-17 06:41
Pretty Observations First Seen2024-09-18 13:54 Last Seen2024-10-17 06:41 Times Seen762 Hash 6fd9e511965fb63d74295e322eaf320f a091cc31689395fe9dcc17250fecc15207f80fdb 2268f5625c8652bd4d6670f417179ebad33e0855845a96aaaa57886557d48fb4 Loading...

	#5 Eval - 0038d3b21a03f60f571fcb83c190bf3c	18 kB	2024-10-13 20:15	2024-10-13 20:15
Pretty Observations First Seen2024-10-13 20:15 Last Seen2024-10-13 20:15 Times Seen1 Hash 0038d3b21a03f60f571fcb83c190bf3c 5e8248107347b4734cbdefc4e28beb029ea08c23 59d9fb605b3b152f9bb09b9e8c80f9701501c30e882af3aca3c381538878fc9c Loading...

HTTP Transactions (87)

URL IP Response Size

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c960b1db6c38111732eb99b8e8559ea9
0a22f839e4808986db721dd8affaac4f96771c09
c317389c26eb924cc8f4d377564dee9312e0a234ed8151b743cc258a343221c6

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C317389C26EB924CC8F4D377564DEE9312E0A234ED8151B743CC258A343221C6"
Last-Modified: Sun, 13 Oct 2024 04:23:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13783
Expires: Sun, 13 Oct 2024 22:39:53 GMT
Date: Sun, 13 Oct 2024 18:50:10 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
769a524922078b57a9a828ad4a1c5f57
e4eeedefddf60987ea68e911f99663504d978f08
33894f6ff17b73a85e637b913d99cfc80fabcf374fb7a09adfcb05fcf57ebdef

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "33894F6FF17B73A85E637B913D99CFC80FABCF374FB7A09ADFCB05FCF57EBDEF"
Last-Modified: Sun, 13 Oct 2024 04:17:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13429
Expires: Sun, 13 Oct 2024 22:33:59 GMT
Date: Sun, 13 Oct 2024 18:50:10 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
4ef646b0e9b7327e4a942f9294833f80
292c5eafd5f9d4c35b11f0f3d456cdbe77e30c21
eb25c0ba5c8244185a6c004482f85ef91889d1f4f368d44bf009bb957e776f28

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "EB25C0BA5C8244185A6C004482F85EF91889D1F4F368D44BF009BB957E776F28"
Last-Modified: Sun, 13 Oct 2024 04:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13527
Expires: Sun, 13 Oct 2024 22:35:37 GMT
Date: Sun, 13 Oct 2024 18:50:10 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
0047c90c620c7ae5d6e899dbcd92d7f9
b40765060b59aa1231b7e4c552c7657c957a505e
8b02810ecc47d5f71219990370d9538bfff6e45c5ff895e7a3c60392423c5adb

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "8B02810ECC47D5F71219990370D9538BFFF6E45C5FF895E7A3C60392423C5ADB"
Last-Modified: Sat, 12 Oct 2024 08:15:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13789
Expires: Sun, 13 Oct 2024 22:39:59 GMT
Date: Sun, 13 Oct 2024 18:50:10 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c23e39db05be15386fa548ca7b2c453a
f74dde624032b136a3decaa16f09a97402ab226f
42554f548afd03e7799c63539fce43e4bfa688b54b894b564ac51ba30cbaf6f3

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "42554F548AFD03E7799C63539FCE43E4BFA688B54B894B564AC51BA30CBAF6F3"
Last-Modified: Sun, 13 Oct 2024 04:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13483
Expires: Sun, 13 Oct 2024 22:34:53 GMT
Date: Sun, 13 Oct 2024 18:50:10 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
adfe2f25caad6c8e981c03250b8dbbb9
6342ebf52de1222a1fde089ab8c239277274deb4
af0f882266223837608b92a450ec279873a4d0417c113b6d77c86fe3e75feb4a

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "AF0F882266223837608B92A450EC279873A4D0417C113B6D77C86FE3E75FEB4A"
Last-Modified: Sun, 13 Oct 2024 04:17:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13758
Expires: Sun, 13 Oct 2024 22:39:28 GMT
Date: Sun, 13 Oct 2024 18:50:10 GMT
Connection: keep-alive

www.file-upload.net/styles/styles.css

172.67.69.252

200 OK

5.3 kB

URL GET HTTP/2
www.file-upload.net/styles/styles.css
IP
172.67.69.252:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerGoogle Trust Services
Subjectfile-upload.net
Fingerprint63:F7:CF:98:C0:B7:39:66:0D:CE:82:DB:7A:B7:0C:9C:14:19:E9:B8
ValidityThu, 12 Sep 2024 03:57:43 GMT - Wed, 11 Dec 2024 03:57:42 GMT

File type
assembler source, ASCII text, with very long lines (407), with CRLF line terminators
Size
5.3 kB (5272 bytes)
Hash
8b6481f5dd5eabe733c715be67e20fd7
04858e9ee054e29f6c206ac36651a070eb97262c
0fb8929c04e20ea8542b2bdc367bb13842acc3487e9c7c34523fad893c2a6ad6

HTTP Headers

GET /styles/styles.css HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Cookie: PHPSESSID=husbv7nit84f76s9r86tu996iu
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 13 Oct 2024 18:50:11 GMT
content-type: text/css
content-length: 5272
last-modified: Mon, 04 Jan 2021 23:04:16 GMT
etag: "690a-5b81b1bf34d63-gzip"
cache-control: max-age=2678400
expires: Sun, 13 Oct 2024 22:18:03 GMT
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 73928
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UoOmir02JPTdTLRpKBLbbh3Ddu9iWbT6jvqjnQ5Uh%2BAT2jxAN4VM%2Flr6wAL0ap%2B4zJev%2FlYx6Fv9xWWLylxJMweCtgveK7hN%2FgAU59NqiuvqLEHSDClYrNPlZS8fGO7ArXm3kfQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d21838baca55696-OSL
X-Firefox-Spdy: h2

www.file-upload.net/include/werbebanner-ad.js

172.67.69.252

200 OK

25 B

URL GET HTTP/2
www.file-upload.net/include/werbebanner-ad.js
IP
172.67.69.252:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerGoogle Trust Services
Subjectfile-upload.net
Fingerprint63:F7:CF:98:C0:B7:39:66:0D:CE:82:DB:7A:B7:0C:9C:14:19:E9:B8
ValidityThu, 12 Sep 2024 03:57:43 GMT - Wed, 11 Dec 2024 03:57:42 GMT

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
7c6bd0b89a8dc214296b7dbcea7d1a66
65e461ce823a6bb0597c361d65dc994f4eb3dbe7
2bcd607d4aa3c03220e7e0ccfd77f57bd8f2717627e933061f8dbe5b9d47dd71

HTTP Headers

GET /include/werbebanner-ad.js HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Cookie: PHPSESSID=husbv7nit84f76s9r86tu996iu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 13 Oct 2024 18:50:11 GMT
content-type: application/javascript
content-length: 25
last-modified: Mon, 15 Aug 2016 13:54:01 GMT
etag: "19-53a1c90862ada"
cache-control: max-age=2678400
expires: Wed, 06 Nov 2024 12:17:11 GMT
cf-cache-status: HIT
age: 628380
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5L67Jk82J0B78uyOachAmcoe9ZipwV3AynUsgJI6YBZjhPY9%2Ft8BY39ZM6a9cNSLvuRVKk4sKdzGCdgvhvFSThB4Y7B%2Bj9RKffCDmT8Zy3%2BitKdTLdmXhXjbRnsJTAVFqYt1MAk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d21838bacb85696-OSL
X-Firefox-Spdy: h2

www.file-upload.net/images/file-upload.png

172.67.69.252

200 OK

9.9 kB

URL GET HTTP/2
www.file-upload.net/images/file-upload.png
IP
172.67.69.252:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerGoogle Trust Services
Subjectfile-upload.net
Fingerprint63:F7:CF:98:C0:B7:39:66:0D:CE:82:DB:7A:B7:0C:9C:14:19:E9:B8
ValidityThu, 12 Sep 2024 03:57:43 GMT - Wed, 11 Dec 2024 03:57:42 GMT

File type
PNG image data, 309 x 46, 8-bit/color RGBA, non-interlaced
Size
9.9 kB (9880 bytes)
Hash
f03db94b751b6b480090dac48d8d9b26
28fbbd69d759d02aa6b99119de4c31aad5e29e9e
75fbe717629d2aa1a45ba6b3da35090acd83d378479dd92aa0f144ffb9527514

HTTP Headers

GET /images/file-upload.png HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Cookie: PHPSESSID=husbv7nit84f76s9r86tu996iu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 13 Oct 2024 18:50:11 GMT
content-type: image/png
content-length: 9880
last-modified: Mon, 09 Sep 2013 20:40:20 GMT
etag: "2698-4e5f96595a509"
cache-control: max-age=2678400
expires: Sun, 10 Nov 2024 15:40:52 GMT
cf-cache-status: HIT
age: 270559
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jDEyhhHeoSvrmzsFR4rSvqKIkuuwImjcr2DX49%2BqWn2LS7TOcxEn%2FN9bf1sv3qdfJ%2BMbnbj2tZ2mWcen%2FmKczNwewArlKMYR2NEz5JGf6Zvg%2FGb9ipWcUcHyfT521t3SPLdnZL0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d21838bacb25696-OSL
X-Firefox-Spdy: h2

www.file-upload.net/byteflex/bf.js

172.67.69.252

200 OK

5.7 kB

URL GET HTTP/2
www.file-upload.net/byteflex/bf.js
IP
172.67.69.252:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerGoogle Trust Services
Subjectfile-upload.net
Fingerprint63:F7:CF:98:C0:B7:39:66:0D:CE:82:DB:7A:B7:0C:9C:14:19:E9:B8
ValidityThu, 12 Sep 2024 03:57:43 GMT - Wed, 11 Dec 2024 03:57:42 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
Size
5.7 kB (5676 bytes)
Hash
ca8069c7fc1f480d1d1e7c145b8766ad
3668be82e619922af9827390a9cf1964c268701f
cf7bcef3da9b76eb9ce2747e411068faa92f43e3b69b257c7bc84eeffa749f64

HTTP Headers

GET /byteflex/bf.js HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Cookie: PHPSESSID=husbv7nit84f76s9r86tu996iu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 13 Oct 2024 18:50:11 GMT
content-type: application/javascript
content-length: 5676
last-modified: Fri, 13 Jan 2017 10:06:59 GMT
etag: "5790-545f6fe9efa6a-gzip"
cache-control: max-age=2678400
expires: Wed, 06 Nov 2024 12:17:11 GMT
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 628380
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TCIFEugnmgCJOknlnMKo%2FZLAcJ5N%2FDuM7pyOSLDplzyvF2zQJDPjjZDDjToAq7ZPbTAtTngYemZV5r4ofEkGhrq7MbU4Yux8vqpOE8I3UhryTQmaGhPNDJbJ%2Bd5UUH%2BMZVO2cOE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d21838bbcc85696-OSL
X-Firefox-Spdy: h2

www.file-upload.net/js/jquery-1.7.2.min.js

172.67.69.252

200 OK

34 kB

URL GET HTTP/2
www.file-upload.net/js/jquery-1.7.2.min.js
IP
172.67.69.252:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerGoogle Trust Services
Subjectfile-upload.net
Fingerprint63:F7:CF:98:C0:B7:39:66:0D:CE:82:DB:7A:B7:0C:9C:14:19:E9:B8
ValidityThu, 12 Sep 2024 03:57:43 GMT - Wed, 11 Dec 2024 03:57:42 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (32769)
Size
34 kB (33622 bytes)
Hash
b8d64d0bc142b3f670cc0611b0aebcae
abcd2ba13348f178b17141b445bc99f1917d47af
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

HTTP Headers

GET /js/jquery-1.7.2.min.js HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Cookie: PHPSESSID=husbv7nit84f76s9r86tu996iu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 13 Oct 2024 18:50:11 GMT
content-type: application/javascript
content-length: 33622
last-modified: Mon, 09 Sep 2013 20:41:22 GMT
etag: "17278-4e5f969448aeb-gzip"
cache-control: max-age=2678400
expires: Wed, 06 Nov 2024 12:10:21 GMT
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 628790
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FgLy1fxjnQ72i2lXHu537860VpX2zFg0CifTfd6Jmw0sr83yieQHT%2B8FOz0A8PlhHz%2FaT0pX5%2BD7jPHTY%2BHujWMDtWanObsOuV%2FNbW7gtFRiI8s%2FLmOrByusgdwlakWCrybBNJ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d21838bbcc65696-OSL
X-Firefox-Spdy: h2

www.file-upload.net/js/custom.js

172.67.69.252

200 OK

191 B

URL GET HTTP/2
www.file-upload.net/js/custom.js
IP
172.67.69.252:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerGoogle Trust Services
Subjectfile-upload.net
Fingerprint63:F7:CF:98:C0:B7:39:66:0D:CE:82:DB:7A:B7:0C:9C:14:19:E9:B8
ValidityThu, 12 Sep 2024 03:57:43 GMT - Wed, 11 Dec 2024 03:57:42 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
191 B (191 bytes)
Hash
6cba1104979a33c88429c6e9d9889d97
a80c2fe7e66df58eb1c40a85eb9e0e0f63e4e1f3
7f30f44c78b17c1a261b4d52c719406ef9f8df4569dce452e22dcf5198a2c6ab

HTTP Headers

GET /js/custom.js HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Cookie: PHPSESSID=husbv7nit84f76s9r86tu996iu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 13 Oct 2024 18:50:11 GMT
content-type: application/javascript
content-length: 191
last-modified: Mon, 02 Jan 2017 12:52:24 GMT
etag: "10a-5451c05f3dc5a-gzip"
cache-control: max-age=2678400
expires: Tue, 15 Oct 2024 15:02:17 GMT
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 2519274
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5z54wKV2W%2FkEU50LMt5ZNCVraFqyaXWUoPHoqiaI%2BQWSOEsQxCu1s%2BPGPpSSA9qUWPuNM%2F2skBJAagRl2FL2yT7kHEBMwCZmbZNguwcusQQDC8u0mHOq1R7P%2BlMg7EtSn8jGc9M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d21838bbcce5696-OSL
X-Firefox-Spdy: h2

www.file-upload.net/images/us.png

172.67.69.252

200 OK

609 B

URL GET HTTP/2
www.file-upload.net/images/us.png
IP
172.67.69.252:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerGoogle Trust Services
Subjectfile-upload.net
Fingerprint63:F7:CF:98:C0:B7:39:66:0D:CE:82:DB:7A:B7:0C:9C:14:19:E9:B8
ValidityThu, 12 Sep 2024 03:57:43 GMT - Wed, 11 Dec 2024 03:57:42 GMT

File type
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
Size
609 B (609 bytes)
Hash
968591e0050981be9fa94bd2597afb48
dd9e149e2b5ad59dd8b4b262f5fdeb5cc10ecf43
36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585

HTTP Headers

GET /images/us.png HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Cookie: PHPSESSID=husbv7nit84f76s9r86tu996iu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 13 Oct 2024 18:50:11 GMT
content-type: image/png
content-length: 609
last-modified: Mon, 09 Sep 2013 20:40:54 GMT
etag: "261-4e5f967958fa6"
cache-control: max-age=2678400
expires: Tue, 15 Oct 2024 15:02:17 GMT
cf-cache-status: HIT
age: 2519274
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6xTOkHvMGY%2FRrxvrsc8b2eZfkmyRJr7jjZP8V%2B9p2xb6J9%2BT2bQKA8aPCKvtn%2B86qtyYJuZgtLvepMnHp2b0oYr8pvr95WIlWIvElDmcKqOzuAS0t7J0hX7lA2%2FUmIONkTk8JIs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d21838bbcbd5696-OSL
X-Firefox-Spdy: h2

www.file-upload.net/images/button_login.png

172.67.69.252

200 OK

1.8 kB

URL GET HTTP/2
www.file-upload.net/images/button_login.png
IP
172.67.69.252:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerGoogle Trust Services
Subjectfile-upload.net
Fingerprint63:F7:CF:98:C0:B7:39:66:0D:CE:82:DB:7A:B7:0C:9C:14:19:E9:B8
ValidityThu, 12 Sep 2024 03:57:43 GMT - Wed, 11 Dec 2024 03:57:42 GMT

File type
PNG image data, 46 x 22, 8-bit/color RGBA, non-interlaced
Size
1.8 kB (1775 bytes)
Hash
1bac747a20923426c99e91438bdf6878
237147e47a3c941035352f498aa187b38f3086d2
899d6f3d52d1df7e85d4936f3b8f41a2e94349be68d03018be46939cc559da4d

HTTP Headers

GET /images/button_login.png HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Cookie: PHPSESSID=husbv7nit84f76s9r86tu996iu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 13 Oct 2024 18:50:11 GMT
content-type: image/png
content-length: 1775
last-modified: Mon, 09 Sep 2013 20:39:49 GMT
etag: "6ef-4e5f963baf5f2"
cache-control: max-age=2678400
expires: Wed, 06 Nov 2024 12:17:11 GMT
cf-cache-status: HIT
age: 628380
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0VGHKC%2BAsoqt129N6Oo6emZbUH6%2Fmlb9N4ij7TkgYY6xhKiuW9b3Sf9rhYRF9KKYPj5U8xSnPt5brJe46l6vUDvckYPK7XE6RNp55RNZdiYpZvwtn%2FqIlpg7tGQllG71ZZRjI04%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d21838bbcd95696-OSL
X-Firefox-Spdy: h2

www.file-upload.net/include/cookie-consent.js

172.67.69.252

200 OK

28 kB

URL GET HTTP/2
www.file-upload.net/include/cookie-consent.js
IP
172.67.69.252:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerGoogle Trust Services
Subjectfile-upload.net
Fingerprint63:F7:CF:98:C0:B7:39:66:0D:CE:82:DB:7A:B7:0C:9C:14:19:E9:B8
ValidityThu, 12 Sep 2024 03:57:43 GMT - Wed, 11 Dec 2024 03:57:42 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (64407), with no line terminators
Size
28 kB (28400 bytes)
Hash
c5ed86b8862d3254bc8c9383efd54552
561793df221bb3a3425e14d804fe0c3623b6d5fd
9ba915311d044df920a3cf05259659f562ba103cf516f72a2ff842e7fee89522

HTTP Headers

GET /include/cookie-consent.js HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Cookie: PHPSESSID=husbv7nit84f76s9r86tu996iu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 13 Oct 2024 18:50:11 GMT
content-type: application/javascript
content-length: 28400
last-modified: Wed, 02 Jun 2021 10:11:59 GMT
etag: "1afbb-5c3c5b06d5495-gzip"
cache-control: max-age=2678400
expires: Tue, 15 Oct 2024 15:02:17 GMT
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 2519274
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oJ8t9j2SCE1Q0aQWEGV%2Fu0kjywTjBp4AMJjrfYaRPwwh7ZdfRu4kO6v31xK8kBNz3g%2FK9Q%2BoKmBWmM%2FREem32sKRaIXelkVzNOeP9qTjdSEzwsgumITLMZz6L0fn7Viupex8DO8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d21838bbcd05696-OSL
X-Firefox-Spdy: h2

www.file-upload.net/images/body.png

172.67.69.252

200 OK

34 kB

URL GET HTTP/2
www.file-upload.net/images/body.png
IP
172.67.69.252:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerGoogle Trust Services
Subjectfile-upload.net
Fingerprint63:F7:CF:98:C0:B7:39:66:0D:CE:82:DB:7A:B7:0C:9C:14:19:E9:B8
ValidityThu, 12 Sep 2024 03:57:43 GMT - Wed, 11 Dec 2024 03:57:42 GMT

File type
PNG image data, 1360 x 699, 8-bit/color RGBA, non-interlaced
Size
34 kB (34539 bytes)
Hash
4aeb3f368f4a9a3665c801b58a2f3dd1
0d0b4c01314f734a227939eea72bbbf664647dfd
8827748e04ca7c60276057a79c72f569631a6e314b6c30d3bccd4f4fd3e9226a

HTTP Headers

GET /images/body.png HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/styles/styles.css
Cookie: PHPSESSID=husbv7nit84f76s9r86tu996iu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 13 Oct 2024 18:50:11 GMT
content-type: image/png
content-length: 34539
last-modified: Mon, 09 Sep 2013 20:39:45 GMT
etag: "86eb-4e5f963760cd1"
cache-control: max-age=2678400
expires: Mon, 21 Oct 2024 06:01:42 GMT
cf-cache-status: HIT
age: 2033309
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b9RKxaHvoJ7ELgsd%2B9EXJ6kLTpLv7bWkoi4APcJL%2BfoPaaULo2g0%2Fa1iEZO3ecvHYVbJb%2Fai1krOpGQxe6C5mjUjv7Gyr0DKxkM2YoFppTVWpV020dWeKskuG5%2FNLnGPdTa7UDM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d21838c4dc85696-OSL
X-Firefox-Spdy: h2

www.file-upload.net/images/header.png

172.67.69.252

200 OK

1.1 kB

URL GET HTTP/2
www.file-upload.net/images/header.png
IP
172.67.69.252:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerGoogle Trust Services
Subjectfile-upload.net
Fingerprint63:F7:CF:98:C0:B7:39:66:0D:CE:82:DB:7A:B7:0C:9C:14:19:E9:B8
ValidityThu, 12 Sep 2024 03:57:43 GMT - Wed, 11 Dec 2024 03:57:42 GMT

File type
PNG image data, 1 x 79, 8-bit/color RGB, non-interlaced
Size
1.1 kB (1068 bytes)
Hash
5886109990549d5bf7890081223264c1
413e69bcadd91d94332384baa2296f3c0006c824
550fc83ff49ecb7977aede8b196f72234e7e6c65c7d520b08add5b64c7d63198

HTTP Headers

GET /images/header.png HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/styles/styles.css
Cookie: PHPSESSID=husbv7nit84f76s9r86tu996iu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 13 Oct 2024 18:50:11 GMT
content-type: image/png
content-length: 1068
last-modified: Mon, 09 Sep 2013 20:40:26 GMT
etag: "42c-4e5f965f34678"
cache-control: max-age=2678400
expires: Tue, 15 Oct 2024 15:02:17 GMT
cf-cache-status: HIT
age: 2519274
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FPnn%2BLElM8nFEW0TNr7mdBkg0QwuIlJ5uc4ZMQ4ak0LW1COn3ITd6zZjYj0AfltXI34q5Ei1Id7nHZy4VHtzLsj4Zck6poEyB7KILOsycp3yVyV4%2FrzhtPu%2F5StyyOxVrt28auo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d21838c4dcc5696-OSL
X-Firefox-Spdy: h2

www.file-upload.net/images/header_menu.png

172.67.69.252

200 OK

1.1 kB

URL GET HTTP/2
www.file-upload.net/images/header_menu.png
IP
172.67.69.252:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerGoogle Trust Services
Subjectfile-upload.net
Fingerprint63:F7:CF:98:C0:B7:39:66:0D:CE:82:DB:7A:B7:0C:9C:14:19:E9:B8
ValidityThu, 12 Sep 2024 03:57:43 GMT - Wed, 11 Dec 2024 03:57:42 GMT

File type
PNG image data, 250 x 32, 8-bit/color RGB, non-interlaced
Size
1.1 kB (1100 bytes)
Hash
4825188aca0fbfab7fb8657740eca06b
4a2c1130fd24dd40196c39c7b88e6e96d7ceedc9
39c1ac4a52c526b6bdcf137d12954bbfbf68907ad4d76d89ecff7390b3d4ebae

HTTP Headers

GET /images/header_menu.png HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/styles/styles.css
Cookie: PHPSESSID=husbv7nit84f76s9r86tu996iu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 13 Oct 2024 18:50:11 GMT
content-type: image/png
content-length: 1100
last-modified: Mon, 09 Sep 2013 20:40:28 GMT
etag: "44c-4e5f9660a58e3"
cache-control: max-age=2678400
expires: Tue, 15 Oct 2024 15:02:17 GMT
cf-cache-status: HIT
age: 2519274
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D%2Fcp82%2B6547DalWfYGIZlMSOWnrypK7Qgt71aPdHyj6fvECCbwD4QG%2BCLjjmucni3fhtOBiIkFv0bjGvAY26KVfNKKCuLKtEi5TdOBoRusUuY03E4GIv%2FBFPNhXJxPTQ%2FJN6RLg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d21838c5dd35696-OSL
X-Firefox-Spdy: h2

www.file-upload.net/images/mod_login_input.png

172.67.69.252

200 OK

2.3 kB

URL GET HTTP/2
www.file-upload.net/images/mod_login_input.png
IP
172.67.69.252:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerGoogle Trust Services
Subjectfile-upload.net
Fingerprint63:F7:CF:98:C0:B7:39:66:0D:CE:82:DB:7A:B7:0C:9C:14:19:E9:B8
ValidityThu, 12 Sep 2024 03:57:43 GMT - Wed, 11 Dec 2024 03:57:42 GMT

File type
PNG image data, 122 x 69, 8-bit/color RGBA, non-interlaced
Size
2.3 kB (2310 bytes)
Hash
25d2191f8455a1b039fe08ecdfda33b3
6b3b130ee5ded3823035d13035255a32120e459e
70f68aaece59db92ea7933d27c8c8f3551a5801c63399e64ae69d22c69e6a82e

HTTP Headers

GET /images/mod_login_input.png HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/styles/styles.css
Cookie: PHPSESSID=husbv7nit84f76s9r86tu996iu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 13 Oct 2024 18:50:11 GMT
content-type: image/png
content-length: 2310
last-modified: Mon, 09 Sep 2013 20:40:35 GMT
etag: "906-4e5f9667d573a"
cache-control: max-age=2678400
expires: Tue, 15 Oct 2024 15:02:17 GMT
cf-cache-status: HIT
age: 2519274
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ve%2BTVtjRGgAtEap1YEi0b1Jq8ivkkfgagu4cyxG%2F756luSQTz84aElROifv%2BLEdCXdaeH4KAxRGWJCgOpTPH%2F1ILOvxy%2BILahefKoYVgugmensopoKIhXFnC5yfFGQaEsXaDmXg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d21838c5dcd5696-OSL
X-Firefox-Spdy: h2

o.pki.goog/wr2

216.58.207.195

471 B

URL
o.pki.goog/wr2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
fb613b9e773e424ed610e0611906a452
3f4fa7c94acff249d10555171973896e0e075501
13e91066737522a71b3e3fc8ddb3fe652e985fe6343233822374642ac6ed9bf3

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Oct 2024 18:50:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
35904d3f3b6c663b9dda05036dcea9a3
507d6774058d899676164e0d94cc3e6525528107
a7832b52ecfee8276dbd9946bdfb2b1da0c09a186c69c7a1f45182aec6c71af7

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "A7832B52ECFEE8276DBD9946BDFB2B1DA0C09A186C69C7A1F45182AEC6C71AF7"
Last-Modified: Fri, 11 Oct 2024 15:06:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8304
Expires: Sun, 13 Oct 2024 21:08:35 GMT
Date: Sun, 13 Oct 2024 18:50:11 GMT
Connection: keep-alive

www.file-upload.net/images/container_top.png

172.67.69.252

200 OK

1.1 kB

URL GET HTTP/2
www.file-upload.net/images/container_top.png
IP
172.67.69.252:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerGoogle Trust Services
Subjectfile-upload.net
Fingerprint63:F7:CF:98:C0:B7:39:66:0D:CE:82:DB:7A:B7:0C:9C:14:19:E9:B8
ValidityThu, 12 Sep 2024 03:57:43 GMT - Wed, 11 Dec 2024 03:57:42 GMT

File type
PNG image data, 960 x 9, 8-bit/color RGBA, non-interlaced
Size
1.1 kB (1137 bytes)
Hash
26efa62d85a335ccaa936aa28687a0e0
7cdcbf45d7ede62f87ac93bc9bfedbebd4ccd585
fdc872081d748e91b69a70d5f76fa0335ec895d9fc5979259d8e5242160da341

HTTP Headers

GET /images/container_top.png HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/styles/styles.css
Cookie: PHPSESSID=husbv7nit84f76s9r86tu996iu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 13 Oct 2024 18:50:11 GMT
content-type: image/png
content-length: 1137
last-modified: Mon, 09 Sep 2013 20:39:58 GMT
etag: "471-4e5f96444b893"
cache-control: max-age=2678400
expires: Tue, 15 Oct 2024 15:02:17 GMT
cf-cache-status: HIT
age: 2519274
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j9UjzczRX5UXs4TgHJ68ggrCrgVVo%2FpaVzdevyRcegd4eADRfYlyBHrt630OJEX7AQr%2Bgp2T3ltxzugrcGhi2m8On0bkNXlI7o7i%2B6kjXJhWrus8kVH2oJLj1c5WRiilcmbZq0c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d21838d5fdd5696-OSL
X-Firefox-Spdy: h2

www.file-upload.net/images/klammer.png

172.67.69.252

200 OK

1.4 kB

URL GET HTTP/2
www.file-upload.net/images/klammer.png
IP
172.67.69.252:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerGoogle Trust Services
Subjectfile-upload.net
Fingerprint63:F7:CF:98:C0:B7:39:66:0D:CE:82:DB:7A:B7:0C:9C:14:19:E9:B8
ValidityThu, 12 Sep 2024 03:57:43 GMT - Wed, 11 Dec 2024 03:57:42 GMT

File type
PNG image data, 25 x 45, 8-bit/color RGBA, non-interlaced
Size
1.4 kB (1406 bytes)
Hash
8bef927ffef9f77ecbc971aaa983d03f
938288cc044d8707e3555f83c8071d5384270470
18f1858ca6a48d6146dd0e09d83728345f061f37413f4ea307f5ea5aae6aa361

HTTP Headers

GET /images/klammer.png HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/styles/styles.css
Cookie: PHPSESSID=husbv7nit84f76s9r86tu996iu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 13 Oct 2024 18:50:11 GMT
content-type: image/png
content-length: 1406
last-modified: Mon, 09 Sep 2013 20:40:32 GMT
etag: "57e-4e5f9664f51a4"
cache-control: max-age=2678400
expires: Sat, 19 Oct 2024 19:49:49 GMT
cf-cache-status: HIT
age: 2156422
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BuCcdx8jQWRsUIcvIPfPYmFT9tb8%2BFf26iMV6ShiT1jq2cbu%2B49FVLpfqFODHOYAaVZWUmIRFt10gUsriW6cBuFHYQYDOOxLnDtrYNHIQ9TzW9xu228Ihx75Vf3ozKL28exGU0w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d21838d6ff15696-OSL
X-Firefox-Spdy: h2

www.file-upload.net/images/dateiname.png

172.67.69.252

200 OK

2.1 kB

URL GET HTTP/2
www.file-upload.net/images/dateiname.png
IP
172.67.69.252:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerGoogle Trust Services
Subjectfile-upload.net
Fingerprint63:F7:CF:98:C0:B7:39:66:0D:CE:82:DB:7A:B7:0C:9C:14:19:E9:B8
ValidityThu, 12 Sep 2024 03:57:43 GMT - Wed, 11 Dec 2024 03:57:42 GMT

File type
PNG image data, 845 x 52, 8-bit/color RGBA, non-interlaced
Size
2.1 kB (2130 bytes)
Hash
6255b329e01dacc5ea1f0bf705ae0047
55b5644b51bba39a0b3b8445dcb6e613ef67def2
05d165cc1de12f1d4537d9a3d21cce447e6ce8590b1e503d8fd3766ef352b34a

HTTP Headers

GET /images/dateiname.png HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/styles/styles.css
Cookie: PHPSESSID=husbv7nit84f76s9r86tu996iu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 13 Oct 2024 18:50:11 GMT
content-type: image/png
content-length: 2130
last-modified: Sun, 03 Dec 2017 19:58:56 GMT
etag: "852-55f75082f5558"
cache-control: max-age=2678400
expires: Fri, 18 Oct 2024 10:28:43 GMT
cf-cache-status: HIT
age: 2276488
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=28VL%2BMo9AY4KGG9FBUTV6wwZbb4m5xYGD%2F1lj1qeSL2TE70SfDQ100h7cB2SuAGwVAOdlz9ADdMPzwTthHs7x9NPzSIEuo8jDr3vGnK3%2FXLmVFVdGqHfkcyu5LxWzpC9Ns72M%2B0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d21838d6ff65696-OSL
X-Firefox-Spdy: h2

www.file-upload.net/images/container.png

172.67.69.252

200 OK

1.0 kB

URL GET HTTP/2
www.file-upload.net/images/container.png
IP
172.67.69.252:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerGoogle Trust Services
Subjectfile-upload.net
Fingerprint63:F7:CF:98:C0:B7:39:66:0D:CE:82:DB:7A:B7:0C:9C:14:19:E9:B8
ValidityThu, 12 Sep 2024 03:57:43 GMT - Wed, 11 Dec 2024 03:57:42 GMT

File type
PNG image data, 960 x 1, 8-bit/color RGBA, non-interlaced
Size
1.0 kB (1041 bytes)
Hash
39217f2392a12f33822402e24c562474
6474a76df1f7c959b23b4587ffdb17fc6b907a80
a689740126d53eb144e9be8714e3989de4f0d0fe32e7d64596b799d674889029

HTTP Headers

GET /images/container.png HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/styles/styles.css
Cookie: PHPSESSID=husbv7nit84f76s9r86tu996iu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 13 Oct 2024 18:50:11 GMT
content-type: image/png
content-length: 1041
last-modified: Mon, 09 Sep 2013 20:39:55 GMT
etag: "411-4e5f96416c29d"
cache-control: max-age=2678400
expires: Tue, 15 Oct 2024 15:02:17 GMT
cf-cache-status: HIT
age: 2519274
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lP4aSmkfAnC%2BW0eeeTiw9tTXUCuRskZ1L9FkpaWHG%2BBAw16F%2FYorm79sEaCCDWi%2B6J%2BJ%2FsYi96ZVey%2BbFcwEDB4%2FyEWgs3n942s7B%2Bo8cVv5doAfFIkCK4uEgLuTGV8M%2FDUtDFU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d21838d6feb5696-OSL
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
35904d3f3b6c663b9dda05036dcea9a3
507d6774058d899676164e0d94cc3e6525528107
a7832b52ecfee8276dbd9946bdfb2b1da0c09a186c69c7a1f45182aec6c71af7

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "A7832B52ECFEE8276DBD9946BDFB2B1DA0C09A186C69C7A1F45182AEC6C71AF7"
Last-Modified: Fri, 11 Oct 2024 15:06:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8394
Expires: Sun, 13 Oct 2024 21:10:05 GMT
Date: Sun, 13 Oct 2024 18:50:11 GMT
Connection: keep-alive

o.pki.goog/wr2

216.58.207.195

472 B

URL
o.pki.goog/wr2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d4a29b644fe4dbbfca5a24a38149daa1
faa7e960e3049a39debe420f7ab5ee8ce0de2b32
88118ac7d69b2eb0fcc514f89f029112d7c71f0cba3b0b8bd7c835ded49c7a0b

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Oct 2024 18:50:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
4b55135e567b113aa300a8fb9ecb4738
33d3afcce0ab7564024ccb556d0418030293d8d8
83e94142b11941d7ee9dd0cacdeed672d45f58180541d3a3dfa8376a7a4947e7

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "83E94142B11941D7EE9DD0CACDEED672D45F58180541D3A3DFA8376A7A4947E7"
Last-Modified: Sun, 13 Oct 2024 14:15:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13367
Expires: Sun, 13 Oct 2024 22:32:58 GMT
Date: Sun, 13 Oct 2024 18:50:11 GMT
Connection: keep-alive

firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/67004e36-8e52-4548-bd40-062a9ac10df3.bin

34.117.121.53

841 kB

URL
firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/67004e36-8e52-4548-bd40-062a9ac10df3.bin
IP
34.117.121.53:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
data
Size
841 kB (841024 bytes)
Hash
d2ae97b1490cc258d04cf702943aaba6
42150fc2d03d82c01357a891fd4e4b68072c4335
ee70e50e8c808399c10883d9ea525638dccf93570b6d855c7586cd15142eddec

HTTP Headers

GET /staging/addons-bloomfilters/67004e36-8e52-4548-bd40-062a9ac10df3.bin HTTP/1.1
Host: firefox-settings-attachments.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-goog-generation: 1724351846112918
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 841024
x-goog-hash: crc32c=KN1qPQ==, md5=0q6XsUkMwljQTPcClDqrpg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 841024
x-guploader-uploadid: AHmUCY0qj_aykulYz--RcqkUbGzcBF7L7okRRlfqKCXuSRXbHXH-OzsgP7z8tRO077YMGCDEWzTYYbhh5A
server: UploadServer
date: Thu, 10 Oct 2024 18:40:08 GMT
cache-control: public,max-age=604800
age: 259803
last-modified: Thu, 22 Aug 2024 18:37:26 GMT
etag: "d2ae97b1490cc258d04cf702943aaba6"
content-type: application/octet-stream
alt-svc: clear
X-Firefox-Spdy: h2

christmascalled.com/api/posts?token=Lzg0LzRhLzcxLzg0NGE3MWZkZjBlMzBjMWI4MTM5NWRiNTU0NzNhNzM3Lmpz

172.240.127.234

200 OK

34 kB

URL GET HTTP/1.1
christmascalled.com/api/posts?token=Lzg0LzRhLzcxLzg0NGE3MWZkZjBlMzBjMWI4MTM5NWRiNTU0NzNhNzM3Lmpz
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerLet's Encrypt
Subjectchristmascalled.com
Fingerprint4F:B5:EB:D8:90:03:43:B8:C9:D4:3B:F2:3E:DD:5D:BA:F2:A9:C5:6F
ValidityFri, 04 Oct 2024 01:59:52 GMT - Thu, 02 Jan 2025 01:59:51 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
34 kB (34229 bytes)
Hash
c87f8f8cbf8cf8d204e24c464cac9023
e2deba780ec126fa4473dcc4cabbfaa8c96444d5
d9c14d0bc5d45880217e4520cd6b8386fa3b26eddfedf1d5a5d83bfe87c6538c

HTTP Headers

GET /api/posts?token=Lzg0LzRhLzcxLzg0NGE3MWZkZjBlMzBjMWI4MTM5NWRiNTU0NzNhNzM3Lmpz HTTP/1.1
Host: christmascalled.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 13 Oct 2024 18:50:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: christmascalled.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: a167a455107c018e9fca44775f45cac9
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

christmascalled.com/f5/29/02/f5290245e2d0af25a9b4828613ce8328.js

172.240.127.234

200 OK

16 kB

URL GET HTTP/1.1
christmascalled.com/f5/29/02/f5290245e2d0af25a9b4828613ce8328.js
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerLet's Encrypt
Subjectchristmascalled.com
Fingerprint4F:B5:EB:D8:90:03:43:B8:C9:D4:3B:F2:3E:DD:5D:BA:F2:A9:C5:6F
ValidityFri, 04 Oct 2024 01:59:52 GMT - Thu, 02 Jan 2025 01:59:51 GMT

File type
JavaScript source, ASCII text, with very long lines (44053), with no line terminators
Size
16 kB (15896 bytes)
Hash
d349a3b853caf53f69fb5263e22c2530
88e10b639f82cb9af7c759d9f1d3eec75c6165be
82de6d90477a0197c42965924d6a8351a8dd4167139a232d0e8dd6dd8a0ef9d6

HTTP Headers

GET /f5/29/02/f5290245e2d0af25a9b4828613ce8328.js HTTP/1.1
Host: christmascalled.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 13 Oct 2024 18:50:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: christmascalled.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 7c5c7d6fb5b3451fa21e5f4c808afd4a
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
2537fa831c2df66dfa5a006a3105f1f2
ddf9f247c6400fae27af076cc7541e8dabe30b41
bf48050e218ac664d27d09b0d4a2d0385352248c11ea297edd30e9c6c0c8d953

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "BF48050E218AC664D27D09B0D4A2D0385352248C11EA297EDD30E9C6C0C8D953"
Last-Modified: Sun, 13 Oct 2024 04:04:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13773
Expires: Sun, 13 Oct 2024 22:39:44 GMT
Date: Sun, 13 Oct 2024 18:50:11 GMT
Connection: keep-alive

www.file-upload.net/images/container_bottom.png

172.67.69.252

200 OK

1.3 kB

URL GET HTTP/2
www.file-upload.net/images/container_bottom.png
IP
172.67.69.252:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerGoogle Trust Services
Subjectfile-upload.net
Fingerprint63:F7:CF:98:C0:B7:39:66:0D:CE:82:DB:7A:B7:0C:9C:14:19:E9:B8
ValidityThu, 12 Sep 2024 03:57:43 GMT - Wed, 11 Dec 2024 03:57:42 GMT

File type
PNG image data, 960 x 19, 8-bit/color RGBA, non-interlaced
Size
1.3 kB (1339 bytes)
Hash
6ceda3386ff7467d4902b5e3032e80a2
24269149a40909870a579251b85740ba3ed0ac95
f025b6e422066c3b6e4facc0a92f353c60c59760a6823d08d0da5f3e5589cbdc

HTTP Headers

GET /images/container_bottom.png HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/styles/styles.css
Cookie: PHPSESSID=husbv7nit84f76s9r86tu996iu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 13 Oct 2024 18:50:11 GMT
content-type: image/png
content-length: 1339
last-modified: Mon, 09 Sep 2013 20:39:57 GMT
etag: "53b-4e5f9642dc568"
cache-control: max-age=2678400
expires: Tue, 15 Oct 2024 15:02:18 GMT
cf-cache-status: HIT
age: 2519273
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qYVpF0%2BKfhuV7EvJ3jywe2yUHplYZc2%2Fo7AdkmXeSUVkKM%2FFdEOqgy2Z5wIVBrSlldHQDOSqSchZdjej1aCSFblwI5VhMAf7dT8a4I52sKYf85BdIF9ytcNc9hF5WprNmhOQdm8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d2183904db85696-OSL
X-Firefox-Spdy: h2

recordedthereby.com/sfp.js

185.196.197.71

200 OK

85 kB

URL GET HTTP/1.1
recordedthereby.com/sfp.js
IP
185.196.197.71:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerLet's Encrypt
Subjectrecordedthereby.com
FingerprintA6:94:B5:48:61:24:04:47:02:E8:CB:06:9D:21:58:9B:28:B3:E2:F3
ValidityFri, 06 Sep 2024 22:52:34 GMT - Thu, 05 Dec 2024 22:52:33 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
85 kB (85378 bytes)
Hash
7e3e44049654b6e244c1777e68ffb8e7
8f2a8298666d607afd92a0baa362ef4dc9ccd039
4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 13 Oct 2024 18:50:11 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 85378
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 421eb5e8fb290cdb570482c31351e9b4
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

ocsp.r2m03.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
e5d8a2c42f33a7c22a9c2e0f18d76146
f9ee001b2d7fe3a9f188ebae764a79930cd04e4d
319cb1365551353b0c464b773763ce4850ba3bd08a33a6750f5d5b79d9c47e91

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sun, 13 Oct 2024 18:50:11 GMT
Last-Modified: Sun, 13 Oct 2024 17:02:48 GMT
Server: ECAcc (ska/F69C)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: F88ViJhZ1zwMZmEWzAipMFJyVP20rVtYjQ4-hoBvJi8go6iPf4a78w==
Age: 6443

ocsp.r2m03.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
e5d8a2c42f33a7c22a9c2e0f18d76146
f9ee001b2d7fe3a9f188ebae764a79930cd04e4d
319cb1365551353b0c464b773763ce4850ba3bd08a33a6750f5d5b79d9c47e91

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sun, 13 Oct 2024 18:50:11 GMT
Last-Modified: Sun, 13 Oct 2024 17:17:11 GMT
Server: ECAcc (ska/F6A0)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hKhNcfz5JcwpNJoA0LF2j8Yjf1mgAIBzYAwviUqBCZAygFAc_NEAtg==
Age: 5580

recordedthereby.com/sfp.js

185.196.197.72

200 OK

85 kB

URL GET HTTP/1.1
recordedthereby.com/sfp.js
IP
185.196.197.72:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerLet's Encrypt
Subjectrecordedthereby.com
FingerprintA6:94:B5:48:61:24:04:47:02:E8:CB:06:9D:21:58:9B:28:B3:E2:F3
ValidityFri, 06 Sep 2024 22:52:34 GMT - Thu, 05 Dec 2024 22:52:33 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
85 kB (85378 bytes)
Hash
7e3e44049654b6e244c1777e68ffb8e7
8f2a8298666d607afd92a0baa362ef4dc9ccd039
4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 13 Oct 2024 18:50:11 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 85378
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 7a71d9751e54821baf2306a708fc1b1f
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

proftrafficcounter.com/stats

3.66.59.129

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
3.66.59.129:443
ASN
#16509 AMAZON-02

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
b75ad15f81703c2e4afb0e5e0916e5d1
7ff849857f0edb7fc18f66571fff45ddfc6e1f09
7588e7cee363d8cbadfe043bd51fcd1237fdba42e2d94da53bdb1675895231a1

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.file-upload.net
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 13 Oct 2024 18:50:11 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.file-upload.net
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=b14e4cca-4e71-4d4e-9500-eaa99e06704c:2:1; expires=Wed, 11 Oct 2034 18:50:11 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

3.66.59.129

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
3.66.59.129:443
ASN
#16509 AMAZON-02

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
68ece4dc6e18a4fd7307c556244792ad
c4aa5d8f61266199df00f2e8c6f8df471f63d28d
b5ded52251ff9b92be6bb13ba7485b6bf90d7412c1d1cca9108eef927779b198

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.file-upload.net
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 13 Oct 2024 18:50:11 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.file-upload.net
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=2d7ba0e0-1e95-4a0a-9c45-36bddd69a96d:1:1; expires=Wed, 11 Oct 2034 18:50:11 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

o.pki.goog/wr2

216.58.207.195

471 B

URL
o.pki.goog/wr2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
500c3328b936432620d0fc1a35596acd
2c13a91060bc245d0e6938df0dcb279763427860
6277c701159c9b1794edae502d55ac644f05d1ffdc762e01f01cadd85860dcf4

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Oct 2024 18:50:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.file-upload.net/favicon.ico

172.67.69.252

200 OK

236 kB

URL GET HTTP/2
www.file-upload.net/favicon.ico
IP
172.67.69.252:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerGoogle Trust Services
Subjectfile-upload.net
Fingerprint63:F7:CF:98:C0:B7:39:66:0D:CE:82:DB:7A:B7:0C:9C:14:19:E9:B8
ValidityThu, 12 Sep 2024 03:57:43 GMT - Wed, 11 Dec 2024 03:57:42 GMT

File type
MS Windows icon resource - 2 icons, 16x16, 32x32
Size
236 kB (236297 bytes)
Hash
f70d80eb3040b290b126d0aac3552a7b
c6e6b99d752f7335001f39af43ac35698e820fd8
f04d8029743b393491cafc284afd80b7212fdd7d60f9b681bb316546c5f7b5e8

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Cookie: PHPSESSID=husbv7nit84f76s9r86tu996iu; cookie_consent_level=%7B%22strictly-necessary%22%3Atrue%2C%22functionality%22%3Afalse%2C%22tracking%22%3Afalse%2C%22targeting%22%3Afalse%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 13 Oct 2024 18:50:12 GMT
content-type: image/vnd.microsoft.icon
last-modified: Mon, 09 Sep 2013 20:39:35 GMT
etag: W/"e36-4e5f962de8e76"
cache-control: max-age=2678400
expires: Tue, 15 Oct 2024 15:01:10 GMT
cf-cache-status: HIT
age: 2519342
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tDoGAN4vQPy8AzDsOyFguH897dszn%2FxKXtjvW3hLNMTYN6Tbz6FLRemLmboSWoMccjgYPBDVA0pVBbJ5I4aaCAM6jXXjG2zRqCahi2CMz8GNlZJ7%2By0e%2FpfkIujwUXvH3wVawgk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d2183917fea5696-OSL
content-encoding: br
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
0d5f8098c8e018e489ebde3147e44b0e
ec67f70efa588cb92866e2393064dd702e2cdd4c
df3a6a99c5db5fd88c78775faee7ca2ce0a3148601abbadddbb1fbdcc7950b35

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "DF3A6A99C5DB5FD88C78775FAEE7CA2CE0A3148601ABBADDDBB1FBDCC7950B35"
Last-Modified: Sun, 13 Oct 2024 04:26:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13743
Expires: Sun, 13 Oct 2024 22:39:15 GMT
Date: Sun, 13 Oct 2024 18:50:12 GMT
Connection: keep-alive

www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__en.js

142.250.74.99

200 OK

221 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__en.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/bframe?hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint68:2C:2F:8B:6E:2C:E2:87:F4:B9:78:87:69:F9:2B:25:59:0D:2D:5B
ValidityTue, 24 Sep 2024 03:16:33 GMT - Tue, 17 Dec 2024 03:16:32 GMT

File type
JavaScript source, ASCII text, with very long lines (617)
Size
221 kB (220951 bytes)
Hash
99210e7c2195de81c0eedf98787a69b3
7b26c66058385b60109aa6129c2161a399a6034d
5f75bfbfbf0c7cac2c87d6ca5de0661aedc188b0900b6cef5efbaea134b53302

HTTP Headers

GET /recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.file-upload.net
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 220951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 13 Oct 2024 09:50:33 GMT
expires: Mon, 13 Oct 2025 09:50:33 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Oct 2024 04:02:51 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 32379
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

216.58.207.195

471 B

URL
o.pki.goog/wr2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
500c3328b936432620d0fc1a35596acd
2c13a91060bc245d0e6938df0dcb279763427860
6277c701159c9b1794edae502d55ac644f05d1ffdc762e01f01cadd85860dcf4

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Oct 2024 18:50:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

capaciousdrewreligion.com/advertisers.js

185.196.197.71

200 OK

0 B

URL GET HTTP/1.1
capaciousdrewreligion.com/advertisers.js
IP
185.196.197.71:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
FingerprintE3:36:E7:35:50:1D:3D:F0:47:9F:E5:94:90:B5:48:C0:67:A2:2B:8A
ValidityTue, 03 Sep 2024 21:28:57 GMT - Mon, 02 Dec 2024 21:28:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 13 Oct 2024 18:50:12 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 9b8051b116e8f62b6c26116bde35bcd8
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

www.file-upload.net/images/downbutton2.gif

172.67.69.252

200 OK

5.4 kB

URL GET HTTP/2
www.file-upload.net/images/downbutton2.gif
IP
172.67.69.252:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerGoogle Trust Services
Subjectfile-upload.net
Fingerprint63:F7:CF:98:C0:B7:39:66:0D:CE:82:DB:7A:B7:0C:9C:14:19:E9:B8
ValidityThu, 12 Sep 2024 03:57:43 GMT - Wed, 11 Dec 2024 03:57:42 GMT

File type
GIF image data, version 87a, 190 x 58
Size
5.4 kB (5351 bytes)
Hash
d8d1c655831f6d65cda388ec1b5443ce
a040cbf6a35559471b4661052848ffb381225e88
4343a7a085c36c557f2dcb85f5c3c80294269a1e9d190240ec48ed1ac15d2c04

HTTP Headers

GET /images/downbutton2.gif HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Cookie: PHPSESSID=husbv7nit84f76s9r86tu996iu; cookie_consent_level=%7B%22strictly-necessary%22%3Atrue%2C%22functionality%22%3Afalse%2C%22tracking%22%3Afalse%2C%22targeting%22%3Afalse%7D; dom3ic8zudi28v8lr6fgphwffqoz0j6c=2d7ba0e0-1e95-4a0a-9c45-36bddd69a96d%3A1%3A1; sb_main_f5290245e2d0af25a9b4828613ce8328=1; sb_count_f5290245e2d0af25a9b4828613ce8328=1; pp_main_844a71fdf0e30c1b81395db55473a737=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 13 Oct 2024 18:50:12 GMT
content-type: image/gif
content-length: 5351
last-modified: Sat, 05 Apr 2014 19:43:40 GMT
etag: "14e7-4f650d9e289db"
cache-control: max-age=2678400
expires: Tue, 15 Oct 2024 15:02:18 GMT
cf-cache-status: HIT
age: 2519274
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wePrfaXcXbtgs4o9ALNQn%2BBddvWPwE25u7qYGELFkc8dPWcY1a%2Fz%2BfOYzuRlRrW%2Fzc%2Fw%2BvraN9VXdxUgXXDz6W7Q7z3TH6prCpWzqgmoynqsnM0iz2vD0RZR9buN8xNkQDuGFOM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d2183936bd25696-OSL
X-Firefox-Spdy: h2

www.google.com/recaptcha/api2/anchor?ar=1&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w&co=aHR0cHM6Ly93d3cuZmlsZS11cGxvYWQubmV0OjQ0Mw..&hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=honqu8mgwafn

142.250.74.164

200 OK

31 kB

URL GET HTTP/3
www.google.com/recaptcha/api2/anchor?ar=1&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w&co=aHR0cHM6Ly93d3cuZmlsZS11cGxvYWQubmV0OjQ0Mw..&hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=honqu8mgwafn
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint97:31:81:56:A5:B0:6A:5A:B2:B3:39:BE:36:85:FE:A0:EF:D4:DA:C1
ValidityTue, 24 Sep 2024 02:46:05 GMT - Tue, 17 Dec 2024 02:46:04 GMT

File type
gzip compressed data, max compression
Size
31 kB (31252 bytes)
Hash
83b6ef89ba53a7e987774915bb1c2dba
118c5693e6d01d7a4e86b4891323d27f8da7a3b2
aeaa50e3493a4964b8c20ce410c9cd7c18ac786b7439267635bdf0b75771ce2d

HTTP Headers

GET /recaptcha/api2/anchor?ar=1&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w&co=aHR0cHM6Ly93d3cuZmlsZS11cGxvYWQubmV0OjQ0Mw..&hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=honqu8mgwafn HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}, {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 13 Oct 2024 18:50:12 GMT
content-security-policy: script-src 'nonce-yfQO9-NRUfi2I0qn4ibrKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/styles__ltr.css

142.250.74.99

200 OK

42 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/styles__ltr.css
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w&co=aHR0cHM6Ly93d3cuZmlsZS11cGxvYWQubmV0OjQ0Mw..&hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=honqu8mgwafn
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint68:2C:2F:8B:6E:2C:E2:87:F4:B9:78:87:69:F9:2B:25:59:0D:2D:5B
ValidityTue, 24 Sep 2024 03:16:33 GMT - Tue, 17 Dec 2024 03:16:32 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
42 kB (42106 bytes)
Hash
a0ce64213f4f6193a598de1cdbaea665
fec9a873b214601198f7312bcb1bf99204014085
f0dff86310e9d08a2d80dbe68bae9367f8cd6cbd4b7d036f09b0702d035c7e8c

HTTP Headers

GET /recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 42106
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 13 Oct 2024 09:50:30 GMT
expires: Mon, 13 Oct 2025 09:50:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Oct 2024 04:02:51 GMT
content-type: text/css
vary: Accept-Encoding
age: 32382
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__en.js

142.250.74.99

200 OK

221 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__en.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/bframe?hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint68:2C:2F:8B:6E:2C:E2:87:F4:B9:78:87:69:F9:2B:25:59:0D:2D:5B
ValidityTue, 24 Sep 2024 03:16:33 GMT - Tue, 17 Dec 2024 03:16:32 GMT

File type
JavaScript source, ASCII text, with very long lines (617)
Size
221 kB (220951 bytes)
Hash
99210e7c2195de81c0eedf98787a69b3
7b26c66058385b60109aa6129c2161a399a6034d
5f75bfbfbf0c7cac2c87d6ca5de0661aedc188b0900b6cef5efbaea134b53302

HTTP Headers

GET /recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 220951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 13 Oct 2024 09:50:33 GMT
expires: Mon, 13 Oct 2025 09:50:33 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Oct 2024 04:02:51 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 32379
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
143cafab2abc2c8dff00d2db2d46b804
51fcd02ca5c0fec6a16eea86ccbe51ab6dc628f9
2436cb52ea04bc02e2614f8ee8857f89c02bcc82406262deacc312cc13053d2b

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "2436CB52EA04BC02E2614F8EE8857F89C02BCC82406262DEACC312CC13053D2B"
Last-Modified: Sun, 13 Oct 2024 09:42:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14841
Expires: Sun, 13 Oct 2024 22:57:33 GMT
Date: Sun, 13 Oct 2024 18:50:12 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
143cafab2abc2c8dff00d2db2d46b804
51fcd02ca5c0fec6a16eea86ccbe51ab6dc628f9
2436cb52ea04bc02e2614f8ee8857f89c02bcc82406262deacc312cc13053d2b

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "2436CB52EA04BC02E2614F8EE8857F89C02BCC82406262DEACC312CC13053D2B"
Last-Modified: Sun, 13 Oct 2024 09:42:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14841
Expires: Sun, 13 Oct 2024 22:57:33 GMT
Date: Sun, 13 Oct 2024 18:50:12 GMT
Connection: keep-alive

sophomorelink.com/sbar.json?key=f5290245e2d0af25a9b4828613ce8328&uuid=2d7ba0e0-1e95-4a0a-9c45-36bddd69a96d%3A1%3A1

192.243.59.12

200 OK

8.8 kB

URL GET HTTP/1.1
sophomorelink.com/sbar.json?key=f5290245e2d0af25a9b4828613ce8328&uuid=2d7ba0e0-1e95-4a0a-9c45-36bddd69a96d%3A1%3A1
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerLet's Encrypt
Subjectsophomorelink.com
Fingerprint39:A6:4A:95:83:09:44:15:59:22:8A:D5:E3:1C:65:6C:2D:17:D3:13
ValiditySat, 12 Oct 2024 10:38:27 GMT - Fri, 10 Jan 2025 10:38:26 GMT

File type
JSON text data
Size
8.8 kB (8835 bytes)
Hash
d79215718218617b6ada1119ada8ae76
b1f5919e20c01dcebd5c52f7ec71ee9c2e7325e4
e35f77454d25f4fbd38af69db87988419efa796284af1bb899464414343111b5

HTTP Headers

GET /sbar.json?key=f5290245e2d0af25a9b4828613ce8328&uuid=2d7ba0e0-1e95-4a0a-9c45-36bddd69a96d%3A1%3A1 HTTP/1.1
Host: sophomorelink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.file-upload.net
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 13 Oct 2024 18:50:12 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.file-upload.net
Access-Control-Allow-Origin: https://www.file-upload.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16026741; expires=Mon, 14 Oct 2024 18:50:12 GMT; path=/; secure; SameSite=None
uid_id2=2d7ba0e0-1e95-4a0a-9c45-36bddd69a96d:1:1; expires=Sun, 20 Oct 2024 18:50:12 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Mon, 14 Oct 2024 18:50:12 GMT; path=/; secure; SameSite=None
uncs=1; expires=Mon, 14 Oct 2024 18:50:12 GMT; path=/; secure; SameSite=None
pdhtkv29=true; expires=Mon, 14 Oct 2024 18:50:12 GMT; path=/; secure; SameSite=None
uncs29=1; expires=Mon, 14 Oct 2024 18:50:12 GMT; path=/; secure; SameSite=None
slecf5290245e2d0af25a9b4828613ce8328=[5468788,5468775]; expires=Sun, 13 Oct 2024 18:50:17 GMT; path=/; secure; SameSite=None
Host: sophomorelink.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 3e71411f1f4bf42b2e4144154a4a237c
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.131

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/bframe?hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint68:2C:2F:8B:6E:2C:E2:87:F4:B9:78:87:69:F9:2B:25:59:0D:2D:5B
ValidityTue, 24 Sep 2024 03:16:33 GMT - Tue, 17 Dec 2024 03:16:32 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Oct 2024 05:37:03 GMT
expires: Sun, 12 Oct 2025 05:37:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 133989
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.131

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/bframe?hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint68:2C:2F:8B:6E:2C:E2:87:F4:B9:78:87:69:F9:2B:25:59:0D:2D:5B
ValidityTue, 24 Sep 2024 03:16:33 GMT - Tue, 17 Dec 2024 03:16:32 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Oct 2024 17:37:36 GMT
expires: Sat, 11 Oct 2025 17:37:36 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 177156
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/recaptcha/api2/webworker.js?hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca

142.250.74.164

200 OK

221 kB

URL GET HTTP/3
www.google.com/recaptcha/api2/webworker.js?hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w&co=aHR0cHM6Ly93d3cuZmlsZS11cGxvYWQubmV0OjQ0Mw..&hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=honqu8mgwafn
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint97:31:81:56:A5:B0:6A:5A:B2:B3:39:BE:36:85:FE:A0:EF:D4:DA:C1
ValidityTue, 24 Sep 2024 02:46:05 GMT - Tue, 17 Dec 2024 02:46:04 GMT

File type
JavaScript source, ASCII text, with very long lines (617)
Size
221 kB (221068 bytes)
Hash
082cca3a5ca26f0b08fee271954e6190
2bfa2fcfbcac690d287582042c4426ac3b00da3e
20d80c76912ff11a387e406cb17b8595e9d4aec1f5698b338541d6dbaf78b201

HTTP Headers

GET /recaptcha/api2/webworker.js?hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w&co=aHR0cHM6Ly93d3cuZmlsZS11cGxvYWQubmV0OjQ0Mw..&hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=honqu8mgwafn
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}, {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
expires: Sun, 13 Oct 2024 18:50:12 GMT
date: Sun, 13 Oct 2024 18:50:12 GMT
cache-control: private, max-age=300
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: same-site
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.99

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w&co=aHR0cHM6Ly93d3cuZmlsZS11cGxvYWQubmV0OjQ0Mw..&hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=honqu8mgwafn
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint68:2C:2F:8B:6E:2C:E2:87:F4:B9:78:87:69:F9:2B:25:59:0D:2D:5B
ValidityTue, 24 Sep 2024 03:16:33 GMT - Tue, 17 Dec 2024 03:16:32 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Oct 2024 00:14:26 GMT
expires: Sat, 19 Oct 2024 00:14:26 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 153346
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/js/bg/RI3Pk2QfVraTqUQvmENYAwISRapPH8Lx3ZoW8uCkQH4.js

142.250.74.164

200 OK

7.6 kB

URL GET HTTP/3
www.google.com/js/bg/RI3Pk2QfVraTqUQvmENYAwISRapPH8Lx3ZoW8uCkQH4.js
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w&co=aHR0cHM6Ly93d3cuZmlsZS11cGxvYWQubmV0OjQ0Mw..&hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=honqu8mgwafn
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint97:31:81:56:A5:B0:6A:5A:B2:B3:39:BE:36:85:FE:A0:EF:D4:DA:C1
ValidityTue, 24 Sep 2024 02:46:05 GMT - Tue, 17 Dec 2024 02:46:04 GMT

File type
JavaScript source, ASCII text, with very long lines (18005)
Size
7.6 kB (7621 bytes)
Hash
8c81f651f7ef773443b3729ff378aa6b
e55c3c8766ba6f875b905a5f5faead610476bd4b
448dcf93641f56b693a9442f98435803021245aa4f1fc2f1dd9a16f2e0a4407e

HTTP Headers

GET /js/bg/RI3Pk2QfVraTqUQvmENYAwISRapPH8Lx3ZoW8uCkQH4.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w&co=aHR0cHM6Ly93d3cuZmlsZS11cGxvYWQubmV0OjQ0Mw..&hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=honqu8mgwafn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7621
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Oct 2024 01:37:17 GMT
expires: Sun, 12 Oct 2025 01:37:17 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 17 Sep 2024 15:00:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 148375
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

sophomorelink.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST28bxRueTfM79XegVQUHhOQDB5CIu7u21zY9VJSSEjW0VQOCG5qdmXUGj3eWmf3jmEtEAPXAwSA%2BwOZx0ghSFbghISpkV0IoElLMKUJE4jOAOCObCMMrzbzvO88z0jPPOx%2FtZqekhoyeXH9ND6RS9HKj6laee8vzrlTWZZz1K%2F1W8HZQv1Ix%2BYvtoOo%2BX7khWFdf9l3PdT3Xq6xKIyLdvzwDIZMHba%2Fadqt1v%2Bo16uib%2F%2FY2c2CpA56fkouQfLr82LkEycaIe19dF7ab6uSFV3qZoqk2yPnBG3E31kWM3qKMjIMoPjhjQ9vj1UfQ8f5cLnT%2BDzGUU%2BL88AhhfHAmEmG%2BN9cZKogYIT%2BPIh9DqDEkHYPpHUh%2BTADGces24t79W9oUdOtvlM7QKVn%2B83fIYkqWf72EuPfwmpL9yoZWWSp1bNGPSsj%2BGLIzRpJNkA6WIIsJWPo%2BJP%2BJuE%2BdR9w7fHXyTS67lVyYLiQ%2FedbnzZC6wl3xRLuxUqcuXWmzemOlFoSc86BN2wGf%2ByTlGDIaQ4khqHWQzZZ0kEUOssRBj59UmOd5TZcz6rbajNV4U4QBdz3ajDzquUELGZs9ZYg0GYKpIZjZRmK20ZWfHDcuwmTfw26WsNyBTQlyXqIQBIUlKChBIQmKlKDIy32urG%2FL%2B1zZLPTOsn%2BWa%2BVIp51duq%2FTjogJqBnC8HJPJu%2FaHbD03GgQ2ZsjHVm2m5ySC3N7%2F%2Fg4Q1ecVKKG33b9ekP43KWR36DtsN7yW4FXY6JV81uwsoS0S3MXBrNR%2Fy9FIqeE%2FPIjQjqBVRMweQE0ewa0KEE3SwziLyOpxEqWKE15NRYpuC6RpMtIt5xddUqenovYMCkEO7r62eC3Gw8vvQdmSiSmxDvyMUFH3Rvd1QXZu6sLS76%2BnaSyJwd0Nv%2BNlKbi3Bc3xVahDV%2B7boefv8RmwKx88Lqw6TqNuYw7lhxek5wLs6oNE%2BS7NfumCO9kdvNaZuIsWb%2Fz8upaLzHCWqnjMag8Zt%2BCySl5YvLB%2FGNXDz%2BENGOYrEQvOyJnAaknYMk2bLJQbzWBUQtOmDgosnJk%2FHBxqCSBEouehiXsv%2FpwUY8Mnd2msty199AxS6DpDuJeidyUyFUJqoaw2blRmpijqz%2FX5oFQLY1CZZb2QmXUp3OTZ1sHVp5UmrWaS4N2w2s2qWiGdb8VBR6n1K8HfhDQGlI77fz%2FSf5XAAAA%2F%2F9aV3YZsgQAAA%3D%3D

192.243.59.12

200 OK

7 B

URL GET HTTP/1.1
sophomorelink.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST28bxRueTfM79XegVQUHhOQDB5CIu7u21zY9VJSSEjW0VQOCG5qdmXUGj3eWmf3jmEtEAPXAwSA%2BwOZx0ghSFbghISpkV0IoElLMKUJE4jOAOCObCMMrzbzvO88z0jPPOx%2FtZqekhoyeXH9ND6RS9HKj6laee8vzrlTWZZz1K%2F1W8HZQv1Ix%2BYvtoOo%2BX7khWFdf9l3PdT3Xq6xKIyLdvzwDIZMHba%2Fadqt1v%2Bo16uib%2F%2FY2c2CpA56fkouQfLr82LkEycaIe19dF7ab6uSFV3qZoqk2yPnBG3E31kWM3qKMjIMoPjhjQ9vj1UfQ8f5cLnT%2BDzGUU%2BL88AhhfHAmEmG%2BN9cZKogYIT%2BPIh9DqDEkHYPpHUh%2BTADGces24t79W9oUdOtvlM7QKVn%2B83fIYkqWf72EuPfwmpL9yoZWWSp1bNGPSsj%2BGLIzRpJNkA6WIIsJWPo%2BJP%2BJuE%2BdR9w7fHXyTS67lVyYLiQ%2FedbnzZC6wl3xRLuxUqcuXWmzemOlFoSc86BN2wGf%2ByTlGDIaQ4khqHWQzZZ0kEUOssRBj59UmOd5TZcz6rbajNV4U4QBdz3ajDzquUELGZs9ZYg0GYKpIZjZRmK20ZWfHDcuwmTfw26WsNyBTQlyXqIQBIUlKChBIQmKlKDIy32urG%2FL%2B1zZLPTOsn%2BWa%2BVIp51duq%2FTjogJqBnC8HJPJu%2FaHbD03GgQ2ZsjHVm2m5ySC3N7%2F%2Fg4Q1ecVKKG33b9ekP43KWR36DtsN7yW4FXY6JV81uwsoS0S3MXBrNR%2Fy9FIqeE%2FPIjQjqBVRMweQE0ewa0KEE3SwziLyOpxEqWKE15NRYpuC6RpMtIt5xddUqenovYMCkEO7r62eC3Gw8vvQdmSiSmxDvyMUFH3Rvd1QXZu6sLS76%2BnaSyJwd0Nv%2BNlKbi3Bc3xVahDV%2B7boefv8RmwKx88Lqw6TqNuYw7lhxek5wLs6oNE%2BS7NfumCO9kdvNaZuIsWb%2Fz8upaLzHCWqnjMag8Zt%2BCySl5YvLB%2FGNXDz%2BENGOYrEQvOyJnAaknYMk2bLJQbzWBUQtOmDgosnJk%2FHBxqCSBEouehiXsv%2FpwUY8Mnd2msty199AxS6DpDuJeidyUyFUJqoaw2blRmpijqz%2FX5oFQLY1CZZb2QmXUp3OTZ1sHVp5UmrWaS4N2w2s2qWiGdb8VBR6n1K8HfhDQGlI77fz%2FSf5XAAAA%2F%2F9aV3YZsgQAAA%3D%3D
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerLet's Encrypt
Subjectsophomorelink.com
Fingerprint39:A6:4A:95:83:09:44:15:59:22:8A:D5:E3:1C:65:6C:2D:17:D3:13
ValiditySat, 12 Oct 2024 10:38:27 GMT - Fri, 10 Jan 2025 10:38:26 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST28bxRueTfM79XegVQUHhOQDB5CIu7u21zY9VJSSEjW0VQOCG5qdmXUGj3eWmf3jmEtEAPXAwSA%2BwOZx0ghSFbghISpkV0IoElLMKUJE4jOAOCObCMMrzbzvO88z0jPPOx%2FtZqekhoyeXH9ND6RS9HKj6laee8vzrlTWZZz1K%2F1W8HZQv1Ix%2BYvtoOo%2BX7khWFdf9l3PdT3Xq6xKIyLdvzwDIZMHba%2Fadqt1v%2Bo16uib%2F%2FY2c2CpA56fkouQfLr82LkEycaIe19dF7ab6uSFV3qZoqk2yPnBG3E31kWM3qKMjIMoPjhjQ9vj1UfQ8f5cLnT%2BDzGUU%2BL88AhhfHAmEmG%2BN9cZKogYIT%2BPIh9DqDEkHYPpHUh%2BTADGces24t79W9oUdOtvlM7QKVn%2B83fIYkqWf72EuPfwmpL9yoZWWSp1bNGPSsj%2BGLIzRpJNkA6WIIsJWPo%2BJP%2BJuE%2BdR9w7fHXyTS67lVyYLiQ%2FedbnzZC6wl3xRLuxUqcuXWmzemOlFoSc86BN2wGf%2ByTlGDIaQ4khqHWQzZZ0kEUOssRBj59UmOd5TZcz6rbajNV4U4QBdz3ajDzquUELGZs9ZYg0GYKpIZjZRmK20ZWfHDcuwmTfw26WsNyBTQlyXqIQBIUlKChBIQmKlKDIy32urG%2FL%2B1zZLPTOsn%2BWa%2BVIp51duq%2FTjogJqBnC8HJPJu%2FaHbD03GgQ2ZsjHVm2m5ySC3N7%2F%2Fg4Q1ecVKKG33b9ekP43KWR36DtsN7yW4FXY6JV81uwsoS0S3MXBrNR%2Fy9FIqeE%2FPIjQjqBVRMweQE0ewa0KEE3SwziLyOpxEqWKE15NRYpuC6RpMtIt5xddUqenovYMCkEO7r62eC3Gw8vvQdmSiSmxDvyMUFH3Rvd1QXZu6sLS76%2BnaSyJwd0Nv%2BNlKbi3Bc3xVahDV%2B7boefv8RmwKx88Lqw6TqNuYw7lhxek5wLs6oNE%2BS7NfumCO9kdvNaZuIsWb%2Fz8upaLzHCWqnjMag8Zt%2BCySl5YvLB%2FGNXDz%2BENGOYrEQvOyJnAaknYMk2bLJQbzWBUQtOmDgosnJk%2FHBxqCSBEouehiXsv%2FpwUY8Mnd2msty199AxS6DpDuJeidyUyFUJqoaw2blRmpijqz%2FX5oFQLY1CZZb2QmXUp3OTZ1sHVp5UmrWaS4N2w2s2qWiGdb8VBR6n1K8HfhDQGlI77fz%2FSf5XAAAA%2F%2F9aV3YZsgQAAA%3D%3D HTTP/1.1
Host: sophomorelink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/
Cookie: u_pl=16026741; uid_id2=2d7ba0e0-1e95-4a0a-9c45-36bddd69a96d:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecf5290245e2d0af25a9b4828613ce8328=[5468788,5468775]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 13 Oct 2024 18:50:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: sophomorelink.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 22cb2f89aabd3bce0d7ff5cedddbeb78
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

sophomorelink.com/pixel/sbls?bv=24.36.3797&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F24%2F67%2Fcb%2F2467cbf00a2e2607271499188f54e4c3%2F1652872257.html&l=1289&fd=248

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
sophomorelink.com/pixel/sbls?bv=24.36.3797&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F24%2F67%2Fcb%2F2467cbf00a2e2607271499188f54e4c3%2F1652872257.html&l=1289&fd=248
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerLet's Encrypt
Subjectsophomorelink.com
Fingerprint39:A6:4A:95:83:09:44:15:59:22:8A:D5:E3:1C:65:6C:2D:17:D3:13
ValiditySat, 12 Oct 2024 10:38:27 GMT - Fri, 10 Jan 2025 10:38:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbls?bv=24.36.3797&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F24%2F67%2Fcb%2F2467cbf00a2e2607271499188f54e4c3%2F1652872257.html&l=1289&fd=248 HTTP/1.1
Host: sophomorelink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/
Cookie: u_pl=16026741; uid_id2=2d7ba0e0-1e95-4a0a-9c45-36bddd69a96d:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecf5290245e2d0af25a9b4828613ce8328=[5468788,5468775]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 13 Oct 2024 18:50:13 GMT
Content-Length: 0
Connection: keep-alive
Host: sophomorelink.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
2f2f1961d4b76f3d9f8c23756606561f
94d486d1b5b047b5beefe7bc6720ad1662cbd038
93a2b9fdb5b0249d3e716b4aff984e094bc134b3fb3ed8647b472ea217d3e828

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "93A2B9FDB5B0249D3E716B4AFF984E094BC134B3FB3ED8647B472EA217D3E828"
Last-Modified: Fri, 11 Oct 2024 05:01:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7283
Expires: Sun, 13 Oct 2024 20:51:36 GMT
Date: Sun, 13 Oct 2024 18:50:13 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
2f2f1961d4b76f3d9f8c23756606561f
94d486d1b5b047b5beefe7bc6720ad1662cbd038
93a2b9fdb5b0249d3e716b4aff984e094bc134b3fb3ed8647b472ea217d3e828

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "93A2B9FDB5B0249D3E716B4AFF984E094BC134B3FB3ED8647B472EA217D3E828"
Last-Modified: Fri, 11 Oct 2024 05:01:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7283
Expires: Sun, 13 Oct 2024 20:51:36 GMT
Date: Sun, 13 Oct 2024 18:50:13 GMT
Connection: keep-alive

www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/styles__ltr.css

142.250.74.99

200 OK

42 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/styles__ltr.css
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w&co=aHR0cHM6Ly93d3cuZmlsZS11cGxvYWQubmV0OjQ0Mw..&hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=honqu8mgwafn
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint68:2C:2F:8B:6E:2C:E2:87:F4:B9:78:87:69:F9:2B:25:59:0D:2D:5B
ValidityTue, 24 Sep 2024 03:16:33 GMT - Tue, 17 Dec 2024 03:16:32 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
42 kB (42106 bytes)
Hash
a0ce64213f4f6193a598de1cdbaea665
fec9a873b214601198f7312bcb1bf99204014085
f0dff86310e9d08a2d80dbe68bae9367f8cd6cbd4b7d036f09b0702d035c7e8c

HTTP Headers

GET /recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 42106
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 13 Oct 2024 09:50:30 GMT
expires: Mon, 13 Oct 2025 09:50:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Oct 2024 04:02:51 GMT
content-type: text/css
vary: Accept-Encoding
age: 32383
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__en.js

142.250.74.99

200 OK

221 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__en.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/bframe?hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint68:2C:2F:8B:6E:2C:E2:87:F4:B9:78:87:69:F9:2B:25:59:0D:2D:5B
ValidityTue, 24 Sep 2024 03:16:33 GMT - Tue, 17 Dec 2024 03:16:32 GMT

File type
JavaScript source, ASCII text, with very long lines (617)
Size
221 kB (220951 bytes)
Hash
99210e7c2195de81c0eedf98787a69b3
7b26c66058385b60109aa6129c2161a399a6034d
5f75bfbfbf0c7cac2c87d6ca5de0661aedc188b0900b6cef5efbaea134b53302

HTTP Headers

GET /recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 220951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 13 Oct 2024 09:50:33 GMT
expires: Mon, 13 Oct 2025 09:50:33 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Oct 2024 04:02:51 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 32380
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
8d499e3cc656ca9b5a2fa3806885be44
678a27a8dc42d8253e06024b80c350e53d693554
c1d599b67d5d55046918daf4560cccb8d6d84f4b11cdfb45bde3efadd26a336e

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C1D599B67D5D55046918DAF4560CCCB8D6D84F4B11CDFB45BDE3EFADD26A336E"
Last-Modified: Sun, 13 Oct 2024 04:04:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13765
Expires: Sun, 13 Oct 2024 22:39:38 GMT
Date: Sun, 13 Oct 2024 18:50:13 GMT
Connection: keep-alive

sophomorelink.com/pixel/sbls?bv=24.36.3797&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Fvpn%2Fdefault%2Fus%2Fios-widget%2Fwhite-big%2Fnew%2F2%2Fjs%2Fscript.js&l=652&fd=175

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
sophomorelink.com/pixel/sbls?bv=24.36.3797&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Fvpn%2Fdefault%2Fus%2Fios-widget%2Fwhite-big%2Fnew%2F2%2Fjs%2Fscript.js&l=652&fd=175
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerLet's Encrypt
Subjectsophomorelink.com
Fingerprint39:A6:4A:95:83:09:44:15:59:22:8A:D5:E3:1C:65:6C:2D:17:D3:13
ValiditySat, 12 Oct 2024 10:38:27 GMT - Fri, 10 Jan 2025 10:38:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbls?bv=24.36.3797&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Fvpn%2Fdefault%2Fus%2Fios-widget%2Fwhite-big%2Fnew%2F2%2Fjs%2Fscript.js&l=652&fd=175 HTTP/1.1
Host: sophomorelink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/
Cookie: u_pl=16026741; uid_id2=2d7ba0e0-1e95-4a0a-9c45-36bddd69a96d:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecf5290245e2d0af25a9b4828613ce8328=[5468788,5468775]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 13 Oct 2024 18:50:13 GMT
Content-Length: 0
Connection: keep-alive
Host: sophomorelink.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.storageimagedisplay.com/si/633a54cd8f3fc821e0d6c2893b1b6dfa723ad25ba16a712815cddf69ab258b7a.png

45.133.44.2

200 OK

18 kB

URL GET HTTP/2
cdn.storageimagedisplay.com/si/633a54cd8f3fc821e0d6c2893b1b6dfa723ad25ba16a712815cddf69ab258b7a.png
IP
45.133.44.2:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
Fingerprint35:34:7E:96:D3:74:A9:D9:1F:BE:9D:7C:A7:EF:B0:88:78:CB:82:36
ValidityFri, 13 Sep 2024 11:57:48 GMT - Thu, 12 Dec 2024 11:57:47 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3
Size
18 kB (17660 bytes)
Hash
e70e25c20ea3347dbbd220082282bb67
f979f6309b2b76948028d097f29a6479971b6434
849ac1134d6f91b30babc8dee4177b320dda83ed201dc4127f83528f7ead272a

HTTP Headers

GET /si/633a54cd8f3fc821e0d6c2893b1b6dfa723ad25ba16a712815cddf69ab258b7a.png HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 13 Oct 2024 18:50:13 GMT
content-type: image/png
content-length: 17660
server: nginx/1.21.6
last-modified: Tue, 13 Aug 2024 14:58:48 GMT
etag: "66bb74a8-44fc"
expires: Tue, 15 Oct 2024 18:50:13 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
x-cdn-host-id: ah0543
accept-ranges: bytes
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=2d7ba0e0-1e95-4a0a-9c45-36bddd69a96d&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=844a71fdf0e30c1b81395db55473a737&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18

192.243.59.20

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=2d7ba0e0-1e95-4a0a-9c45-36bddd69a96d&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=844a71fdf0e30c1b81395db55473a737&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintF0:98:AC:22:06:CC:50:D7:62:08:A2:F7:67:3A:D3:8D:DA:4B:FE:E6
ValidityThu, 19 Sep 2024 04:18:43 GMT - Wed, 18 Dec 2024 04:18:42 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=2d7ba0e0-1e95-4a0a-9c45-36bddd69a96d&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=844a71fdf0e30c1b81395db55473a737&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 13 Oct 2024 18:50:13 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: unseenreport.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: cd1357e8ad8a8becfd347904504d8317
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=2d7ba0e0-1e95-4a0a-9c45-36bddd69a96d&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f5290245e2d0af25a9b4828613ce8328&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18

192.243.59.20

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=2d7ba0e0-1e95-4a0a-9c45-36bddd69a96d&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f5290245e2d0af25a9b4828613ce8328&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintF0:98:AC:22:06:CC:50:D7:62:08:A2:F7:67:3A:D3:8D:DA:4B:FE:E6
ValidityThu, 19 Sep 2024 04:18:43 GMT - Wed, 18 Dec 2024 04:18:42 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=2d7ba0e0-1e95-4a0a-9c45-36bddd69a96d&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f5290245e2d0af25a9b4828613ce8328&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 13 Oct 2024 18:50:13 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: unseenreport.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: fc41f07fe459e15dd6d83bcfcdd4eb24
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

www.google.com/js/bg/RI3Pk2QfVraTqUQvmENYAwISRapPH8Lx3ZoW8uCkQH4.js

142.250.74.164

200 OK

7.6 kB

URL GET HTTP/3
www.google.com/js/bg/RI3Pk2QfVraTqUQvmENYAwISRapPH8Lx3ZoW8uCkQH4.js
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w&co=aHR0cHM6Ly93d3cuZmlsZS11cGxvYWQubmV0OjQ0Mw..&hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=honqu8mgwafn
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint97:31:81:56:A5:B0:6A:5A:B2:B3:39:BE:36:85:FE:A0:EF:D4:DA:C1
ValidityTue, 24 Sep 2024 02:46:05 GMT - Tue, 17 Dec 2024 02:46:04 GMT

File type
JavaScript source, ASCII text, with very long lines (18005)
Size
7.6 kB (7621 bytes)
Hash
8c81f651f7ef773443b3729ff378aa6b
e55c3c8766ba6f875b905a5f5faead610476bd4b
448dcf93641f56b693a9442f98435803021245aa4f1fc2f1dd9a16f2e0a4407e

HTTP Headers

GET /js/bg/RI3Pk2QfVraTqUQvmENYAwISRapPH8Lx3ZoW8uCkQH4.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7621
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Oct 2024 01:37:17 GMT
expires: Sun, 12 Oct 2025 01:37:17 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 17 Sep 2024 15:00:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 148376
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.131

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/bframe?hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint68:2C:2F:8B:6E:2C:E2:87:F4:B9:78:87:69:F9:2B:25:59:0D:2D:5B
ValidityTue, 24 Sep 2024 03:16:33 GMT - Tue, 17 Dec 2024 03:16:32 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Oct 2024 05:37:03 GMT
expires: Sun, 12 Oct 2025 05:37:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 133990
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.show-sb.com/sb/au/24/67/cb/2467cbf00a2e2607271499188f54e4c3/1652872257.html

172.67.170.115

200 OK

16 kB

URL GET HTTP/2
cdn.show-sb.com/sb/au/24/67/cb/2467cbf00a2e2607271499188f54e4c3/1652872257.html
IP
172.67.170.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerGoogle Trust Services
Subjectshow-sb.com
Fingerprint5C:AC:AB:52:E9:2A:90:AC:2F:C2:14:81:74:2F:99:FA:09:9C:99:2B
ValidityTue, 20 Aug 2024 17:52:01 GMT - Mon, 18 Nov 2024 17:52:00 GMT

File type
HTML document, ASCII text
Size
16 kB (15925 bytes)
Hash
dc6aea80a194f073fdfd35c8193935c7
e0c4b87cd38660495c1dd1947023b089622c70e2
edfb4f242788d21590e24fe998eb531408c7e508c929241057829b21d726bd16

HTTP Headers

GET /sb/au/24/67/cb/2467cbf00a2e2607271499188f54e4c3/1652872257.html HTTP/1.1
Host: cdn.show-sb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.file-upload.net
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 13 Oct 2024 18:50:13 GMT
content-type: text/html
last-modified: Wed, 18 May 2022 11:11:01 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: DYNAMIC
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lkw33j0OcK8CYGGFKprtdqHVFDoN7fNEg1HUex3Ck2FcuTEAVt9jWNEnLG0ADwDWUw2dlA8%2BBE1AIX8csScxpFDcR%2BTOx%2FQW%2FpG9j3u6rjcAX2cTR%2F36NVrfKroMCwTQYf0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8d218397e9feb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

sophomorelink.com/pixel/sbls?bv=24.36.3797&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Fvpn%2Fdefault%2Fus%2Fios-widget%2Fwhite-big%2Fnew%2F2%2Fcss%2Fanimate.css&l=79255&fd=525

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
sophomorelink.com/pixel/sbls?bv=24.36.3797&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Fvpn%2Fdefault%2Fus%2Fios-widget%2Fwhite-big%2Fnew%2F2%2Fcss%2Fanimate.css&l=79255&fd=525
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerLet's Encrypt
Subjectsophomorelink.com
Fingerprint39:A6:4A:95:83:09:44:15:59:22:8A:D5:E3:1C:65:6C:2D:17:D3:13
ValiditySat, 12 Oct 2024 10:38:27 GMT - Fri, 10 Jan 2025 10:38:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbls?bv=24.36.3797&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Fvpn%2Fdefault%2Fus%2Fios-widget%2Fwhite-big%2Fnew%2F2%2Fcss%2Fanimate.css&l=79255&fd=525 HTTP/1.1
Host: sophomorelink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/
Cookie: u_pl=16026741; uid_id2=2d7ba0e0-1e95-4a0a-9c45-36bddd69a96d:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecf5290245e2d0af25a9b4828613ce8328=[5468788,5468775]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 13 Oct 2024 18:50:13 GMT
Content-Length: 0
Connection: keep-alive
Host: sophomorelink.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

www.gstatic.com/recaptcha/api2/refresh_2x.png

142.250.74.99

200 OK

600 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/refresh_2x.png
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/bframe?hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint68:2C:2F:8B:6E:2C:E2:87:F4:B9:78:87:69:F9:2B:25:59:0D:2D:5B
ValidityTue, 24 Sep 2024 03:16:33 GMT - Tue, 17 Dec 2024 03:16:32 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
Size
600 B (600 bytes)
Hash
0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

HTTP Headers

GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Oct 2024 12:24:06 GMT
expires: Fri, 18 Oct 2024 12:24:06 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 195967
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/audio_2x.png

142.250.74.99

200 OK

530 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/audio_2x.png
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/bframe?hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint68:2C:2F:8B:6E:2C:E2:87:F4:B9:78:87:69:F9:2B:25:59:0D:2D:5B
ValidityTue, 24 Sep 2024 03:16:33 GMT - Tue, 17 Dec 2024 03:16:32 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
Size
530 B (530 bytes)
Hash
88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

HTTP Headers

GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Oct 2024 05:27:15 GMT
expires: Sat, 19 Oct 2024 05:27:15 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 134578
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/info_2x.png

142.250.74.99

200 OK

665 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/info_2x.png
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/bframe?hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint68:2C:2F:8B:6E:2C:E2:87:F4:B9:78:87:69:F9:2B:25:59:0D:2D:5B
ValidityTue, 24 Sep 2024 03:16:33 GMT - Tue, 17 Dec 2024 03:16:32 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
Size
665 B (665 bytes)
Hash
07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

HTTP Headers

GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Oct 2024 16:10:14 GMT
expires: Fri, 18 Oct 2024 16:10:14 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 182399
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

sophomorelink.com/pixel/sbls?bv=24.36.3797&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Fvpn%2Fdefault%2Fus%2Fios-widget%2Fwhite-big%2Fnew%2F2%2Fcss%2Fstyle.css&l=4675&fd=528

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
sophomorelink.com/pixel/sbls?bv=24.36.3797&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Fvpn%2Fdefault%2Fus%2Fios-widget%2Fwhite-big%2Fnew%2F2%2Fcss%2Fstyle.css&l=4675&fd=528
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerLet's Encrypt
Subjectsophomorelink.com
Fingerprint39:A6:4A:95:83:09:44:15:59:22:8A:D5:E3:1C:65:6C:2D:17:D3:13
ValiditySat, 12 Oct 2024 10:38:27 GMT - Fri, 10 Jan 2025 10:38:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbls?bv=24.36.3797&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Fvpn%2Fdefault%2Fus%2Fios-widget%2Fwhite-big%2Fnew%2F2%2Fcss%2Fstyle.css&l=4675&fd=528 HTTP/1.1
Host: sophomorelink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/
Cookie: u_pl=16026741; uid_id2=2d7ba0e0-1e95-4a0a-9c45-36bddd69a96d:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecf5290245e2d0af25a9b4828613ce8328=[5468788,5468775]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 13 Oct 2024 18:50:14 GMT
Content-Length: 0
Connection: keep-alive
Host: sophomorelink.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

sophomorelink.com/pixel/sbs?c=1

192.243.61.225

200 OK

0 B

URL GET HTTP/1.1
sophomorelink.com/pixel/sbs?c=1
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerLet's Encrypt
Subjectsophomorelink.com
Fingerprint39:A6:4A:95:83:09:44:15:59:22:8A:D5:E3:1C:65:6C:2D:17:D3:13
ValiditySat, 12 Oct 2024 10:38:27 GMT - Fri, 10 Jan 2025 10:38:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: sophomorelink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/
Cookie: u_pl=16026741; uid_id2=2d7ba0e0-1e95-4a0a-9c45-36bddd69a96d:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecf5290245e2d0af25a9b4828613ce8328=[5468788,5468775]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 13 Oct 2024 18:50:14 GMT
Content-Length: 0
Connection: keep-alive
Host: sophomorelink.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

sophomorelink.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzYtcxRetN5nfKr%2BFCUEXIvTChYLTee%2F1t1kEY5wYEpOQKLqT%2BnqdsqtfPaveR0%2B7GRyVLFy04h%2Fw5vRMBp0QdSeIQboDIgPCtKtBHPBvUFxLt4OtF6ruvXVOwalz66Pt7JjUkNGjy6%2BZodKanm9U%2FcpzbwXBhcp1FWeDyqDdfLtZv1Cx%2BYudZtV%2FvnJF8p45H%2FqB7wd%2BUFlXVkZmcH4OQiUPOkG141frYTVo1DGw%2F%2B1d5sFRDyI%2FJmehxGz1sXcOik8Q97%2B6LF0vNckLr%2FQzTVNjkYu9N%2BJebIoY%2FWUZWQ9RvHfChnGH649g4t2FXJj8HyJTM%2BL98Ags3jsRCZbvLHQyDRmDidMo8gmknkDRCbjZghKHBOACN24i7t%2B%2FYWxBN%2F5G6RydkdU%2Ff4cqZmT113OI%2Bw8vaTWo3DE6S5WJHQZRCTWYQHUnSLIp0uEKVDEFT9%2BHEj8R%2F6nTiPv7r06%2FyVWvkkvbgxJHz4aixagv%2FbVAdhprderTtQ6vN9ZqTSaEaHZopykWPik1gYom0HIE6jxk86U8ZJGHLPHQF0cVHgRByxec%2Bu0O5zXRkqwp%2FIC2ooAGfrONjM%2BfMkKajMD1CNxuIrGb6KlPDhtnYbPv4e6WcMKDSwlyUaKQBIUjKChBoQiKlKDIy12hXejK%2B0K7jAUnOTzJtXJs0u423TVpV8YE1I5gRbmjknfdFnh6ajyM3LWxiRzfTo7JmYW9f3ycoSePKlEj7PhhvSFD4dMobNAOq7fDdjOocdmuhW04VUK5lYULw%2Fmo%2F5ciUTNCfvkRjE7h9BRcnQHNngEtStC7JYbxl5HSci1LtKGiGssUwpRI0lWkG962PiZPL0TcsSkkP7j42fC3Kw%2FPvQduSyS2xDvqMUFX3xvfNgXZuW0KR76%2BmaSqr4Z0Pv87KU3lqS%2BuyY3CWHH1sht9%2FhKfA%2FPywevSpddpLFTcdWT%2FkhJC2nVjuSTfXXVvSnYrc3cvZTbOkuu3Xl6%2F2k%2BsdE6ZeAKqDvm34GpGnph%2BsPjY1f0PoewENivRzw7ISUCZKXiyCZcs1TtDYPWSwxIPRVaObciWh1oRaLnsKSvh%2FtWzZT22dH6bqnLb3UPXroCmW4j7JXJbItclqB7BZafGaWIPLv5cWwSYXhkzbVd2mLb604XJ860Lp44qNV%2B0mIxki8l6ox5JLlijwXwecVYT7TZH6mbd%2Fz8p%2FgoAAP%2F%2F2oOj8bIEAAA%3D

192.243.59.12

200 OK

7 B

URL GET HTTP/1.1
sophomorelink.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzYtcxRetN5nfKr%2BFCUEXIvTChYLTee%2F1t1kEY5wYEpOQKLqT%2BnqdsqtfPaveR0%2B7GRyVLFy04h%2Fw5vRMBp0QdSeIQboDIgPCtKtBHPBvUFxLt4OtF6ruvXVOwalz66Pt7JjUkNGjy6%2BZodKanm9U%2FcpzbwXBhcp1FWeDyqDdfLtZv1Cx%2BYudZtV%2FvnJF8p45H%2FqB7wd%2BUFlXVkZmcH4OQiUPOkG141frYTVo1DGw%2F%2B1d5sFRDyI%2FJmehxGz1sXcOik8Q97%2B6LF0vNckLr%2FQzTVNjkYu9N%2BJebIoY%2FWUZWQ9RvHfChnGH649g4t2FXJj8HyJTM%2BL98Ags3jsRCZbvLHQyDRmDidMo8gmknkDRCbjZghKHBOACN24i7t%2B%2FYWxBN%2F5G6RydkdU%2Ff4cqZmT113OI%2Bw8vaTWo3DE6S5WJHQZRCTWYQHUnSLIp0uEKVDEFT9%2BHEj8R%2F6nTiPv7r06%2FyVWvkkvbgxJHz4aixagv%2FbVAdhprderTtQ6vN9ZqTSaEaHZopykWPik1gYom0HIE6jxk86U8ZJGHLPHQF0cVHgRByxec%2Bu0O5zXRkqwp%2FIC2ooAGfrONjM%2BfMkKajMD1CNxuIrGb6KlPDhtnYbPv4e6WcMKDSwlyUaKQBIUjKChBoQiKlKDIy12hXejK%2B0K7jAUnOTzJtXJs0u423TVpV8YE1I5gRbmjknfdFnh6ajyM3LWxiRzfTo7JmYW9f3ycoSePKlEj7PhhvSFD4dMobNAOq7fDdjOocdmuhW04VUK5lYULw%2Fmo%2F5ciUTNCfvkRjE7h9BRcnQHNngEtStC7JYbxl5HSci1LtKGiGssUwpRI0lWkG962PiZPL0TcsSkkP7j42fC3Kw%2FPvQduSyS2xDvqMUFX3xvfNgXZuW0KR76%2BmaSqr4Z0Pv87KU3lqS%2BuyY3CWHH1sht9%2FhKfA%2FPywevSpddpLFTcdWT%2FkhJC2nVjuSTfXXVvSnYrc3cvZTbOkuu3Xl6%2F2k%2BsdE6ZeAKqDvm34GpGnph%2BsPjY1f0PoewENivRzw7ISUCZKXiyCZcs1TtDYPWSwxIPRVaObciWh1oRaLnsKSvh%2FtWzZT22dH6bqnLb3UPXroCmW4j7JXJbItclqB7BZafGaWIPLv5cWwSYXhkzbVd2mLb604XJ860Lp44qNV%2B0mIxki8l6ox5JLlijwXwecVYT7TZH6mbd%2Fz8p%2FgoAAP%2F%2F2oOj8bIEAAA%3D
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerLet's Encrypt
Subjectsophomorelink.com
Fingerprint39:A6:4A:95:83:09:44:15:59:22:8A:D5:E3:1C:65:6C:2D:17:D3:13
ValiditySat, 12 Oct 2024 10:38:27 GMT - Fri, 10 Jan 2025 10:38:26 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzYtcxRetN5nfKr%2BFCUEXIvTChYLTee%2F1t1kEY5wYEpOQKLqT%2BnqdsqtfPaveR0%2B7GRyVLFy04h%2Fw5vRMBp0QdSeIQboDIgPCtKtBHPBvUFxLt4OtF6ruvXVOwalz66Pt7JjUkNGjy6%2BZodKanm9U%2FcpzbwXBhcp1FWeDyqDdfLtZv1Cx%2BYudZtV%2FvnJF8p45H%2FqB7wd%2BUFlXVkZmcH4OQiUPOkG141frYTVo1DGw%2F%2B1d5sFRDyI%2FJmehxGz1sXcOik8Q97%2B6LF0vNckLr%2FQzTVNjkYu9N%2BJebIoY%2FWUZWQ9RvHfChnGH649g4t2FXJj8HyJTM%2BL98Ags3jsRCZbvLHQyDRmDidMo8gmknkDRCbjZghKHBOACN24i7t%2B%2FYWxBN%2F5G6RydkdU%2Ff4cqZmT113OI%2Bw8vaTWo3DE6S5WJHQZRCTWYQHUnSLIp0uEKVDEFT9%2BHEj8R%2F6nTiPv7r06%2FyVWvkkvbgxJHz4aixagv%2FbVAdhprderTtQ6vN9ZqTSaEaHZopykWPik1gYom0HIE6jxk86U8ZJGHLPHQF0cVHgRByxec%2Bu0O5zXRkqwp%2FIC2ooAGfrONjM%2BfMkKajMD1CNxuIrGb6KlPDhtnYbPv4e6WcMKDSwlyUaKQBIUjKChBoQiKlKDIy12hXejK%2B0K7jAUnOTzJtXJs0u423TVpV8YE1I5gRbmjknfdFnh6ajyM3LWxiRzfTo7JmYW9f3ycoSePKlEj7PhhvSFD4dMobNAOq7fDdjOocdmuhW04VUK5lYULw%2Fmo%2F5ciUTNCfvkRjE7h9BRcnQHNngEtStC7JYbxl5HSci1LtKGiGssUwpRI0lWkG962PiZPL0TcsSkkP7j42fC3Kw%2FPvQduSyS2xDvqMUFX3xvfNgXZuW0KR76%2BmaSqr4Z0Pv87KU3lqS%2BuyY3CWHH1sht9%2FhKfA%2FPywevSpddpLFTcdWT%2FkhJC2nVjuSTfXXVvSnYrc3cvZTbOkuu3Xl6%2F2k%2BsdE6ZeAKqDvm34GpGnph%2BsPjY1f0PoewENivRzw7ISUCZKXiyCZcs1TtDYPWSwxIPRVaObciWh1oRaLnsKSvh%2FtWzZT22dH6bqnLb3UPXroCmW4j7JXJbItclqB7BZafGaWIPLv5cWwSYXhkzbVd2mLb604XJ860Lp44qNV%2B0mIxki8l6ox5JLlijwXwecVYT7TZH6mbd%2Fz8p%2FgoAAP%2F%2F2oOj8bIEAAA%3D HTTP/1.1
Host: sophomorelink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/
Cookie: u_pl=16026741; uid_id2=2d7ba0e0-1e95-4a0a-9c45-36bddd69a96d:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecf5290245e2d0af25a9b4828613ce8328=[5468788,5468775]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 13 Oct 2024 18:50:14 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: sophomorelink.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: c6a7402690a9c040e43fa484ceb5c773
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.creative-stat1.com/sb/ssp/vpn/default/us/ios-widget/white-big/new/2/img/close.svg

172.67.133.15

200 OK

7.4 kB

URL GET HTTP/2
cdn.creative-stat1.com/sb/ssp/vpn/default/us/ios-widget/white-big/new/2/img/close.svg
IP
172.67.133.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintF8:81:29:04:51:9E:EB:84:A7:36:0A:98:7D:E7:09:9D:A2:5D:A7:79
ValidityTue, 20 Aug 2024 16:31:08 GMT - Mon, 18 Nov 2024 16:31:07 GMT

File type
SVG Scalable Vector Graphics image
Size
7.4 kB (7388 bytes)
Hash
318ce0708c8fb77ce8572a56ccb054ed
447458594e2f1bacfceb12f50815fc99b69208b4
41bdefe14df63ac72c062e5514a13845cfaca3ffc0180dc2e59bfa50ca60f31f

HTTP Headers

GET /sb/ssp/vpn/default/us/ios-widget/white-big/new/2/img/close.svg HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 13 Oct 2024 18:50:13 GMT
content-type: image/svg+xml
last-modified: Thu, 14 Apr 2022 10:26:51 GMT
etag: W/"6257f6eb-30e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 376902
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MFMyyZiLS6aSXTL6N6h5t6qAbXuyqPeN0UV9cOqD0sQ%2BqZY%2BUw5TMYJ22EiAEq5at679SpyQxn1wtElYTpqDNMA2R9ZhrbTMbqgG0Azj9jp0vROiYRKAuUcrd6wcy3MsOGNLGqFRLxT9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d21839a489a5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

444 B

URL
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
XML 1.0 document, ASCII text, with very long lines (332)
Size
444 B (444 bytes)
Hash
3b324dec137a87ef7e24a30a65b13dd0
c0faa95b2f1018e264b3a14aaf50d1003e6c27b3
6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463

HTTP Headers

GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/202402/aus.content-signature.mozilla.org-2024-11-22-13-24-38.chain; p384ecdsa=OswPsgmlcbnWX8YVZZVvvPGUPbqGofvrEcDyg4j2p0A0ZN5f5z05R5Cs1uFCIrimQWAvcejPDmlYadDX_OTB9DwH0luvf__D4DfHVtJ9n95qFx18WvyNrhz5B6UQ8lfb
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Sun, 13 Oct 2024 18:49:50 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 39
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

cdn.creative-stat1.com/sb/ssp/vpn/default/us/ios-widget/white-big/new/2/css/style.css

172.67.133.15

200 OK

4.7 kB

URL GET HTTP/2
cdn.creative-stat1.com/sb/ssp/vpn/default/us/ios-widget/white-big/new/2/css/style.css
IP
172.67.133.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintF8:81:29:04:51:9E:EB:84:A7:36:0A:98:7D:E7:09:9D:A2:5D:A7:79
ValidityTue, 20 Aug 2024 16:31:08 GMT - Mon, 18 Nov 2024 16:31:07 GMT

File type
ASCII text, with very long lines (4959), with no line terminators
Size
4.7 kB (4675 bytes)
Hash
6bea9df542e8675ec9edc696c2fc35c2
f766e5b7d736d5dafc5a5f86b44551551f58e49b
d1380ba9d334a04373b6f6f54997beb7def4b3330ab6c8c14c10ffd1236e3c4c

HTTP Headers

GET /sb/ssp/vpn/default/us/ios-widget/white-big/new/2/css/style.css HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.file-upload.net
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 13 Oct 2024 18:50:13 GMT
content-type: text/css
last-modified: Wed, 17 Jan 2024 13:13:23 GMT
etag: W/"65a7d273-1243"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lmT%2B3dtKaicw5JJRmINnL81WNFGbMGV%2BAubXg4wGFtwN%2B8CQq0MCdA1fz7h0Vyo3pwDm00TJXobU9myZQ3L2kz5fIpd3N3UgpqCJhh6%2ByY8aZrvL5mBl6DxsVxLoI%2BCk%2BGG9ypCElLn5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d2183997eb75689-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.google.com/recaptcha/api.js

142.250.74.164

200 OK

870 B

URL GET HTTP/2
www.google.com/recaptcha/api.js
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerGoogle Trust Services
Subjectwww.google.com
FingerprintB4:8A:E4:B7:38:2B:9A:02:61:69:6D:98:F4:E4:9F:EB:E9:90:EC:32
ValidityTue, 24 Sep 2024 03:18:37 GMT - Tue, 17 Dec 2024 03:18:36 GMT

File type
JavaScript source, ASCII text, with very long lines (870), with no line terminators
Size
870 B (870 bytes)
Hash
0f193e774135c524efc628d561555bb5
db82d62c0536579d3bbd770064543fe041e5e6c9
201beb2da2d2460893d75c7f140c73eefcf24e10e822df826788e72a04bf8b3a

HTTP Headers

GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Sun, 13 Oct 2024 18:50:11 GMT
date: Sun, 13 Oct 2024 18:50:11 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/recaptcha/api2/reload?k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w

142.250.74.164

200 OK

19 kB

URL POST HTTP/3
www.google.com/recaptcha/api2/reload?k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/bframe?hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint97:31:81:56:A5:B0:6A:5A:B2:B3:39:BE:36:85:FE:A0:EF:D4:DA:C1
ValidityTue, 24 Sep 2024 02:46:05 GMT - Tue, 17 Dec 2024 02:46:04 GMT

File type
ASCII text, with very long lines (19051)
Size
19 kB (19056 bytes)
Hash
9f9c2ac7790bf966287936045e47448b
5eefe99a8d42d93ad1e313f8c4bf08d21f50b2d1
0213e463c52b4eb05be67d90b3380f34d9650255cc4afdca86814528c2e2b7f4

HTTP Headers

POST /recaptcha/api2/reload?k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 7256
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: same-site
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
content-encoding: gzip
date: Sun, 13 Oct 2024 18:50:13 GMT
server: ESF
cache-control: private
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: _GRECAPTCHA=09AGteOyqClssJEOxykCp8tNJGZp3oKZPpUuv6isvJWlCrbG6ZgFknehgyh3VoCvbqbmtHg7QCULYLwJbbGyWWZG8; Expires=Fri, 11-Apr-2025 18:50:13 GMT; Path=/recaptcha; Secure; HttpOnly; Priority=HIGH; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 13 Oct 2024 18:50:13 GMT

www.file-upload.net/download-13050359/KillaHackz.ahk.html

172.67.69.252

200 OK

12 kB

URL User Request GET HTTP/2
www.file-upload.net/download-13050359/KillaHackz.ahk.html
IP
172.67.69.252:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectfile-upload.net
Fingerprint63:F7:CF:98:C0:B7:39:66:0D:CE:82:DB:7A:B7:0C:9C:14:19:E9:B8
ValidityThu, 12 Sep 2024 03:57:43 GMT - Wed, 11 Dec 2024 03:57:42 GMT

File type

Size
12 kB (12146 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /download-13050359/KillaHackz.ahk.html HTTP/1.1
Host: www.file-upload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 13 Oct 2024 18:50:10 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=husbv7nit84f76s9r86tu996iu; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dg%2FOYv%2FEMroGv56uF%2Fga4F5R60VtgHjbO%2FMe%2FJu2j%2B1BWpnHx9bHVntnvPexcUiSwaRaM%2BDtYsKxhDAC0gjB98b2CDUAuHaTBYC9sg3bGyJkLen%2BK9knnJIlSZzMsPkPFSGts%2B0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d2183891f2c5696-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.google.com/recaptcha/api2/bframe?hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w

142.250.74.164

200 OK

7.7 kB

URL GET HTTP/3
www.google.com/recaptcha/api2/bframe?hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint97:31:81:56:A5:B0:6A:5A:B2:B3:39:BE:36:85:FE:A0:EF:D4:DA:C1
ValidityTue, 24 Sep 2024 02:46:05 GMT - Tue, 17 Dec 2024 02:46:04 GMT

File type
HTML document, ASCII text, with very long lines (7931), with no line terminators
Size
7.7 kB (7700 bytes)
Hash
ed27b87a8e78237264cde19842cf1b98
762cf054a5c73c6a52abbd76081e6366f43dbae9
f147001db9169f3c43cccbf7c87e24b35dd765d648023e4302dc43d3e7d58f92

HTTP Headers

GET /recaptcha/api2/bframe?hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&k=6LesER4UAAAAAGw1oVKPrLk_AuxiRz548wcKan1w HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}, {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 13 Oct 2024 18:50:13 GMT
content-security-policy: script-src 'nonce--c-2UQNfLrFARfdbhTFbGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdn.creative-stat1.com/sb/ssp/vpn/default/us/ios-widget/white-big/new/2/css/animate.css

172.67.133.15

200 OK

79 kB

URL GET HTTP/2
cdn.creative-stat1.com/sb/ssp/vpn/default/us/ios-widget/white-big/new/2/css/animate.css
IP
172.67.133.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintF8:81:29:04:51:9E:EB:84:A7:36:0A:98:7D:E7:09:9D:A2:5D:A7:79
ValidityTue, 20 Aug 2024 16:31:08 GMT - Mon, 18 Nov 2024 16:31:07 GMT

File type
ASCII text
Size
79 kB (79255 bytes)
Hash
21f6532a6d89d19264e3588242ce64c2
b7fe3948824012c25e29bd79d0ef9c85e416f694
b6277bcf99d50bacb5cfcfc6dbcb8f66a97edd6fa1cca65122a8a1e5bcac82f0

HTTP Headers

GET /sb/ssp/vpn/default/us/ios-widget/white-big/new/2/css/animate.css HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.file-upload.net
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 13 Oct 2024 18:50:13 GMT
content-type: text/css
last-modified: Thu, 14 Apr 2022 10:26:47 GMT
etag: W/"6257f6e7-13597"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o9ufZWfehyMcHVd6JojZhP7LbZLyIDNlLYNmvjX9Rt9JbCOvWqiUb68rtllqgV1a9g85CTXXAu9N3NYnjvg5WGBIb0b7u0OQ0S4GD%2BW%2Bpvj615iJr0fOx4HRF%2FStjnjhH0xm49xLjSuM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d2183997eaf5689-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-stat1.com/sb/ssp/vpn/default/us/ios-widget/white-big/new/2/js/script.js

172.67.133.15

200 OK

652 B

URL GET HTTP/2
cdn.creative-stat1.com/sb/ssp/vpn/default/us/ios-widget/white-big/new/2/js/script.js
IP
172.67.133.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.file-upload.net/download-13050359/KillaHackz.ahk.html
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintF8:81:29:04:51:9E:EB:84:A7:36:0A:98:7D:E7:09:9D:A2:5D:A7:79
ValidityTue, 20 Aug 2024 16:31:08 GMT - Mon, 18 Nov 2024 16:31:07 GMT

File type
ASCII text, with very long lines (670), with no line terminators
Size
652 B (652 bytes)
Hash
8f645245bcdfaadba7842ffc65e07208
c5ca87494a872b3681add6e96bc720122540db84
994125f6c84d9aa20b7398e436574be6fa8a13bd2bfb69e69fa3b8d988f06ec9

HTTP Headers

GET /sb/ssp/vpn/default/us/ios-widget/white-big/new/2/js/script.js HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.file-upload.net
DNT: 1
Connection: keep-alive
Referer: https://www.file-upload.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 13 Oct 2024 18:50:13 GMT
content-type: application/javascript
last-modified: Thu, 14 Apr 2022 10:26:53 GMT
etag: W/"6257f6ed-28c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E7Q5%2F50NiXpVWY%2F60GLRG9mC7d%2BLLoVOetIwV7Xe%2BcYyymDudk9U%2Br3wi1zmIl3m%2Fq8Mff0Y0wS3KZreK4Nb7O94CA2WSMnBf1J3pcycRO1cByCsoULQEjNR85smXetdUxBvQqIHnXVQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d2183998eda5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Mnemonic Secure DNS

Quad9 DNS

ThreatFox

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by