| fiash.info/theme/default/layer.css?v=3.1.1 | 104.21.34.6 | 200 OK | 14 kB |
URL GET HTTP/3fiash.info/theme/default/layer.css?v=3.1.1 IP104.21.34.6:443
CertificateIssuerGoogle Trust Services LLC Subjectfiash.info Fingerprint7A:B7:B9:85:94:B9:F4:F3:9C:91:42:33:C7:59:4E:E0:80:DF:7C:AB ValidityFri, 22 Mar 2024 06:56:10 GMT - Thu, 20 Jun 2024 06:56:09 GMT
File typeASCII text, with very long lines (14367), with no line terminators Hash3d2e0d91c5c0b96abb8dbdc2234aba77 9d55e153b30fd7414fada5718e20918e9c7f65e7 e3144d018a6a24f733c6fc2a2ee603fb583f0030585e9d4b71bec471b78e31fc
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /theme/default/layer.css?v=3.1.1 HTTP/1.1
Host: fiash.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fiash.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:54:23 GMT
content-type: text/css
last-modified: Mon, 26 Feb 2024 09:20:38 GMT
etag: W/"381f-612456c3f315e-gzip"
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EsxxWf5HHnyqU2fKRIPPp8oTpMOcV%2BJhAraMxx2lQpjJqUiGDVSDnPwon6lK7oQsShNOnW78ysrjUNvhMXMydQz20UXD2LGQONvNhhM%2B9vuwrYdPvW9%2BKLO%2FzWWC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c13fc3855b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fiash.info/flash1.php?search= | 104.21.34.6 | 200 OK | 4 B |
URL GET HTTP/3fiash.info/flash1.php?search= IP104.21.34.6:443
CertificateIssuerGoogle Trust Services LLC Subjectfiash.info Fingerprint7A:B7:B9:85:94:B9:F4:F3:9C:91:42:33:C7:59:4E:E0:80:DF:7C:AB ValidityFri, 22 Mar 2024 06:56:10 GMT - Thu, 20 Jun 2024 06:56:09 GMT
File typeASCII text, with no line terminators Hashca2cd2bcc63c4d7c8725577442073dde b736efda7342c257b42af16d6f7b8da01d5aa165 bf0c97708b849de696e7373508b13c5ea92bafa972fc941d694443e494a4b84d
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /flash1.php?search= HTTP/1.1
Host: fiash.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fiash.info
DNT: 1
Connection: keep-alive
Referer: https://www.fiash.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:54:23 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FuasVeV%2BT8YM48e5spciYaftTEzZuvvgSlbMOK97RD2RwMF327GHV2ZHk98dhWtgyxNJ11I70wcLfk%2FecjAb9%2BZfMoYh4N%2FkMDTcN7OoaY7TDtcSruCZRL55EQCZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c13fdda25b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 104.21.34.6 | 200 OK | 73 B |
URL User Request GET HTTP/2IP104.21.34.6:443
CertificateIssuerGoogle Trust Services LLC Subjectfiash.info Fingerprint7A:B7:B9:85:94:B9:F4:F3:9C:91:42:33:C7:59:4E:E0:80:DF:7C:AB ValidityFri, 22 Mar 2024 06:56:10 GMT - Thu, 20 Jun 2024 06:56:09 GMT
File typeHTML document, ASCII text, with no line terminators Hash35baeab14d665a941b43e74b9f07ec25 f7c9ef32d5c1eb427b39eb3dd2c839881dbe3e1a cdbcdc13a2ac281339d8eb2044000f3d4158540682fc85a7f558c86b297583ca
Analyzer | Verdict | Alert | ThreatFox | malicious | Cobalt Strike | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: www.fiash.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:54:21 GMT
content-type: text/html
last-modified: Wed, 27 Mar 2024 09:07:55 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U3rwtgxp7ll3MYraIICOTTJkOdFrgGexxOiQMkFuT%2BG1dDPy%2B%2FPi%2FhwBWM1ut3hBXU5EH0xNKrrkcDLFeVEVUnJ7J9a%2F0N%2FxE4T%2Bq7%2BXBhlzL6mlxHdJsTMVF1VHqpjg6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c13efe9740b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.fiash.info/flash1.js | 104.21.34.6 | 200 OK | 3.1 kB |
IP104.21.34.6:443
CertificateIssuerGoogle Trust Services LLC Subjectfiash.info Fingerprint7A:B7:B9:85:94:B9:F4:F3:9C:91:42:33:C7:59:4E:E0:80:DF:7C:AB ValidityFri, 22 Mar 2024 06:56:10 GMT - Thu, 20 Jun 2024 06:56:09 GMT
File typeUnicode text, UTF-8 text, with very long lines (3196), with no line terminators Hash43f9b71fbdafed356c3859b624630a43 b3ed69f9823d31ddfd485cc5017d1253b5dde990 5fa0bba871c3cb4f7933ff3cbb85f22266268626296222602ca160f524f4a611
Analyzer | Verdict | Alert | ThreatFox | malicious | Cobalt Strike | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /flash1.js HTTP/1.1
Host: www.fiash.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fiash.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:54:21 GMT
content-type: text/javascript
last-modified: Wed, 06 Mar 2024 02:48:02 GMT
etag: W/"bf6-612f4fcc63ca5-gzip"
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4jihbbMbwgV%2Fk6Pa1cDonNtguzFIN2uXyZP3%2BrCul8wZ1qDeoFPH2N0M%2FTm3hWMPiurUULuos6XwQcqFIW37Q%2BKiJhwOMKJQB0CwHv%2FQy%2FypboR1ron5hLdfB0TMZVa9EA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c13f3f9b8b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fiash.info/jquery.min.js | 104.21.34.6 | 200 OK | 83 kB |
IP104.21.34.6:443
CertificateIssuerGoogle Trust Services LLC Subjectfiash.info Fingerprint7A:B7:B9:85:94:B9:F4:F3:9C:91:42:33:C7:59:4E:E0:80:DF:7C:AB ValidityFri, 22 Mar 2024 06:56:10 GMT - Thu, 20 Jun 2024 06:56:09 GMT
File typeJavaScript source, ASCII text, with very long lines (32110) Hashac60b6cb5b378001dc935f43cc1f1f0d cb03904102e6cf63bd733c0d6c3bd84b12c63b5c 4ee91ae434424c169e9813d646510aadfa29135d9e2c2343f701fd93d300cbd7
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /jquery.min.js HTTP/1.1
Host: fiash.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fiash.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:54:22 GMT
content-type: text/javascript
last-modified: Mon, 26 Feb 2024 09:20:40 GMT
etag: W/"14498-612456c5fb9c8-gzip"
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BMjaXXCTUSKv9xnj72YFQGUXMwxMST8glYzJJWZnQN8XPIyv0ZbHYFGPTtdZoc0P0Tv3FChvtOTP4nS5Wlx4cEjg58HElTzXCucLmxhn4pNF3SFaM6fnZ5n4M7Ri"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c13f5db4db4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.fiash.info/favicon.ico | 104.21.34.6 | 404 Not Found | 276 B |
URL GET HTTP/3www.fiash.info/favicon.ico IP104.21.34.6:443
CertificateIssuerGoogle Trust Services LLC Subjectfiash.info Fingerprint7A:B7:B9:85:94:B9:F4:F3:9C:91:42:33:C7:59:4E:E0:80:DF:7C:AB ValidityFri, 22 Mar 2024 06:56:10 GMT - Thu, 20 Jun 2024 06:56:09 GMT
File typeHTML document, ASCII text, with no line terminators Hash8d231c9d7b6ab065f3eb980680f24cbb 2365c5de2c1774915131524a350de73812f5bcc6 35ca87fb1965793e66a4225ff968c6284963a7f06e825be4c175a659c8f286d8
Analyzer | Verdict | Alert | ThreatFox | malicious | Cobalt Strike | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: www.fiash.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fiash.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 05:54:22 GMT
content-type: text/html; charset=iso-8859-1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TyMt2h1tPNYqYFBwDjqJgKqb4eV%2B0eyYjbMwr6T9U0sb4KOgMz1QeZyiEJWhoaDdu9zrUwm3o5jHMmFsc%2BcGAZfy2xtwOtjpwRYpbd0n0XNZuNocEvWa9NUc9rowegMr%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c13f64b9eb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fiash.info/layer.js | 104.21.34.6 | 200 OK | 22 kB |
IP104.21.34.6:443
CertificateIssuerGoogle Trust Services LLC Subjectfiash.info Fingerprint7A:B7:B9:85:94:B9:F4:F3:9C:91:42:33:C7:59:4E:E0:80:DF:7C:AB ValidityFri, 22 Mar 2024 06:56:10 GMT - Thu, 20 Jun 2024 06:56:09 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /layer.js HTTP/1.1
Host: fiash.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fiash.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:54:22 GMT
content-type: text/javascript
last-modified: Mon, 26 Feb 2024 09:20:40 GMT
etag: W/"5664-612456c65e3f6-gzip"
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GhM0szl%2B8EKTSv27vIwqEN0f1TpsDV1A3NX%2BIG9QOLv2ksEXYCm9PlsuXUwqdC0B%2FOg%2B7x%2F1a4kOXvqSE0aRTF52zxlCPMFvkZa1NBmbKR7yKgdUT9LcqgAFvHqI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c13fa9ef6b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|