Report - hubdrive.fit/gsign.php?authuser=0&code=4/0asvgi3k50vhzeec5siqnrj4a8mtb1o9clmd_5k4ciivcfhzkqlbixvmyrw_nk82etzso6q&prompt=consent&scope=email+openid+https:/www.googleapis.com/auth/userinfo.email

Report Overview

Visited public
2025-05-08 21:13:28
Tags
URL
hubdrive.fit/gsign.php?authuser=0&code=4/0asvgi3k50vhzeec5siqnrj4a8mtb1o9clmd_5k4ciivcfhzkqlbixvmyrw_nk82etzso6q&prompt=consent&scope=email+openid+https:/www.googleapis.com/auth/userinfo.email
Finishing URL
hubdrive.fit/gsign.php?authuser=0&code=4/0asvgi3k50vhzeec5siqnrj4a8mtb1o9clmd_5k4ciivcfhzkqlbixvmyrw_nk82etzso6q&prompt=consent&scope=email+openid+https:/www.googleapis.com/auth/userinfo.email
IP / ASN
172.67.220.154
#13335 CLOUDFLARENET
Title
Access denied | hubdrive.fit used Cloudflare to restrict access

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
hubdrive.fit	unknown	2025-02-26	2025-04-07	2025-05-08	2.3 kB	28 kB	172.67.220.154
performance.radar.cloudflare.com	unknown	2009-02-17	2022-06-29	2025-05-08	395 B	9.2 kB	104.18.31.78

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-05-08 21:12:56	medium	Client IP	172.67.220.154	ET INFO HTTP Request to Suspicious *.fit Domain
2025-05-08 21:12:56	medium	Client IP	172.67.220.154	ET INFO HTTP Request to Suspicious *.fit Domain
2025-05-08 21:12:56	medium	Client IP	172.67.220.154	ET INFO HTTP Request to Suspicious *.fit Domain

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	hubdrive.fit/gsign.php?authuser=0&code=4/0asvgi3k50vhzeec5siqnrj4a8mtb1o9clmd_5k4ciivcfhzkqlbixvmyrw_nk82etzso6q&prompt=consent&scope=email+openid+https:/www.googleapis.com/auth/userinfo.email	ScriptElement	961 B	2025-03-06	2025-05-21
Pretty URL hubdrive.fit/gsign.php?authuser=0&code=4/0asvgi3k50vhzeec5siqnrj4a8mtb1o9clmd_5k4ciivcfhzkqlbixvmyrw_nk82etzso6q&prompt=consent&scope=email+openid+https:/www.googleapis.com/auth/userinfo.email IP 172.67.220.154 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-06 15:42 Last Seen2025-05-21 12:05 Times Seen25 Hash bce87e1e77da825c5495a318747f950d dd176282ec5c20145641153ae667660987d716bd 686c7f04864edbba4b56a4e67a99ad7b216fed044313bae60964264b61e50363 Loading...

	performance.radar.cloudflare.com/beacon.js	ScriptElement	8.4 kB	2025-05-08	2025-05-08
Pretty URL performance.radar.cloudflare.com/beacon.js IP 104.18.31.78 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-08 21:13 Last Seen2025-05-08 21:13 Times Seen1 Hash 4c0099733f5030849d84ceccb2011ee9 6702efbb15103b8ff138d8973db70cb603af66ea c981823ce5451c3a6ccfdfd2f59326912d21127d38ed7cd5b9f8ee527cec7de2 Loading...

	hubdrive.fit/gsign.php?authuser=0&code=4/0asvgi3k50vhzeec5siqnrj4a8mtb1o9clmd_5k4ciivcfhzkqlbixvmyrw_nk82etzso6q&prompt=consent&scope=email+openid+https:/www.googleapis.com/auth/userinfo.email	ScriptElement	375 B	2023-03-07	2025-06-05
Pretty URL hubdrive.fit/gsign.php?authuser=0&code=4/0asvgi3k50vhzeec5siqnrj4a8mtb1o9clmd_5k4ciivcfhzkqlbixvmyrw_nk82etzso6q&prompt=consent&scope=email+openid+https:/www.googleapis.com/auth/userinfo.email IP 172.67.220.154 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-06-05 19:47 Times Seen104970 Hash 56df91490fa1984fa82b297dcb23c22d 2050f127b73f50d21eb9b0a2a3f2aea7d4372ba9 275407540ae2d5516300e4027ce994e1c97f958d464e137d0fff116d7acf0f24 Loading...

	hubdrive.fit/gsign.php?authuser=0&code=4/0asvgi3k50vhzeec5siqnrj4a8mtb1o9clmd_5k4ciivcfhzkqlbixvmyrw_nk82etzso6q&prompt=consent&scope=email+openid+https:/www.googleapis.com/auth/userinfo.email	ScriptElement	38 B	2023-03-07	2025-06-05
Pretty URL hubdrive.fit/gsign.php?authuser=0&code=4/0asvgi3k50vhzeec5siqnrj4a8mtb1o9clmd_5k4ciivcfhzkqlbixvmyrw_nk82etzso6q&prompt=consent&scope=email+openid+https:/www.googleapis.com/auth/userinfo.email IP 172.67.220.154 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-06-05 19:47 Times Seen102903 Hash eb2ee6e4b3d4e81bacdb2474d9b3c2f5 6588855b25c975b224e0fd1b50ca1b3f36cd46ed 3dd83a652b2e60d8dfc699cd2006f70007b826a92b49e61e9194bf422481ac05 Loading...

HTTP Transactions (5)

URL IP Response Size

hubdrive.fit/gsign.php?authuser=0&code=4/0asvgi3k50vhzeec5siqnrj4a8mtb1o9clmd_5k4ciivcfhzkqlbixvmyrw_nk82etzso6q&prompt=consent&scope=email+openid+https:/www.googleapis.com/auth/userinfo.email

172.67.220.154

403 Forbidden

6.5 kB

URL User Request GET
hubdrive.fit/gsign.php?authuser=0&code=4/0asvgi3k50vhzeec5siqnrj4a8mtb1o9clmd_5k4ciivcfhzkqlbixvmyrw_nk82etzso6q&prompt=consent&scope=email+openid+https:/www.googleapis.com/auth/userinfo.email
IP
172.67.220.154:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjecthubdrive.fit
Fingerprint34:AB:7C:58:29:F7:D3:47:DC:C1:B4:4A:81:89:1E:EE:B0:2C:90:A5
ValiditySat, 26 Apr 2025 22:02:46 GMT - Fri, 25 Jul 2025 23:01:09 GMT

File type
HTML document, ASCII text, with very long lines (508)
Size
6.5 kB (6452 bytes)
Hash
295cc6a99a7f2509a7740656b3a9654b
483aa68fddbfc33855ba271feae2ee982fbf3f85
9e1b49d438b2f668e1316dc6093f9b4b996c4a1c9e0c762cfd24573e88cc27da

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to Suspicious *.fit Domain

HTTP Headers

GET /gsign.php?authuser=0&code=4/0asvgi3k50vhzeec5siqnrj4a8mtb1o9clmd_5k4ciivcfhzkqlbixvmyrw_nk82etzso6q&prompt=consent&scope=email+openid+https:/www.googleapis.com/auth/userinfo.email HTTP/1.1
Host: hubdrive.fit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Thu, 08 May 2025 21:12:56 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=6ZdAatx13B1wQ%2BTygtbySLM4eqc6mDycFHFwkCxjwRIq4HTxiSgZv0Icd3qUXbrB0IVuuuZLC4uJy%2FRmthuaJGaKe35xq15NYhCnOkEjha12P%2FFqejx7OyuWBBvvj8Q%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 93cbf54738e956c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

hubdrive.fit/gsign.php?authuser=0&code=4/0asvgi3k50vhzeec5siqnrj4a8mtb1o9clmd_5k4ciivcfhzkqlbixvmyrw_nk82etzso6q&prompt=consent&scope=email+openid+https:/www.googleapis.com/auth/userinfo.email

172.67.220.154

403 Forbidden

5.4 kB

URL User Request GET
hubdrive.fit/gsign.php?authuser=0&code=4/0asvgi3k50vhzeec5siqnrj4a8mtb1o9clmd_5k4ciivcfhzkqlbixvmyrw_nk82etzso6q&prompt=consent&scope=email+openid+https:/www.googleapis.com/auth/userinfo.email
IP
172.67.220.154:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (501)
Size
5.4 kB (5396 bytes)
Hash
54d30140612991af2f026082364a893c
b0f97bca2195f43dc617963c901847e7b799d243
8af99015cc20e0d71dc2a236af8a9571f60759a3606e07252bf1094d1f34a513

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to Suspicious *.fit Domain

HTTP Headers

GET /gsign.php?authuser=0&code=4/0asvgi3k50vhzeec5siqnrj4a8mtb1o9clmd_5k4ciivcfhzkqlbixvmyrw_nk82etzso6q&prompt=consent&scope=email+openid+https:/www.googleapis.com/auth/userinfo.email HTTP/1.1
Host: hubdrive.fit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Thu, 08 May 2025 21:12:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J0BFBqa4VhGLrb54W097pafLVRWLvXyzOXVn5Q2O4hbkNMenmRgVY3C9MeWTWfsUy%2BpeACUCvGWgaXweWlf773X1blFfqqI8bB9n%2FuyaKba%2BwsyIGPCCLNWiQw1qxQY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 93cbf548187e0b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=442&min_rtt=442&rtt_var=221&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=576&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

hubdrive.fit/cdn-cgi/styles/main.css

172.67.220.154

200 OK

8.0 kB

URL GET
hubdrive.fit/cdn-cgi/styles/main.css
IP
172.67.220.154:80
ASN
#13335 CLOUDFLARENET

Requested by
http://hubdrive.fit/gsign.php?authuser=0&code=4/0asvgi3k50vhzeec5siqnrj4a8mtb1o9clmd_5k4ciivcfhzkqlbixvmyrw_nk82etzso6q&prompt=consent&scope=email+openid+https:/www.googleapis.com/auth/userinfo.email

File type
ASCII text, with very long lines (8012)
Size
8.0 kB (8013 bytes)
Hash
ff26f59e28a5fe6ea4ab23586415696b
4182675484d175e363cd34b43041b7b1af93d0cd
d30b4ea6f68456672f5abb35e9dcf7d54226372b66e9d60a7ee26b7a52568e74

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to Suspicious *.fit Domain

HTTP Headers

GET /cdn-cgi/styles/main.css HTTP/1.1
Host: hubdrive.fit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hubdrive.fit/gsign.php?authuser=0&code=4/0asvgi3k50vhzeec5siqnrj4a8mtb1o9clmd_5k4ciivcfhzkqlbixvmyrw_nk82etzso6q&prompt=consent&scope=email+openid+https:/www.googleapis.com/auth/userinfo.email
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 08 May 2025 21:12:56 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 May 2025 09:55:49 GMT
ETag: W/"6819dca5-1f4d"
Server: cloudflare
CF-RAY: 93cbf549297f0b65-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Thu, 08 May 2025 23:12:56 GMT
Cache-Control: max-age=7200, public
Content-Encoding: gzip

performance.radar.cloudflare.com/beacon.js

104.18.31.78

200 OK

8.4 kB

URL GET
performance.radar.cloudflare.com/beacon.js
IP
104.18.31.78:443
ASN
#13335 CLOUDFLARENET

Requested by
http://hubdrive.fit/gsign.php?authuser=0&code=4/0asvgi3k50vhzeec5siqnrj4a8mtb1o9clmd_5k4ciivcfhzkqlbixvmyrw_nk82etzso6q&prompt=consent&scope=email+openid+https:/www.googleapis.com/auth/userinfo.email
Certificate
IssuerGoogle Trust Services
Subjectradar.cloudflare.com
Fingerprint5B:1E:A5:CE:2E:DD:59:C6:10:BD:7A:4D:D4:F7:39:92:56:3F:1A:2E
ValidityMon, 21 Apr 2025 20:03:54 GMT - Sun, 20 Jul 2025 21:03:44 GMT

File type
JavaScript source, ASCII text, with very long lines (8380)
Size
8.4 kB (8381 bytes)
Hash
4c0099733f5030849d84ceccb2011ee9
6702efbb15103b8ff138d8973db70cb603af66ea
c981823ce5451c3a6ccfdfd2f59326912d21127d38ed7cd5b9f8ee527cec7de2

HTTP Headers

GET /beacon.js HTTP/1.1
Host: performance.radar.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 08 May 2025 21:12:56 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, max-age=0
access-control-allow-headers: *
access-control-allow-methods: *
referrer-policy: no-referrer
timing-allow-origin: *
set-cookie: __cf_bm=wC4K4mxPSah23eLFnxL1CAtviQoOKfPwkL_h7MWde0E-1746738776-1.0.1.1-lBg8oE06rRGR0PCunIHGCB2Tsc.9znsS57i7dU1yMS4FHi2_mwRwyFAsdgfhiAiT8udisWMeMd6TBQQux1QOS0lXRPP4.4LsSpZFrCNSNTE; path=/; expires=Thu, 08-May-25 21:42:56 GMT; domain=.radar.cloudflare.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 93cbf54948985696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

hubdrive.fit/favicon.ico

172.67.220.154

403 Forbidden

5.4 kB

URL GET
hubdrive.fit/favicon.ico
IP
172.67.220.154:80
ASN
#13335 CLOUDFLARENET

Requested by
http://hubdrive.fit/gsign.php?authuser=0&code=4/0asvgi3k50vhzeec5siqnrj4a8mtb1o9clmd_5k4ciivcfhzkqlbixvmyrw_nk82etzso6q&prompt=consent&scope=email+openid+https:/www.googleapis.com/auth/userinfo.email

File type
HTML document, ASCII text, with very long lines (501)
Size
5.4 kB (5396 bytes)
Hash
f69e22b46ff0b5c3364f6458ac850053
2c6817031d7162d1341cbb00fb56090bd769b864
8eedc06e9ed9008993df7ed7777b23b8f5052eef3b156084bc7322791ca7c67c

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to Suspicious *.fit Domain

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: hubdrive.fit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hubdrive.fit/gsign.php?authuser=0&code=4/0asvgi3k50vhzeec5siqnrj4a8mtb1o9clmd_5k4ciivcfhzkqlbixvmyrw_nk82etzso6q&prompt=consent&scope=email+openid+https:/www.googleapis.com/auth/userinfo.email
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Thu, 08 May 2025 21:12:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nNkSZPibO8iL5n8482hTsUHmmeSkhQjbcItJPN3kj3JqP6DsWPcHQ5vAP9JFPSp7Uhu8yNC5O92RlmccmsqOIQHAOgOS6yYh44jnVN1RamX%2FM4CGn7PmAezzzuj%2BOm8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 93cbf54a6aa80b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=502&min_rtt=442&rtt_var=94&sent=8&recv=12&lost=0&retrans=0&sent_bytes=5657&recv_bytes=1637&delivery_rate=10161403&cwnd=256&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (5)

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by