Report - fylybook.com/lv/mlobaourdti

Report Overview

Submitted URL
fylybook.com/lv/mlobaourdti
IP
66.29.145.237
ASN
#22612 NAMECHEAP-NET
Submitted
2022-10-07 02:04:38
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
68

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	6.2 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	54.230.111.7
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.161.231.36
fylybook.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	13 kB	677 kB	66.29.145.237
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.2 kB	142.250.74.3
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	55 kB	34.120.237.76
www.applitech.ci	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	387 B	2.4 kB	66.29.145.237
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	936 B	94 kB	216.58.207.195
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	814 B	1.5 kB	142.250.74.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-07	medium	fylybook.com/lv/mlobaourdti	Malware
2022-10-07	medium	fylybook.com/	Malware
2022-10-07	medium	fylybook.com/assets/vendor/slick/slick.min.js	Malware
2022-10-07	medium	fylybook.com/assets/vendor/bootstrap/js/bootstrap.min.js	Malware
2022-10-07	medium	fylybook.com/assets/js/script-3.9.min.js	Malware
2022-10-07	medium	fylybook.com/assets/js/jquery-1.12.4.min.js	Malware
2022-10-07	medium	fylybook.com/assets/js/plugins.js	Malware
2022-10-07	medium	fylybook.com/assets/vendor/font-icons/font/icons.woff2?40718069	Malware

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2022-10-07	medium	fylybook.com	Sinkholed
2022-10-07	medium	fylybook.com	Sinkholed
2022-10-07	medium	fylybook.com	Sinkholed
2022-10-07	medium	fylybook.com	Sinkholed
2022-10-07	medium	fylybook.com	Sinkholed
2022-10-07	medium	fylybook.com	Sinkholed
2022-10-07	medium	fylybook.com	Sinkholed
2022-10-07	medium	fylybook.com	Sinkholed
2022-10-07	medium	fylybook.com	Sinkholed
2022-10-07	medium	fylybook.com	Sinkholed
2022-10-07	medium	fylybook.com	Sinkholed
2022-10-07	medium	fylybook.com	Sinkholed
2022-10-07	medium	fylybook.com	Sinkholed
2022-10-07	medium	fylybook.com	Sinkholed
2022-10-07	medium	fylybook.com	Sinkholed
2022-10-07	medium	fylybook.com	Sinkholed
2022-10-07	medium	fylybook.com	Sinkholed
2022-10-07	medium	fylybook.com	Sinkholed
2022-10-07	medium	fylybook.com	Sinkholed
2022-10-07	medium	fylybook.com	Sinkholed
2022-10-07	medium	fylybook.com	Sinkholed
2022-10-07	medium	fylybook.com	Sinkholed
2022-10-07	medium	fylybook.com	Sinkholed
2022-10-07	medium	fylybook.com	Sinkholed
2022-10-07	medium	fylybook.com	Sinkholed
2022-10-07	medium	fylybook.com	Sinkholed

Quad9 DNS

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	fylybook.com/	106 B	2023-03-08	2023-03-08
Pretty URL fylybook.com/ IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:39:59 Last Seen2023-03-08 07:57:52 Times Seen1 Hash 50e391086feadb894f56c6f294d2efed f8d50093b863e9a0237772dfcd8e84a5b08754fa df2b8056b151662538dc736cb4baa445ee38ddda4e711cbad9dd3f24e2077800 Loading...

	fylybook.com/assets/vendor/slick/slick.min.js	43 kB	2023-03-07	2024-05-07
Pretty URL fylybook.com/assets/vendor/slick/slick.min.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:34 Last Seen2024-05-07 08:43:40 Times Seen34832 Hash d5a61c749e44e47159af8a6579dda121 3b41b3bc956685015a347a2238e71db29dfa0dbb 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740 Loading...

	fylybook.com/assets/vendor/bootstrap/js/bootstrap.min.js	37 kB	2023-03-07	2024-05-06
Pretty URL fylybook.com/assets/vendor/bootstrap/js/bootstrap.min.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:32 Last Seen2024-05-06 22:33:39 Times Seen2882 Hash 04c84852e9937b142ac73c285b895b85 8fb8a9319055253d085edfc3bb72d20f614ec709 36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64 Loading...

	fylybook.com/assets/js/script-3.9.min.js	10 kB	2023-03-08	2023-09-15
Pretty URL fylybook.com/assets/js/script-3.9.min.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:39:59 Last Seen2023-09-15 23:15:43 Times Seen2 Hash 0eb60e163cf20cc5141d141d2aa6c92c 251fe12d15cdf606ec698cceb6db92721bc033c6 c15fa4beea60a2ffa1e767d6d4552ac20c520f00756995ee1ff78d660c8d8587 Loading...

	fylybook.com/assets/js/jquery-1.12.4.min.js	97 kB	2023-03-07	2024-05-07
Pretty URL fylybook.com/assets/js/jquery-1.12.4.min.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:12 Last Seen2024-05-07 06:34:53 Times Seen2299 Hash 618538b4ab9639d444e962729a927f15 dacc1f76630a9708add066819b1aabf8dce01056 27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe Loading...

	fylybook.com/	16 B	2023-03-08	2024-02-27
Pretty URL fylybook.com/ IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:26:38 Last Seen2024-02-27 15:48:56 Times Seen44 Hash 2c473bc2a4f5410664d4be713f0bf508 79ac7caac2531351799403184417e8e18ac063c7 cc9c253758d68c76e591c9b338c2b13d953b77a465ea65762e79c185a26132cb Loading...

	fylybook.com/	191 B	2023-03-08	2023-03-08
Pretty URL fylybook.com/ IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:39:59 Last Seen2023-03-08 07:57:52 Times Seen1 Hash 541f47eaf2049b512830c45880fc8586 cf0ddc69e5aa6ecd0a7ab5703bc27076fbd9c504 655fa2e0de38234003c1755b72fcbe8ee8a1b69367d1d7cd80839824824f49d1 Loading...

	fylybook.com/assets/js/plugins.js	108 kB	2023-03-08	2023-09-15
Pretty URL fylybook.com/assets/js/plugins.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:40:00 Last Seen2023-09-15 23:15:44 Times Seen6 Hash 9b082e426f079d094bbb238588f30a2c b9e0b39de46c4c65c9b2fb98536f19d25ec899bb c16d5f3c8bee6f9f3a0b065787f5996567c7247f65bbe5105e4e6282c342d6cc Loading...

HTTP Transactions (56)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17997
Expires: Fri, 07 Oct 2022 07:04:24 GMT
Date: Fri, 07 Oct 2022 02:04:27 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

54.230.111.7

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: GFax6UT_o8DNej_zZPb78xrNKOIZn4gk5ZMjLql3uIXrQIsz3txhIg==
Age: 123429

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4ab7d8709d334de0e46dcb86aabfbff1
f221138a8ad9d0bfa3c054370dcdb363a67dc310
b91d37f606eaf448b9c7dfc05566a11de004ce44503409e1a776288ee2622805

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B91D37F606EAF448B9C7DFC05566A11DE004CE44503409E1A776288EE2622805"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13844
Expires: Fri, 07 Oct 2022 05:55:11 GMT
Date: Fri, 07 Oct 2022 02:04:27 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: l43d9jzYCJRGbVzYEOMT8HnA4mhZS6sNjknSqb+X8OmAerhUzvKQoHvyAouoPdnaoX8pvAMz722CONsqUuv2AA==
x-amz-request-id: 0EGRKHMS2Z3G57E6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 07 Oct 2022 01:31:00 GMT
age: 2007
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 02:04:28 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

54.230.111.7

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Fri, 07 Oct 2022 01:29:42 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 07 Oct 2022 02:12:57 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IABCcYFNbqx17OnQ5lUZe4hHL6T1PPC4dnMuqhknc98KagIJ0bxnuw==
Age: 2087

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
8be5570b9a5ca76c580da007a824b029
38840f2ac6476bdd5608121c5653e338c7ad9715
0b94e05080ef85432b1815eb3c6c7594c9613cfde1b51eeabee46d0d9fde64b2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2083
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 02:04:28 GMT
Last-Modified: Fri, 07 Oct 2022 01:29:45 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

fylybook.com/lv/mlobaourdti

66.29.145.237

307 Temporary Redirect

0 B

URL HTTP/1.1
fylybook.com/lv/mlobaourdti
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /lv/mlobaourdti HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 307 Temporary Redirect
Date: Fri, 07 Oct 2022 02:04:28 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: infinite_csrf_cookie=3b4eef962ec9a5c2c17857d4137635c7; expires=Fri, 07-Oct-2022 04:04:28 GMT; Max-Age=7200; path=/
ci_session=d1f28e1786013170c59d77e1a5386e755c00c3cc; expires=Sun, 09-Oct-2022 02:04:28 GMT; Max-Age=172800; path=/; HttpOnly
Location: https://fylybook.com/
Vary: User-Agent
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

push.services.mozilla.com/

35.161.231.36

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.161.231.36:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vu6dNY8UwJlvXpR1Fe3Fvw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: P4SPQpuMERZVhOuYxMmXvYc+Um0=

fylybook.com/

66.29.145.237

200 OK

5.4 kB

URL HTTP/1.1
fylybook.com/
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (919), with CRLF, LF line terminators
Size
5.4 kB (5440 bytes)
Hash
66e9ec7b1bf9c356841f4785f5f185b0
bf7ed6d6545b8399d4f1c8948499c627c38ca9b1
b5c55ce105f8888e2fdeff7819224cadca6d60960abfa875a5571e8d584e757f

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: infinite_csrf_cookie=3b4eef962ec9a5c2c17857d4137635c7; ci_session=d1f28e1786013170c59d77e1a5386e755c00c3cc
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 02:04:28 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: infinite_csrf_cookie=3b4eef962ec9a5c2c17857d4137635c7; expires=Fri, 07-Oct-2022 04:04:29 GMT; Max-Age=7200; path=/
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5440
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 02:04:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 02:04:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 02:04:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fylybook.com/assets/vendor/font-icons/css/icons.min.css

66.29.145.237

200 OK

795 B

URL HTTP/1.1
fylybook.com/assets/vendor/font-icons/css/icons.min.css
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (2906), with no line terminators
Size
795 B (795 bytes)
Hash
99cff2067588a810acfb89259109d06d
c5e8baf757dc5b872052edd7740bf73accd2f946
f419ab955d5ee46e489f35fd03769db4c1fd6b23b0dd89233d8a538b60425ab2

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /assets/vendor/font-icons/css/icons.min.css HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=3b4eef962ec9a5c2c17857d4137635c7; ci_session=d1f28e1786013170c59d77e1a5386e755c00c3cc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 02:04:29 GMT
Server: Apache
Last-Modified: Mon, 09 Dec 2019 15:53:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 795
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

fylybook.com/assets/vendor/bootstrap/css/bootstrap.min.css

66.29.145.237

200 OK

20 kB

URL HTTP/1.1
fylybook.com/assets/vendor/bootstrap/css/bootstrap.min.css
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65367), with CRLF line terminators
Size
20 kB (19749 bytes)
Hash
e8438eabd438f940694edbd4569aa51e
9395d0177441a26b42dad8a09d7fbe2fc6ac2c1a
ccc0a30fa490d287ec17fbc9ff4560d267d0efb697384bc3fab88f1357c5a040

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /assets/vendor/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=3b4eef962ec9a5c2c17857d4137635c7; ci_session=d1f28e1786013170c59d77e1a5386e755c00c3cc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 02:04:29 GMT
Server: Apache
Last-Modified: Mon, 09 Dec 2019 15:53:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 19749
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

fylybook.com/assets/vendor/slick/slick.min.css

66.29.145.237

200 OK

495 B

URL HTTP/1.1
fylybook.com/assets/vendor/slick/slick.min.css
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (1329), with no line terminators
Size
495 B (495 bytes)
Hash
9c99c80d8a61e2cb27c640aa605ebd00
ef5f58057b6bbec3c54b9f84dae86fa5c6b4cfc3
2b4ba44a54957fc20585e468320c1078484923e5b9e3d30553c4c9e44e8b7e46

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /assets/vendor/slick/slick.min.css HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=3b4eef962ec9a5c2c17857d4137635c7; ci_session=d1f28e1786013170c59d77e1a5386e755c00c3cc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 02:04:29 GMT
Server: Apache
Last-Modified: Mon, 09 Dec 2019 15:53:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 495
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

fylybook.com/assets/css/magnific-popup.min.css

66.29.145.237

200 OK

1.6 kB

URL HTTP/1.1
fylybook.com/assets/css/magnific-popup.min.css
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (5257), with no line terminators
Size
1.6 kB (1575 bytes)
Hash
0fbee1824d0e377756b1bda7ef32d1a4
aad925759dd40d187c1c56aefedd2712681fcb92
8c58b8361d7e8d1662bf7e7edfd08e0f6900698dd05dae14c3f0175f422083e9

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /assets/css/magnific-popup.min.css HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=3b4eef962ec9a5c2c17857d4137635c7; ci_session=d1f28e1786013170c59d77e1a5386e755c00c3cc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 02:04:29 GMT
Server: Apache
Last-Modified: Mon, 09 Dec 2019 15:53:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1575
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

fylybook.com/assets/css/colors/yellow.min.css

66.29.145.237

200 OK

999 B

URL HTTP/1.1
fylybook.com/assets/css/colors/yellow.min.css
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (4600), with no line terminators
Size
999 B (999 bytes)
Hash
4d9487c906706e3252989120d0e5577c
dad9ccf87ef4ead4e0004abc5b7a958f44d48a05
f889ec7373ef63ff5a550310df4196310141987b44226ddca88cdc3bc08f4464

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /assets/css/colors/yellow.min.css HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=3b4eef962ec9a5c2c17857d4137635c7; ci_session=d1f28e1786013170c59d77e1a5386e755c00c3cc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 02:04:29 GMT
Server: Apache
Last-Modified: Mon, 09 Dec 2019 15:53:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 999
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

fylybook.com/assets/vendor/slick/slick.min.js

66.29.145.237

200 OK

10 kB

URL HTTP/1.1
fylybook.com/assets/vendor/slick/slick.min.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (42862)
Size
10 kB (10442 bytes)
Hash
a200e519b47aabb15179d3d44b42a20d
40f67edd6550052b130507ed1a56650c6bdb798f
ea316b7198f70a2c53e9f534e6c2b9f6e570e4a7369d5c0508cd38de275717db

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /assets/vendor/slick/slick.min.js HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=3b4eef962ec9a5c2c17857d4137635c7; ci_session=d1f28e1786013170c59d77e1a5386e755c00c3cc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 02:04:29 GMT
Server: Apache
Last-Modified: Mon, 09 Dec 2019 15:53:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 10442
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

fylybook.com/assets/vendor/bootstrap/js/bootstrap.min.js

66.29.145.237

200 OK

9.8 kB

URL HTTP/1.1
fylybook.com/assets/vendor/bootstrap/js/bootstrap.min.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (32033), with CRLF line terminators
Size
9.8 kB (9838 bytes)
Hash
43c22cf7a7909e424cdb9edbd0f3de1a
3edbbd8b7300b8c191fb986a768b915bb572360b
b1e6ac878e5d746cdada02ab3c918d6e4430bc873423885b568bcd21de6c642c

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /assets/vendor/bootstrap/js/bootstrap.min.js HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=3b4eef962ec9a5c2c17857d4137635c7; ci_session=d1f28e1786013170c59d77e1a5386e755c00c3cc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 02:04:29 GMT
Server: Apache
Last-Modified: Mon, 09 Dec 2019 15:53:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 9838
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

fylybook.com/assets/css/style-3.9.min.css

66.29.145.237

200 OK

12 kB

URL HTTP/1.1
fylybook.com/assets/css/style-3.9.min.css
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Size
12 kB (11982 bytes)
Hash
1f2fc0a80a1259c3cba376378c4c83b7
d466686390b1a8cbe4ab299b2762820cb02b85b8
73bd09bc6ee348fd2aadd106aaaa8ee96d4898fa4934dd521633886fe9a61ab6

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /assets/css/style-3.9.min.css HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=3b4eef962ec9a5c2c17857d4137635c7; ci_session=d1f28e1786013170c59d77e1a5386e755c00c3cc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 02:04:29 GMT
Server: Apache
Last-Modified: Mon, 09 Dec 2019 15:53:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 11982
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

fylybook.com/assets/js/script-3.9.min.js

66.29.145.237

200 OK

2.5 kB

URL HTTP/1.1
fylybook.com/assets/js/script-3.9.min.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (10341), with no line terminators
Size
2.5 kB (2507 bytes)
Hash
6aaa4cfbb6ca0035c72a92c2d6c3e2a2
3e3e1ae75651e4e3406ccea9783640fe9ce6ed7d
c977a2b0ae810d15b8d7643d324527b71a163be288cc24091b72fdc95e7f8996

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /assets/js/script-3.9.min.js HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=3b4eef962ec9a5c2c17857d4137635c7; ci_session=d1f28e1786013170c59d77e1a5386e755c00c3cc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 02:04:29 GMT
Server: Apache
Last-Modified: Mon, 09 Dec 2019 15:53:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2507
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

fylybook.com/assets/js/jquery-1.12.4.min.js

66.29.145.237

200 OK

34 kB

URL HTTP/1.1
fylybook.com/assets/js/jquery-1.12.4.min.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (32077), with CRLF line terminators
Size
34 kB (33769 bytes)
Hash
de68bf402c4c73b752a88dcf597972c9
4d6b6327337cb95e83bd9fc36e2800abc49f3eef
a012924b59bd6b64250c37d73c93970436c525b1484f244f8e360a0dcd11cf2c

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /assets/js/jquery-1.12.4.min.js HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=3b4eef962ec9a5c2c17857d4137635c7; ci_session=d1f28e1786013170c59d77e1a5386e755c00c3cc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 02:04:29 GMT
Server: Apache
Last-Modified: Mon, 09 Dec 2019 15:53:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 33769
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17898
Expires: Fri, 07 Oct 2022 07:02:48 GMT
Date: Fri, 07 Oct 2022 02:04:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17898
Expires: Fri, 07 Oct 2022 07:02:48 GMT
Date: Fri, 07 Oct 2022 02:04:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17898
Expires: Fri, 07 Oct 2022 07:02:48 GMT
Date: Fri, 07 Oct 2022 02:04:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17898
Expires: Fri, 07 Oct 2022 07:02:48 GMT
Date: Fri, 07 Oct 2022 02:04:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17898
Expires: Fri, 07 Oct 2022 07:02:48 GMT
Date: Fri, 07 Oct 2022 02:04:30 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79f3ec27-4efa-459e-a0bf-ae28f5d2dd3d.jpeg

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79f3ec27-4efa-459e-a0bf-ae28f5d2dd3d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8239 bytes)
Hash
faa74f37d774e88f35e8d28397e066dc
6864ffbbeba98f1afdcc89c6588a21868bd33b4c
1c2f63843f2699f1c7a1df149d048dcc265387cbac9e6e9ca89ee7487a166ed8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79f3ec27-4efa-459e-a0bf-ae28f5d2dd3d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8239
x-amzn-requestid: 82d6eec9-0b0a-4342-9805-da201179818c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zd9izGiRIAMF_rA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633bdc78-4a82b86b2d75b9127b12415b;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 07:10:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: d4GkQkVlHcLruEBQvyZ6T5ZSc7quxUully07xJ7_v4X3j2G_l7sbbw==
via: 1.1 0cf6c59c77f0fff670ae085179adc458.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 07:35:13 GMT
age: 66557
etag: "6864ffbbeba98f1afdcc89c6588a21868bd33b4c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

2.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36097bf9-dd7a-4dde-af42-0e23e000e84a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.7 kB (2732 bytes)
Hash
e9646987c0395eec23e32dc00954d386
5545b691aeefcd31bbc6b6cad6726234773e9d74
900a2bfbe3984db79056d38764b1986399d827a7f54d1c54d4fd3b06c7981385

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36097bf9-dd7a-4dde-af42-0e23e000e84a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2732
x-amzn-requestid: 004a85ab-b33b-4b7f-86f2-9762e6cd2f0b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmhkQGWgoAMF7mw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f494e-473458094dc2ded55a681505;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: eJltrBVIRbJ-_OUHZjw8mtfK6Ivb9C51B6lC1C11eaq_O4Psd7evRg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ca66331b52971370c4e54619e8a952cc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:46:38 GMT
age: 15472
etag: "5545b691aeefcd31bbc6b6cad6726234773e9d74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9046 bytes)
Hash
7e30ca5022768294665070cafc9d489c
c6ebf53c21206cfcf8e70279d3ae43f0170ade3a
6b834cdae692318a114c0d82ebff4fa8f4e65526983758e08ffb130d4d86020f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9046
x-amzn-requestid: d560c8ba-6e81-46f7-a451-30c40fbfce6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_F7qIAMFkQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-012e65d675558ec8544a1f30;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: a9tOPCySPRdXpvJf239ycM7_3PJS7GcITvM52Sxic_FwYr_-n2XQHA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
etag: "c6ebf53c21206cfcf8e70279d3ae43f0170ade3a"
content-type: image/jpeg
age: 15612
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc902aef-d39a-4522-af06-32745f1f98f1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6662 bytes)
Hash
54e5cb120b19e849a196a1ead868e4c4
15e26ce930dc747f058810837c47a4728efe0b75
a95640f974032f37a613af7648bd83697c72bb4ddf4a459e1393f7c9e8f926c3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc902aef-d39a-4522-af06-32745f1f98f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6662
x-amzn-requestid: ea908895-144e-4211-8363-b721f2e4490a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmi9BFvFoAMF89A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4b86-1514f8460877c8c31b7136f9;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:41:26 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Treo-1cuzxPXE9k1k8y0DLbXX-i5wMV_Gxff-RWkWZ8ZXdUyXqigLA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
etag: "15e26ce930dc747f058810837c47a4728efe0b75"
content-type: image/jpeg
age: 15612
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8dd1fdac-30bd-43cd-b99a-3f5a563e0892.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8325 bytes)
Hash
d1a9bad9942d25ecf711a6b2e137a270
1ac4d5e32010b78b9599d7db12c64a4f11f75c32
a4e8eb30784a461fbac9df587eb8b06c84f827d8ef6cfe5d302d45f0cbb5e3ce

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8dd1fdac-30bd-43cd-b99a-3f5a563e0892.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8325
x-amzn-requestid: c190f0ac-92e7-4d58-b70d-06c6986292c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmihDHP_oAMFc9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4ad3-11f93f222ee59f8c61feb974;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:38:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Q2Tmr5IEgSZ13V6JCFu75ypdw2faw01Y7FSMZX-xp5rmmLmuuuuotw==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:38:27 GMT
age: 15963
etag: "1ac4d5e32010b78b9599d7db12c64a4f11f75c32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13437 bytes)
Hash
16339989f5c6c229a3dcc0ed1e52032f
a1ea26d6e4eb4a72cc8c87100b40035dab69d285
16703f888ee6f974bb89e1c4c16a75186b31b64130abcd1a3bcd3741159d912c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13437
x-amzn-requestid: ec801fbc-c339-46ce-ac5f-18d064e5ef21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_HdeoAMFyOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-02b52b770e6e76cf52b26e47;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Iesqk_XbGiZE-n3mTa1_1WtlXiyEqz-4qfyt3_609O1eujdLcFu3zA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:01:58 GMT
etag: "a1ea26d6e4eb4a72cc8c87100b40035dab69d285"
content-type: image/jpeg
age: 14552
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fylybook.com/assets/js/plugins.js

66.29.145.237

200 OK

35 kB

URL HTTP/1.1
fylybook.com/assets/js/plugins.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (23122)
Size
35 kB (34786 bytes)
Hash
9e14486b3c99d61bc012203502f2f3ed
edc5231dd0bb6a51af40245f9acaf10c4975c46c
66f561b830f4aa03965d5cd571a2bda87bc8b2326584ac46b38ef7550f964ae1

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /assets/js/plugins.js HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=3b4eef962ec9a5c2c17857d4137635c7; ci_session=d1f28e1786013170c59d77e1a5386e755c00c3cc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 02:04:29 GMT
Server: Apache
Last-Modified: Mon, 09 Dec 2019 15:53:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 34786
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

fylybook.com/assets/img/bg_slider.png

66.29.145.237

200 OK

142 B

URL HTTP/1.1
fylybook.com/assets/img/bg_slider.png
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 650 x 433, 1-bit colormap, non-interlaced\012- data
Size
142 B (142 bytes)
Hash
5d475fa5a9a7f06f3cba3a8a99040c08
779a23196999501a825175453ba70d66106694a3
304a1699a049b544c6309875b3d7f8e24a3a1f800549ada4a06b52de91d7f61d

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /assets/img/bg_slider.png HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=3b4eef962ec9a5c2c17857d4137635c7; ci_session=d1f28e1786013170c59d77e1a5386e755c00c3cc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 02:04:30 GMT
Server: Apache
Last-Modified: Mon, 09 Dec 2019 15:53:48 GMT
Accept-Ranges: bytes
Content-Length: 142
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

www.applitech.ci/assets/images/footer-logo.png

66.29.145.237

200 OK

2.1 kB

URL HTTP/1.1
www.applitech.ci/assets/images/footer-logo.png
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 114 x 22, 8-bit/color RGBA, non-interlaced\012- data
Size
2.1 kB (2135 bytes)
Hash
5c73bd9c23ad153e0da45e00b33df874
76f271acf7a997b3a1eed83a07a19d6741bceceb
d5b02e1f8898ce67467ac4b8febd58756397cdc7b612bbadf2acccdf6ad38487

HTTP Headers

GET /assets/images/footer-logo.png HTTP/1.1
Host: www.applitech.ci
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 02:04:30 GMT
Server: Apache
Last-Modified: Fri, 18 Mar 2022 17:26:24 GMT
Accept-Ranges: bytes
Content-Length: 2135
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 02:04:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 02:04:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

216.58.207.195

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 45300, version 1.0\012- data
Size
45 kB (45300 bytes)
Hash
5fe660c3a23b871807b0e1d3ee973d23
62a9dd423b30b6ee3ab3dd40d573545d579af10a
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

HTTP Headers

GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fylybook.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:27:53 GMT
expires: Thu, 05 Oct 2023 19:27:53 GMT
cache-control: public, max-age=31536000
age: 110197
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2

216.58.207.195

200 OK

47 kB

URL HTTP/2
fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 47048, version 1.0\012- data
Size
47 kB (47048 bytes)
Hash
87a1556b696ae2cb1a726bd8c4584a2f
1be0f6f39e0cf316f9827f945eeeaef8294cc37b
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

HTTP Headers

GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fylybook.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:27:54 GMT
expires: Thu, 05 Oct 2023 19:27:54 GMT
cache-control: public, max-age=31536000
age: 110196
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 02:04:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fylybook.com/assets/vendor/font-icons/font/icons.woff2?40718069

66.29.145.237

200 OK

10 kB

URL HTTP/1.1
fylybook.com/assets/vendor/font-icons/font/icons.woff2?40718069
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 10236, version 1.0\012- data
Size
10 kB (10236 bytes)
Hash
92d7de8de6655354f068f8efe5529b76
46d294cb0cbc32fdcd6e9dbc2b139ed9c33095c2
344995123c7d4557e123a57af30c8640c4beeaa174282dd075541ab93481881f

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /assets/vendor/font-icons/font/icons.woff2?40718069 HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://fylybook.com/assets/vendor/font-icons/css/icons.min.css
Cookie: infinite_csrf_cookie=3b4eef962ec9a5c2c17857d4137635c7; ci_session=d1f28e1786013170c59d77e1a5386e755c00c3cc
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 02:04:30 GMT
Server: Apache
Last-Modified: Mon, 09 Dec 2019 15:53:48 GMT
Accept-Ranges: bytes
Content-Length: 10236
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff2

fylybook.com/uploads/logo/logo_60900873878be1.png

66.29.145.237

200 OK

35 kB

URL HTTP/1.1
fylybook.com/uploads/logo/logo_60900873878be1.png
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 500 x 211, 8-bit/color RGBA, non-interlaced\012- data
Size
35 kB (35209 bytes)
Hash
c573b8889b0ce9e7ec14d982bd84fb10
61329d84d3670bb3e1a7a20bd2d9b92c840f6a9c
d9b06d2fedc37fa80842dcea009e9d6216f869629d214591c9abe405293c485c

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /uploads/logo/logo_60900873878be1.png HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=3b4eef962ec9a5c2c17857d4137635c7; ci_session=d1f28e1786013170c59d77e1a5386e755c00c3cc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 02:04:30 GMT
Server: Apache
Last-Modified: Mon, 03 May 2021 18:28:02 GMT
Accept-Ranges: bytes
Content-Length: 35209
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png

fylybook.com/assets/img/BANNIERE1.jpg

66.29.145.237

200 OK

101 kB

URL HTTP/1.1
fylybook.com/assets/img/BANNIERE1.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 750x415, components 3\012- data
Size
101 kB (101211 bytes)
Hash
c8a8d8c16e682d11c58b0318e9865957
57f1544428d954f44bd2ce3285802dfba60ccbf4
c6ef418845c96bbb9695a24dd757ea603a568e6b3fb7d86c5198223e34422fd2

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /assets/img/BANNIERE1.jpg HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=3b4eef962ec9a5c2c17857d4137635c7; ci_session=d1f28e1786013170c59d77e1a5386e755c00c3cc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 02:04:30 GMT
Server: Apache
Last-Modified: Fri, 04 Jun 2021 13:47:35 GMT
Accept-Ranges: bytes
Content-Length: 101211
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

fylybook.com/assets/img/bg_small.png

66.29.145.237

200 OK

102 B

URL HTTP/1.1
fylybook.com/assets/img/bg_small.png
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 100 x 75, 1-bit colormap, non-interlaced\012- data
Size
102 B (102 bytes)
Hash
1f17e0a69aa22f59150e769b16a91aaf
ba24320b52f6ea1f0dae3d12507154eb3a5460d7
1849588ebd7c473c46eb277f5a627f02e49712f562f0750f3dcfe78d1707651c

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /assets/img/bg_small.png HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=3b4eef962ec9a5c2c17857d4137635c7; ci_session=d1f28e1786013170c59d77e1a5386e755c00c3cc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 02:04:30 GMT
Server: Apache
Last-Modified: Mon, 09 Dec 2019 15:53:48 GMT
Accept-Ranges: bytes
Content-Length: 102
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

fylybook.com/uploads/logo/logo_60900873878be.png

66.29.145.237

200 OK

35 kB

URL HTTP/1.1
fylybook.com/uploads/logo/logo_60900873878be.png
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 500 x 211, 8-bit/color RGBA, non-interlaced\012- data
Size
35 kB (35209 bytes)
Hash
c573b8889b0ce9e7ec14d982bd84fb10
61329d84d3670bb3e1a7a20bd2d9b92c840f6a9c
d9b06d2fedc37fa80842dcea009e9d6216f869629d214591c9abe405293c485c

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /uploads/logo/logo_60900873878be.png HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=3b4eef962ec9a5c2c17857d4137635c7; ci_session=d1f28e1786013170c59d77e1a5386e755c00c3cc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 02:04:30 GMT
Server: Apache
Last-Modified: Mon, 03 May 2021 18:28:02 GMT
Accept-Ranges: bytes
Content-Length: 35209
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

fylybook.com/uploads/images/image_650x433_60ae766b3b60c.jpg

66.29.145.237

200 OK

38 kB

URL HTTP/1.1
fylybook.com/uploads/images/image_650x433_60ae766b3b60c.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", progressive, precision 8, 650x433, components 3\012- data
Size
38 kB (37826 bytes)
Hash
9acb807192ec6b0f132fd833ab905927
8d3129fee2b188b8d71f364b8b363589b707c5ed
b46e954f613c363ecafba08aa84f44f250dceb9cf88d15bfe52e8edcaf1ae310

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /uploads/images/image_650x433_60ae766b3b60c.jpg HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=3b4eef962ec9a5c2c17857d4137635c7; ci_session=d1f28e1786013170c59d77e1a5386e755c00c3cc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 02:04:30 GMT
Server: Apache
Last-Modified: Wed, 26 May 2021 16:25:16 GMT
Accept-Ranges: bytes
Content-Length: 37826
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg

fylybook.com/assets/img/BANNIERE3.jpg

66.29.145.237

200 OK

100 kB

URL HTTP/1.1
fylybook.com/assets/img/BANNIERE3.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 750x415, components 3\012- data
Size
100 kB (100309 bytes)
Hash
1e636161f86816111acf57c039735397
c47f20a6339deace5437b7f711a56e77b34c7af9
cffa2ffd9c497ba4d345080b8352500c55f03d1b4f255c470045b1deb90d4cde

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /assets/img/BANNIERE3.jpg HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=3b4eef962ec9a5c2c17857d4137635c7; ci_session=d1f28e1786013170c59d77e1a5386e755c00c3cc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 02:04:30 GMT
Server: Apache
Last-Modified: Wed, 26 May 2021 19:54:26 GMT
Accept-Ranges: bytes
Content-Length: 100309
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

fylybook.com/uploads/images/image_650x433_608fefb1068ce.jpg

66.29.145.237

200 OK

47 kB

URL HTTP/1.1
fylybook.com/uploads/images/image_650x433_608fefb1068ce.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 85", progressive, precision 8, 650x433, components 3\012- data
Size
47 kB (46577 bytes)
Hash
4832f79bfc068c8d79055b1e28318544
6f2fb6ba731f24c2671f1ff31d4d76cb0af2590f
a65df177bae560704236873423d60f33aa69def8dcc802251edfd27f14770439

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /uploads/images/image_650x433_608fefb1068ce.jpg HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=3b4eef962ec9a5c2c17857d4137635c7; ci_session=d1f28e1786013170c59d77e1a5386e755c00c3cc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 02:04:30 GMT
Server: Apache
Last-Modified: Mon, 03 May 2021 16:42:24 GMT
Accept-Ranges: bytes
Content-Length: 46577
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

fylybook.com/assets/img/BANNIERE2.jpg

66.29.145.237

200 OK

132 kB

URL HTTP/1.1
fylybook.com/assets/img/BANNIERE2.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 750x415, components 3\012- data
Size
132 kB (131956 bytes)
Hash
7e5cdd220279a6eb2f52f5cfac24e5a1
e86e68c835998b6d25e1aa50c0ad0df947b3e45d
6f572566c0a8855192c18e7398d94f63944e69502725ec61e65993a55ca379da

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /assets/img/BANNIERE2.jpg HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=3b4eef962ec9a5c2c17857d4137635c7; ci_session=d1f28e1786013170c59d77e1a5386e755c00c3cc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 02:04:30 GMT
Server: Apache
Last-Modified: Fri, 04 Jun 2021 13:47:35 GMT
Accept-Ranges: bytes
Content-Length: 131956
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

fylybook.com/uploads/images/image_100x75_60ae766a08f4e.jpg

66.29.145.237

200 OK

2.9 kB

URL HTTP/1.1
fylybook.com/uploads/images/image_100x75_60ae766a08f4e.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", progressive, precision 8, 100x75, components 3\012- data
Size
2.9 kB (2908 bytes)
Hash
ebeb04e6e5156e7bf34960665c379baa
d074251ed0befe8a2e13029ef3f3b21d05148e87
873a9ddfedca2a5557da80d9b3c9f1960eab95478d8e3953c61ff7ff27dba9fa

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /uploads/images/image_100x75_60ae766a08f4e.jpg HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=3b4eef962ec9a5c2c17857d4137635c7; ci_session=d1f28e1786013170c59d77e1a5386e755c00c3cc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 02:04:30 GMT
Server: Apache
Last-Modified: Wed, 26 May 2021 16:25:15 GMT
Accept-Ranges: bytes
Content-Length: 2908
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

fylybook.com/uploads/images/image_100x75_608fefb0a41ed.jpg

66.29.145.237

200 OK

3.1 kB

URL HTTP/1.1
fylybook.com/uploads/images/image_100x75_608fefb0a41ed.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 85", progressive, precision 8, 100x75, components 3\012- data
Size
3.1 kB (3069 bytes)
Hash
0533cecf7acd0634ea061b69ec5db4ba
8d8e2dd822138b6a4b33411afb8772a78b8409e1
21cad71ac39578c27085cf07a0439c014d496dfbf45a950f165e8343f458d668

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /uploads/images/image_100x75_608fefb0a41ed.jpg HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=3b4eef962ec9a5c2c17857d4137635c7; ci_session=d1f28e1786013170c59d77e1a5386e755c00c3cc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 02:04:30 GMT
Server: Apache
Last-Modified: Mon, 03 May 2021 16:42:24 GMT
Accept-Ranges: bytes
Content-Length: 3069
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

fylybook.com/uploads/logo/logo_608ff24b0f56b2.png

66.29.145.237

200 OK

32 kB

URL HTTP/1.1
fylybook.com/uploads/logo/logo_608ff24b0f56b2.png
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 466 x 496, 8-bit/color RGB, non-interlaced\012- data
Size
32 kB (32126 bytes)
Hash
8ac4752192e90fab051246c89b8cb83e
ff1105dd03ba2fd7c272cfb7caa58358b77b3ecf
783457b72ff5313e6143ce81c26ea3760f9439ed4869e4cc2c0bb0076d11fa7f

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /uploads/logo/logo_608ff24b0f56b2.png HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=3b4eef962ec9a5c2c17857d4137635c7; ci_session=d1f28e1786013170c59d77e1a5386e755c00c3cc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 02:04:30 GMT
Server: Apache
Last-Modified: Mon, 03 May 2021 16:53:30 GMT
Accept-Ranges: bytes
Content-Length: 32126
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

fonts.googleapis.com/css?family=PT+Sans:400,700&subset=cyrillic-ext,latin-ext

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=PT+Sans:400,700&subset=cyrillic-ext,latin-ext
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=PT+Sans:400,700&subset=cyrillic-ext,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 07 Oct 2022 02:04:29 GMT
date: Fri, 07 Oct 2022 02:04:29 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Cherry+Swash:400,700&subset=latin-ext

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Cherry+Swash:400,700&subset=latin-ext
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Cherry+Swash:400,700&subset=latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 07 Oct 2022 02:04:29 GMT
date: Fri, 07 Oct 2022 02:04:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations