Report - fylybook.com/lv/adqtimuolliime

Report Overview

Submitted URL
fylybook.com/lv/adqtimuolliime
IP
66.29.145.237
ASN
#22612 NAMECHEAP-NET
Submitted
2022-10-05 19:05:57
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
120

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	56 kB	34.120.237.76
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	34.160.144.191
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	814 B	2.4 kB	142.250.74.10
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.160.97.225
www.applitech.ci	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	387 B	2.4 kB	66.29.145.237
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.5 kB	142.250.74.3
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	936 B	94 kB	216.58.207.195
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	54.230.111.7
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.77.32
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
fylybook.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	13 kB	643 kB	66.29.145.237

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-05	medium	fylybook.com/lv/adqtimuolliime	Malware
2022-10-05	medium	fylybook.com/	Malware
2022-10-05	medium	fylybook.com/assets/vendor/bootstrap/js/bootstrap.min.js	Malware
2022-10-05	medium	fylybook.com/assets/vendor/slick/slick.min.js	Malware
2022-10-05	medium	fylybook.com/assets/js/script-3.9.min.js	Malware
2022-10-05	medium	fylybook.com/assets/js/plugins.js	Malware
2022-10-05	medium	fylybook.com/assets/vendor/font-icons/font/icons.woff2?40718069	Malware
2022-10-05	medium	fylybook.com/assets/js/jquery-1.12.4.min.js	Malware

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed
2022-10-05	medium	fylybook.com	Sinkholed

JavaScript (7)

	URL	Size	First Seen	Last Seen
	fylybook.com/	16 B	2023-03-08	2024-02-27
Pretty URL fylybook.com/ IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:26:38 Last Seen2024-02-27 15:48:56 Times Seen44 Hash 2c473bc2a4f5410664d4be713f0bf508 79ac7caac2531351799403184417e8e18ac063c7 cc9c253758d68c76e591c9b338c2b13d953b77a465ea65762e79c185a26132cb Loading...

	fylybook.com/	191 B	2023-03-08	2023-03-08
Pretty URL fylybook.com/ IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:39:59 Last Seen2023-03-08 07:57:52 Times Seen1 Hash 541f47eaf2049b512830c45880fc8586 cf0ddc69e5aa6ecd0a7ab5703bc27076fbd9c504 655fa2e0de38234003c1755b72fcbe8ee8a1b69367d1d7cd80839824824f49d1 Loading...

	fylybook.com/assets/js/plugins.js	108 kB	2023-03-08	2023-09-15
Pretty URL fylybook.com/assets/js/plugins.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:40:00 Last Seen2023-09-15 23:15:44 Times Seen6 Hash 9b082e426f079d094bbb238588f30a2c b9e0b39de46c4c65c9b2fb98536f19d25ec899bb c16d5f3c8bee6f9f3a0b065787f5996567c7247f65bbe5105e4e6282c342d6cc Loading...

	fylybook.com/	106 B	2023-03-08	2023-03-08
Pretty URL fylybook.com/ IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:39:59 Last Seen2023-03-08 07:57:52 Times Seen1 Hash 50e391086feadb894f56c6f294d2efed f8d50093b863e9a0237772dfcd8e84a5b08754fa df2b8056b151662538dc736cb4baa445ee38ddda4e711cbad9dd3f24e2077800 Loading...

	fylybook.com/assets/vendor/bootstrap/js/bootstrap.min.js	37 kB	2023-03-07	2024-04-18
Pretty URL fylybook.com/assets/vendor/bootstrap/js/bootstrap.min.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:32 Last Seen2024-04-18 08:06:09 Times Seen2824 Hash 04c84852e9937b142ac73c285b895b85 8fb8a9319055253d085edfc3bb72d20f614ec709 36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64 Loading...

	fylybook.com/assets/vendor/slick/slick.min.js	43 kB	2023-03-07	2024-04-18
Pretty URL fylybook.com/assets/vendor/slick/slick.min.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:34 Last Seen2024-04-18 10:02:19 Times Seen34197 Hash d5a61c749e44e47159af8a6579dda121 3b41b3bc956685015a347a2238e71db29dfa0dbb 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740 Loading...

	fylybook.com/assets/js/jquery-1.12.4.min.js	97 kB	2023-03-07	2024-04-12
Pretty URL fylybook.com/assets/js/jquery-1.12.4.min.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:12 Last Seen2024-04-12 07:48:13 Times Seen2247 Hash 618538b4ab9639d444e962729a927f15 dacc1f76630a9708add066819b1aabf8dce01056 27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe Loading...

HTTP Transactions (53)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

54.230.111.7

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kMmvujNIMIyL3rOz908wPI06hNHbTJ8U133UWeIPPYCkIZivpTvxag==
Age: 11908

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
eabb7d9ffae717f7305d63c057755470
3b7f0baccfdbb8d9ffefa4a2215d4d6094be454a
ab48f17e54075e1ecf034278e82bcacd2e3689773186cc84fba9b79aac907294

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4783
Expires: Wed, 05 Oct 2022 20:25:29 GMT
Date: Wed, 05 Oct 2022 19:05:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4ab7d8709d334de0e46dcb86aabfbff1
f221138a8ad9d0bfa3c054370dcdb363a67dc310
b91d37f606eaf448b9c7dfc05566a11de004ce44503409e1a776288ee2622805

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B91D37F606EAF448B9C7DFC05566A11DE004CE44503409E1A776288EE2622805"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7041
Expires: Wed, 05 Oct 2022 21:03:07 GMT
Date: Wed, 05 Oct 2022 19:05:46 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: R3lqwT5IgjPmg0khHopyyIPFdNNy7juJtVfOWuNnYOm2a+9aofM8MY/JA0u6izZBOLrdqJDEcjM=
x-amz-request-id: 76VCNTFT6TNYQRSP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 05 Oct 2022 18:30:26 GMT
age: 2120
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 19:05:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

fylybook.com/lv/adqtimuolliime

66.29.145.237

307 Temporary Redirect

0 B

URL HTTP/1.1
fylybook.com/lv/adqtimuolliime
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /lv/adqtimuolliime HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 307 Temporary Redirect
Date: Wed, 05 Oct 2022 19:05:47 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: infinite_csrf_cookie=5d38e58e3e2ad552c08c9c6c0f54087d; expires=Wed, 05-Oct-2022 21:05:47 GMT; Max-Age=7200; path=/
ci_session=0a7ff3a115f34e3fbaab433e6ebbcc1d32a1797d; expires=Fri, 07-Oct-2022 19:05:47 GMT; Max-Age=172800; path=/; HttpOnly
Location: https://fylybook.com/
Vary: User-Agent
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

54.230.111.7

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Wed, 05 Oct 2022 18:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 05 Oct 2022 18:46:46 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ncY3mYrBKJaDa9KmtBzu_U7UDga05LrURDs8KDZuBVKtWuGBi3yFWA==
Age: 2174

fylybook.com/

66.29.145.237

200 OK

5.4 kB

URL HTTP/1.1
fylybook.com/
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (919), with CRLF, LF line terminators
Size
5.4 kB (5437 bytes)
Hash
2c2ff543f6e16d6dd3613b4afbddeeb5
f32ed3bc19ee11eb5ec0e6b43bd962b0c76187f8
8c3c04964578cb10a5295c993934a4d3d67a0f9bb69e415ba15b02575ac696da

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: infinite_csrf_cookie=5d38e58e3e2ad552c08c9c6c0f54087d; ci_session=0a7ff3a115f34e3fbaab433e6ebbcc1d32a1797d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 19:05:47 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: infinite_csrf_cookie=5d38e58e3e2ad552c08c9c6c0f54087d; expires=Wed, 05-Oct-2022 21:05:47 GMT; Max-Age=7200; path=/
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5437
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 19:05:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 19:05:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=PT+Sans:400,700&subset=cyrillic-ext,latin-ext

142.250.74.10

200 OK

952 B

URL HTTP/2
fonts.googleapis.com/css?family=PT+Sans:400,700&subset=cyrillic-ext,latin-ext
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
952 B (952 bytes)
Hash
dcc1d98e4412c5870197e36669cd0e5d
a4b2a54bb5b27eeadc229204da81865e78b3142a
e4af010a08a2168b4a57526e58c1a4ad35e1d129ac67e0ef03aa4233f3392c67

HTTP Headers

GET /css?family=PT+Sans:400,700&subset=cyrillic-ext,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 05 Oct 2022 19:05:47 GMT
date: Wed, 05 Oct 2022 19:05:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1561c6be7c89d1357a80d12de47b6e74
9a705277922ecca583c867af58b3efce099f83bd
e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5557
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 19:05:47 GMT
Last-Modified: Wed, 05 Oct 2022 17:33:10 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

fylybook.com/assets/vendor/font-icons/css/icons.min.css

66.29.145.237

200 OK

795 B

URL HTTP/1.1
fylybook.com/assets/vendor/font-icons/css/icons.min.css
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (2906), with no line terminators
Size
795 B (795 bytes)
Hash
99cff2067588a810acfb89259109d06d
c5e8baf757dc5b872052edd7740bf73accd2f946
f419ab955d5ee46e489f35fd03769db4c1fd6b23b0dd89233d8a538b60425ab2

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/vendor/font-icons/css/icons.min.css HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=5d38e58e3e2ad552c08c9c6c0f54087d; ci_session=0a7ff3a115f34e3fbaab433e6ebbcc1d32a1797d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 19:05:47 GMT
Server: Apache
Last-Modified: Mon, 09 Dec 2019 15:53:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 795
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

push.services.mozilla.com/

35.160.97.225

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.160.97.225:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bpCzp9B+bvG0R/JeMkYREg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wS/jqhF1RyYZtQaRDAtek5mKU54=

fylybook.com/assets/vendor/bootstrap/css/bootstrap.min.css

66.29.145.237

200 OK

20 kB

URL HTTP/1.1
fylybook.com/assets/vendor/bootstrap/css/bootstrap.min.css
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65367), with CRLF line terminators
Size
20 kB (19749 bytes)
Hash
e8438eabd438f940694edbd4569aa51e
9395d0177441a26b42dad8a09d7fbe2fc6ac2c1a
ccc0a30fa490d287ec17fbc9ff4560d267d0efb697384bc3fab88f1357c5a040

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/vendor/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=5d38e58e3e2ad552c08c9c6c0f54087d; ci_session=0a7ff3a115f34e3fbaab433e6ebbcc1d32a1797d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 19:05:47 GMT
Server: Apache
Last-Modified: Mon, 09 Dec 2019 15:53:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 19749
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

fylybook.com/assets/vendor/slick/slick.min.css

66.29.145.237

200 OK

495 B

URL HTTP/1.1
fylybook.com/assets/vendor/slick/slick.min.css
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (1329), with no line terminators
Size
495 B (495 bytes)
Hash
9c99c80d8a61e2cb27c640aa605ebd00
ef5f58057b6bbec3c54b9f84dae86fa5c6b4cfc3
2b4ba44a54957fc20585e468320c1078484923e5b9e3d30553c4c9e44e8b7e46

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/vendor/slick/slick.min.css HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=5d38e58e3e2ad552c08c9c6c0f54087d; ci_session=0a7ff3a115f34e3fbaab433e6ebbcc1d32a1797d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 19:05:48 GMT
Server: Apache
Last-Modified: Mon, 09 Dec 2019 15:53:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 495
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

fylybook.com/assets/css/magnific-popup.min.css

66.29.145.237

200 OK

1.6 kB

URL HTTP/1.1
fylybook.com/assets/css/magnific-popup.min.css
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (5257), with no line terminators
Size
1.6 kB (1575 bytes)
Hash
0fbee1824d0e377756b1bda7ef32d1a4
aad925759dd40d187c1c56aefedd2712681fcb92
8c58b8361d7e8d1662bf7e7edfd08e0f6900698dd05dae14c3f0175f422083e9

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/css/magnific-popup.min.css HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=5d38e58e3e2ad552c08c9c6c0f54087d; ci_session=0a7ff3a115f34e3fbaab433e6ebbcc1d32a1797d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 19:05:48 GMT
Server: Apache
Last-Modified: Mon, 09 Dec 2019 15:53:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1575
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

fylybook.com/assets/css/colors/yellow.min.css

66.29.145.237

200 OK

999 B

URL HTTP/1.1
fylybook.com/assets/css/colors/yellow.min.css
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (4600), with no line terminators
Size
999 B (999 bytes)
Hash
4d9487c906706e3252989120d0e5577c
dad9ccf87ef4ead4e0004abc5b7a958f44d48a05
f889ec7373ef63ff5a550310df4196310141987b44226ddca88cdc3bc08f4464

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/css/colors/yellow.min.css HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=5d38e58e3e2ad552c08c9c6c0f54087d; ci_session=0a7ff3a115f34e3fbaab433e6ebbcc1d32a1797d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 19:05:48 GMT
Server: Apache
Last-Modified: Mon, 09 Dec 2019 15:53:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 999
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

fylybook.com/assets/vendor/bootstrap/js/bootstrap.min.js

66.29.145.237

200 OK

9.8 kB

URL HTTP/1.1
fylybook.com/assets/vendor/bootstrap/js/bootstrap.min.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (32033), with CRLF line terminators
Size
9.8 kB (9838 bytes)
Hash
43c22cf7a7909e424cdb9edbd0f3de1a
3edbbd8b7300b8c191fb986a768b915bb572360b
b1e6ac878e5d746cdada02ab3c918d6e4430bc873423885b568bcd21de6c642c

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/vendor/bootstrap/js/bootstrap.min.js HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=5d38e58e3e2ad552c08c9c6c0f54087d; ci_session=0a7ff3a115f34e3fbaab433e6ebbcc1d32a1797d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 19:05:48 GMT
Server: Apache
Last-Modified: Mon, 09 Dec 2019 15:53:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 9838
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

fylybook.com/assets/css/style-3.9.min.css

66.29.145.237

200 OK

12 kB

URL HTTP/1.1
fylybook.com/assets/css/style-3.9.min.css
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Size
12 kB (11982 bytes)
Hash
1f2fc0a80a1259c3cba376378c4c83b7
d466686390b1a8cbe4ab299b2762820cb02b85b8
73bd09bc6ee348fd2aadd106aaaa8ee96d4898fa4934dd521633886fe9a61ab6

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/css/style-3.9.min.css HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=5d38e58e3e2ad552c08c9c6c0f54087d; ci_session=0a7ff3a115f34e3fbaab433e6ebbcc1d32a1797d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 19:05:48 GMT
Server: Apache
Last-Modified: Mon, 09 Dec 2019 15:53:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 11982
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

fylybook.com/assets/vendor/slick/slick.min.js

66.29.145.237

200 OK

10 kB

URL HTTP/1.1
fylybook.com/assets/vendor/slick/slick.min.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (42862)
Size
10 kB (10442 bytes)
Hash
a200e519b47aabb15179d3d44b42a20d
40f67edd6550052b130507ed1a56650c6bdb798f
ea316b7198f70a2c53e9f534e6c2b9f6e570e4a7369d5c0508cd38de275717db

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/vendor/slick/slick.min.js HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=5d38e58e3e2ad552c08c9c6c0f54087d; ci_session=0a7ff3a115f34e3fbaab433e6ebbcc1d32a1797d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 19:05:48 GMT
Server: Apache
Last-Modified: Mon, 09 Dec 2019 15:53:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 10442
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

fylybook.com/assets/js/script-3.9.min.js

66.29.145.237

200 OK

2.5 kB

URL HTTP/1.1
fylybook.com/assets/js/script-3.9.min.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (10341), with no line terminators
Size
2.5 kB (2507 bytes)
Hash
6aaa4cfbb6ca0035c72a92c2d6c3e2a2
3e3e1ae75651e4e3406ccea9783640fe9ce6ed7d
c977a2b0ae810d15b8d7643d324527b71a163be288cc24091b72fdc95e7f8996

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/js/script-3.9.min.js HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=5d38e58e3e2ad552c08c9c6c0f54087d; ci_session=0a7ff3a115f34e3fbaab433e6ebbcc1d32a1797d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 19:05:48 GMT
Server: Apache
Last-Modified: Mon, 09 Dec 2019 15:53:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2507
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 19:05:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 19:05:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fylybook.com/assets/js/plugins.js

66.29.145.237

200 OK

35 kB

URL HTTP/1.1
fylybook.com/assets/js/plugins.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (23122)
Size
35 kB (34786 bytes)
Hash
9e14486b3c99d61bc012203502f2f3ed
edc5231dd0bb6a51af40245f9acaf10c4975c46c
66f561b830f4aa03965d5cd571a2bda87bc8b2326584ac46b38ef7550f964ae1

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/js/plugins.js HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=5d38e58e3e2ad552c08c9c6c0f54087d; ci_session=0a7ff3a115f34e3fbaab433e6ebbcc1d32a1797d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 19:05:48 GMT
Server: Apache
Last-Modified: Mon, 09 Dec 2019 15:53:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 34786
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

216.58.207.195

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 45300, version 1.0\012- data
Size
45 kB (45300 bytes)
Hash
5fe660c3a23b871807b0e1d3ee973d23
62a9dd423b30b6ee3ab3dd40d573545d579af10a
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

HTTP Headers

GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fylybook.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:27:53 GMT
expires: Thu, 28 Sep 2023 19:27:53 GMT
cache-control: public, max-age=31536000
age: 603475
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2

216.58.207.195

200 OK

47 kB

URL HTTP/2
fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 47048, version 1.0\012- data
Size
47 kB (47048 bytes)
Hash
87a1556b696ae2cb1a726bd8c4584a2f
1be0f6f39e0cf316f9827f945eeeaef8294cc37b
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

HTTP Headers

GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fylybook.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:27:54 GMT
expires: Thu, 28 Sep 2023 19:27:54 GMT
cache-control: public, max-age=31536000
age: 603474
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fylybook.com/assets/img/bg_small.png

66.29.145.237

200 OK

102 B

URL HTTP/1.1
fylybook.com/assets/img/bg_small.png
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 100 x 75, 1-bit colormap, non-interlaced\012- data
Size
102 B (102 bytes)
Hash
1f17e0a69aa22f59150e769b16a91aaf
ba24320b52f6ea1f0dae3d12507154eb3a5460d7
1849588ebd7c473c46eb277f5a627f02e49712f562f0750f3dcfe78d1707651c

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/bg_small.png HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=5d38e58e3e2ad552c08c9c6c0f54087d; ci_session=0a7ff3a115f34e3fbaab433e6ebbcc1d32a1797d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 19:05:48 GMT
Server: Apache
Last-Modified: Mon, 09 Dec 2019 15:53:48 GMT
Accept-Ranges: bytes
Content-Length: 102
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 19:05:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fylybook.com/assets/vendor/font-icons/font/icons.woff2?40718069

66.29.145.237

200 OK

10 kB

URL HTTP/1.1
fylybook.com/assets/vendor/font-icons/font/icons.woff2?40718069
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 10236, version 1.0\012- data
Size
10 kB (10236 bytes)
Hash
92d7de8de6655354f068f8efe5529b76
46d294cb0cbc32fdcd6e9dbc2b139ed9c33095c2
344995123c7d4557e123a57af30c8640c4beeaa174282dd075541ab93481881f

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/vendor/font-icons/font/icons.woff2?40718069 HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://fylybook.com/assets/vendor/font-icons/css/icons.min.css
Cookie: infinite_csrf_cookie=5d38e58e3e2ad552c08c9c6c0f54087d; ci_session=0a7ff3a115f34e3fbaab433e6ebbcc1d32a1797d
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 19:05:48 GMT
Server: Apache
Last-Modified: Mon, 09 Dec 2019 15:53:48 GMT
Accept-Ranges: bytes
Content-Length: 10236
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff2

fylybook.com/uploads/logo/logo_60900873878be.png

66.29.145.237

200 OK

35 kB

URL HTTP/1.1
fylybook.com/uploads/logo/logo_60900873878be.png
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 500 x 211, 8-bit/color RGBA, non-interlaced\012- data
Size
35 kB (35209 bytes)
Hash
c573b8889b0ce9e7ec14d982bd84fb10
61329d84d3670bb3e1a7a20bd2d9b92c840f6a9c
d9b06d2fedc37fa80842dcea009e9d6216f869629d214591c9abe405293c485c

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/logo/logo_60900873878be.png HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=5d38e58e3e2ad552c08c9c6c0f54087d; ci_session=0a7ff3a115f34e3fbaab433e6ebbcc1d32a1797d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 19:05:48 GMT
Server: Apache
Last-Modified: Mon, 03 May 2021 18:28:02 GMT
Accept-Ranges: bytes
Content-Length: 35209
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

fylybook.com/uploads/logo/logo_60900873878be1.png

66.29.145.237

200 OK

35 kB

URL HTTP/1.1
fylybook.com/uploads/logo/logo_60900873878be1.png
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 500 x 211, 8-bit/color RGBA, non-interlaced\012- data
Size
35 kB (35209 bytes)
Hash
c573b8889b0ce9e7ec14d982bd84fb10
61329d84d3670bb3e1a7a20bd2d9b92c840f6a9c
d9b06d2fedc37fa80842dcea009e9d6216f869629d214591c9abe405293c485c

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/logo/logo_60900873878be1.png HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=5d38e58e3e2ad552c08c9c6c0f54087d; ci_session=0a7ff3a115f34e3fbaab433e6ebbcc1d32a1797d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 19:05:48 GMT
Server: Apache
Last-Modified: Mon, 03 May 2021 18:28:02 GMT
Accept-Ranges: bytes
Content-Length: 35209
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

fylybook.com/assets/img/bg_slider.png

66.29.145.237

200 OK

142 B

URL HTTP/1.1
fylybook.com/assets/img/bg_slider.png
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 650 x 433, 1-bit colormap, non-interlaced\012- data
Size
142 B (142 bytes)
Hash
5d475fa5a9a7f06f3cba3a8a99040c08
779a23196999501a825175453ba70d66106694a3
304a1699a049b544c6309875b3d7f8e24a3a1f800549ada4a06b52de91d7f61d

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/bg_slider.png HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=5d38e58e3e2ad552c08c9c6c0f54087d; ci_session=0a7ff3a115f34e3fbaab433e6ebbcc1d32a1797d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 19:05:48 GMT
Server: Apache
Last-Modified: Mon, 09 Dec 2019 15:53:48 GMT
Accept-Ranges: bytes
Content-Length: 142
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

fylybook.com/uploads/images/image_100x75_608fefb0a41ed.jpg

66.29.145.237

200 OK

3.1 kB

URL HTTP/1.1
fylybook.com/uploads/images/image_100x75_608fefb0a41ed.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 85", progressive, precision 8, 100x75, components 3\012- data
Size
3.1 kB (3069 bytes)
Hash
0533cecf7acd0634ea061b69ec5db4ba
8d8e2dd822138b6a4b33411afb8772a78b8409e1
21cad71ac39578c27085cf07a0439c014d496dfbf45a950f165e8343f458d668

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/images/image_100x75_608fefb0a41ed.jpg HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=5d38e58e3e2ad552c08c9c6c0f54087d; ci_session=0a7ff3a115f34e3fbaab433e6ebbcc1d32a1797d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 19:05:48 GMT
Server: Apache
Last-Modified: Mon, 03 May 2021 16:42:24 GMT
Accept-Ranges: bytes
Content-Length: 3069
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5916
Expires: Wed, 05 Oct 2022 20:44:25 GMT
Date: Wed, 05 Oct 2022 19:05:49 GMT
Connection: keep-alive

www.applitech.ci/assets/images/footer-logo.png

66.29.145.237

200 OK

2.1 kB

URL HTTP/1.1
www.applitech.ci/assets/images/footer-logo.png
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 114 x 22, 8-bit/color RGBA, non-interlaced\012- data
Size
2.1 kB (2135 bytes)
Hash
5c73bd9c23ad153e0da45e00b33df874
76f271acf7a997b3a1eed83a07a19d6741bceceb
d5b02e1f8898ce67467ac4b8febd58756397cdc7b612bbadf2acccdf6ad38487

HTTP Headers

GET /assets/images/footer-logo.png HTTP/1.1
Host: www.applitech.ci
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 19:05:48 GMT
Server: Apache
Last-Modified: Fri, 18 Mar 2022 17:26:24 GMT
Accept-Ranges: bytes
Content-Length: 2135
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5916
Expires: Wed, 05 Oct 2022 20:44:25 GMT
Date: Wed, 05 Oct 2022 19:05:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5916
Expires: Wed, 05 Oct 2022 20:44:25 GMT
Date: Wed, 05 Oct 2022 19:05:49 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5832 bytes)
Hash
3257b782efae9b64e6e18a547866ec50
4daf0c001e86af8477fb097e8ca932edb8e5f981
899f9692e86405aa288d88dd285a6fe26bedab1a2ca4693212476063890b01a5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5832
x-amzn-requestid: c4427edd-3d71-47d0-a2d3-b3bfed089535
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1FuUoAMFhBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-46ddff150da4141d23fc0d8a;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iR82CJ6A06dpqy_nm6JrmjeUJT-uhI5rr0dr6ZnhrQQo9Jqxh10qRQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:43:43 GMT
age: 76926
etag: "4daf0c001e86af8477fb097e8ca932edb8e5f981"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8926 bytes)
Hash
1de7c17a0ba9295135e7f8b490b6a8d3
70e8d1589f3daf71378965dd197934e220fb6aa4
ee559ce3166479e2b930be7d18525f5c2d164aed8ca005302ddaf3bfe37eec24

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8926
x-amzn-requestid: 27fc8976-af8d-40a3-b701-0642fa135ec4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1GSbIAMFTiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-4d4c7837576e0fdb5828fe3b;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YzVofPSJC-YVU1Q1V9AnjNeQTa1BQEh6ZiH2HjSeeX5RygysFP7oAA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:43:25 GMT
age: 76944
etag: "70e8d1589f3daf71378965dd197934e220fb6aa4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10158 bytes)
Hash
4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aeOU8fGkf5uHuYZ79k17EzxiFnwm0_z7SeZJElgwECzRyhR2N_SYJA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:06:09 GMT
age: 53980
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3de74da8-9c15-4010-a6fb-c1e0b5fd8804.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13615 bytes)
Hash
42ab91a02aa34dbcc6d56e75fd0d7fc5
32a3ebb440b3d770c446bef75c39ce788ffeb034
397373a17846231eb149c3a207574b79c5ca6c7832ffd48da9c8f1e8e0aa9f69

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3de74da8-9c15-4010-a6fb-c1e0b5fd8804.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13615
x-amzn-requestid: 3aaef924-99ea-407a-acc6-ec7d294952a3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaHG_GDcoAMFfuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a522c-488613591ddf46181bdded50;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 03:08:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2EtPbSkffJVkwiA3hlDRimFxjNmd2FXv4vwcQZ2aYBsiF4ApXgHrLQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:40:34 GMT
age: 51915
etag: "32a3ebb440b3d770c446bef75c39ce788ffeb034"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.6 kB (3585 bytes)
Hash
5d7d7df8d4c440f9db445c3d99e818d6
612b6dbd4ba895c167964ff7e6d9263013b52b0a
bf527a814c78f9e010cce4ba593c9146d54a2137d1f147f7a6250fbad81956ac

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3585
x-amzn-requestid: 43c510d4-d87c-4665-a132-d798b836d415
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaJbLHEOoAMFfxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a55e0-614faff31425ff183b7ca4dd;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 03:24:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: d1LCc44Gj_0Je8adu7Iv3I9MwkaDPgWqlNHI96UAtZub22l210J65A==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:53:07 GMT
age: 51162
etag: "612b6dbd4ba895c167964ff7e6d9263013b52b0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8857940-5ca2-44ba-8a66-f396a605d5b4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (7021 bytes)
Hash
229c99cfb655a8c9f1a22de69fdff73c
6b5db8fbfb56f083d54b13e7660d0e4bc866aa00
f4099e9153c3dc481add95b0f24dbb8f6d65cc74ad5631d9cb6c6f2a0351843d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8857940-5ca2-44ba-8a66-f396a605d5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7021
x-amzn-requestid: 2e30bdac-360e-4d0a-8bb7-c3144e074abe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8ucHb1oAMFjYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7f5-18ba6bc50cb32b1e14c882bd;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: UPEhTwAYEIRy-Cnb0ITefEotLyg3rFe_NaGy92xwWe_7hrdo6UQLwQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:56:53 GMT
age: 76136
etag: "6b5db8fbfb56f083d54b13e7660d0e4bc866aa00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fylybook.com/uploads/images/image_100x75_60ae766a08f4e.jpg

66.29.145.237

200 OK

2.9 kB

URL HTTP/1.1
fylybook.com/uploads/images/image_100x75_60ae766a08f4e.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", progressive, precision 8, 100x75, components 3\012- data
Size
2.9 kB (2908 bytes)
Hash
ebeb04e6e5156e7bf34960665c379baa
d074251ed0befe8a2e13029ef3f3b21d05148e87
873a9ddfedca2a5557da80d9b3c9f1960eab95478d8e3953c61ff7ff27dba9fa

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/images/image_100x75_60ae766a08f4e.jpg HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=5d38e58e3e2ad552c08c9c6c0f54087d; ci_session=0a7ff3a115f34e3fbaab433e6ebbcc1d32a1797d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 19:05:48 GMT
Server: Apache
Last-Modified: Wed, 26 May 2021 16:25:15 GMT
Accept-Ranges: bytes
Content-Length: 2908
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

fylybook.com/assets/img/BANNIERE1.jpg

66.29.145.237

200 OK

101 kB

URL HTTP/1.1
fylybook.com/assets/img/BANNIERE1.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 750x415, components 3\012- data
Size
101 kB (101211 bytes)
Hash
c8a8d8c16e682d11c58b0318e9865957
57f1544428d954f44bd2ce3285802dfba60ccbf4
c6ef418845c96bbb9695a24dd757ea603a568e6b3fb7d86c5198223e34422fd2

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/BANNIERE1.jpg HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=5d38e58e3e2ad552c08c9c6c0f54087d; ci_session=0a7ff3a115f34e3fbaab433e6ebbcc1d32a1797d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 19:05:48 GMT
Server: Apache
Last-Modified: Fri, 04 Jun 2021 13:47:35 GMT
Accept-Ranges: bytes
Content-Length: 101211
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

fylybook.com/uploads/images/image_650x433_60ae766b3b60c.jpg

66.29.145.237

200 OK

38 kB

URL HTTP/1.1
fylybook.com/uploads/images/image_650x433_60ae766b3b60c.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", progressive, precision 8, 650x433, components 3\012- data
Size
38 kB (37826 bytes)
Hash
9acb807192ec6b0f132fd833ab905927
8d3129fee2b188b8d71f364b8b363589b707c5ed
b46e954f613c363ecafba08aa84f44f250dceb9cf88d15bfe52e8edcaf1ae310

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/images/image_650x433_60ae766b3b60c.jpg HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=5d38e58e3e2ad552c08c9c6c0f54087d; ci_session=0a7ff3a115f34e3fbaab433e6ebbcc1d32a1797d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 19:05:49 GMT
Server: Apache
Last-Modified: Wed, 26 May 2021 16:25:16 GMT
Accept-Ranges: bytes
Content-Length: 37826
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

fylybook.com/assets/img/BANNIERE3.jpg

66.29.145.237

200 OK

100 kB

URL HTTP/1.1
fylybook.com/assets/img/BANNIERE3.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 750x415, components 3\012- data
Size
100 kB (100309 bytes)
Hash
1e636161f86816111acf57c039735397
c47f20a6339deace5437b7f711a56e77b34c7af9
cffa2ffd9c497ba4d345080b8352500c55f03d1b4f255c470045b1deb90d4cde

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/BANNIERE3.jpg HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=5d38e58e3e2ad552c08c9c6c0f54087d; ci_session=0a7ff3a115f34e3fbaab433e6ebbcc1d32a1797d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 19:05:48 GMT
Server: Apache
Last-Modified: Wed, 26 May 2021 19:54:26 GMT
Accept-Ranges: bytes
Content-Length: 100309
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg

fylybook.com/assets/img/BANNIERE2.jpg

66.29.145.237

200 OK

132 kB

URL HTTP/1.1
fylybook.com/assets/img/BANNIERE2.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 750x415, components 3\012- data
Size
132 kB (131956 bytes)
Hash
7e5cdd220279a6eb2f52f5cfac24e5a1
e86e68c835998b6d25e1aa50c0ad0df947b3e45d
6f572566c0a8855192c18e7398d94f63944e69502725ec61e65993a55ca379da

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/BANNIERE2.jpg HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=5d38e58e3e2ad552c08c9c6c0f54087d; ci_session=0a7ff3a115f34e3fbaab433e6ebbcc1d32a1797d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 19:05:48 GMT
Server: Apache
Last-Modified: Fri, 04 Jun 2021 13:47:35 GMT
Accept-Ranges: bytes
Content-Length: 131956
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

fylybook.com/uploads/images/image_650x433_608fefb1068ce.jpg

66.29.145.237

200 OK

47 kB

URL HTTP/1.1
fylybook.com/uploads/images/image_650x433_608fefb1068ce.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 85", progressive, precision 8, 650x433, components 3\012- data
Size
47 kB (46577 bytes)
Hash
4832f79bfc068c8d79055b1e28318544
6f2fb6ba731f24c2671f1ff31d4d76cb0af2590f
a65df177bae560704236873423d60f33aa69def8dcc802251edfd27f14770439

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/images/image_650x433_608fefb1068ce.jpg HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=5d38e58e3e2ad552c08c9c6c0f54087d; ci_session=0a7ff3a115f34e3fbaab433e6ebbcc1d32a1797d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 19:05:49 GMT
Server: Apache
Last-Modified: Mon, 03 May 2021 16:42:24 GMT
Accept-Ranges: bytes
Content-Length: 46577
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

fylybook.com/uploads/logo/logo_608ff24b0f56b2.png

66.29.145.237

200 OK

32 kB

URL HTTP/1.1
fylybook.com/uploads/logo/logo_608ff24b0f56b2.png
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 466 x 496, 8-bit/color RGB, non-interlaced\012- data
Size
32 kB (32126 bytes)
Hash
8ac4752192e90fab051246c89b8cb83e
ff1105dd03ba2fd7c272cfb7caa58358b77b3ecf
783457b72ff5313e6143ce81c26ea3760f9439ed4869e4cc2c0bb0076d11fa7f

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/logo/logo_608ff24b0f56b2.png HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=5d38e58e3e2ad552c08c9c6c0f54087d; ci_session=0a7ff3a115f34e3fbaab433e6ebbcc1d32a1797d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 19:05:49 GMT
Server: Apache
Last-Modified: Mon, 03 May 2021 16:53:30 GMT
Accept-Ranges: bytes
Content-Length: 32126
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

fonts.googleapis.com/css?family=Cherry+Swash:400,700&subset=latin-ext

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Cherry+Swash:400,700&subset=latin-ext
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Cherry+Swash:400,700&subset=latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 05 Oct 2022 19:05:47 GMT
date: Wed, 05 Oct 2022 19:05:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fylybook.com/assets/js/jquery-1.12.4.min.js

66.29.145.237

200 OK

0 B

URL HTTP/1.1
fylybook.com/assets/js/jquery-1.12.4.min.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/js/jquery-1.12.4.min.js HTTP/1.1
Host: fylybook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fylybook.com/
Cookie: infinite_csrf_cookie=5d38e58e3e2ad552c08c9c6c0f54087d; ci_session=0a7ff3a115f34e3fbaab433e6ebbcc1d32a1797d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 19:05:48 GMT
Server: Apache
Last-Modified: Mon, 09 Dec 2019 15:53:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 33769
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (53)

URL HTTP/1.1

IP

ASN

File type

Size