Report - drive.filen.io/StartAllBack

Report Overview

Submitted URL
drive.filen.io/StartAllBack_3.7.7.4898.zip
IP
146.0.41.207
ASN
#24961 myLoc managed IT AG
Submitted
2024-04-20 08:30:12
Access
public
Website Title
Filen
Final URL
drive.filen.io/login
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
4
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
drive.filen.io	unknown	2020-05-30	2022-11-30	2024-04-17	6.6 kB	1.1 MB	146.0.41.205
cdn.filen.io	unknown	2020-05-30	2022-06-05	2024-04-09	873 B	3.3 kB	146.0.41.207
socket.filen.io	unknown	2020-05-30	2022-05-14	2024-01-21	1.2 kB	424 B	146.0.41.205

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-04-20 08:29:46	medium	Client IP	146.0.41.205	ET INFO Observed File Sharing Service Domain (drive .filen .io in TLS SNI)
2024-04-20 08:29:46	medium	Client IP	146.0.41.207	ET INFO Observed File Sharing Service Domain (drive .filen .io in TLS SNI)
2024-04-20 08:29:46	medium	Client IP	146.0.41.207	ET INFO Observed File Sharing Service Domain (drive .filen .io in TLS SNI)
2024-04-20 08:29:47	medium	Client IP	146.0.41.207	ET INFO Observed File Sharing Service Domain (drive .filen .io in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	drive.filen.io/webstreams.js	44 kB	2023-09-07	2024-04-20
Pretty URL drive.filen.io/webstreams.js IP 146.0.41.205 ASN #24961 myLoc managed IT AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-07 20:07:12 Last Seen2024-04-20 10:30:14 Times Seen12 Hash 3c9c74f39d36f4ef17782991cd91f0b5 4273e37bc93862c46012068ed785b4fdd78056cb 50592a828c61bd748631bcb4bd583b55d11de89164189b47f4ac031af5696f07 Loading...

	drive.filen.io/static/js/main.8419430e.js	1.4 MB	2024-01-21	2024-04-20
Pretty URL drive.filen.io/static/js/main.8419430e.js IP 146.0.41.205 ASN #24961 myLoc managed IT AG Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-21 17:27:53 Last Seen2024-04-20 10:30:14 Times Seen8 Hash 2f9075a7574cffb95d7114ff3978dbe1 519f014e4b4f1df74655e96b8f7481b17029ec5b b8e44c787a9f49bbf2f3c325e00534b6736f0a5f40ab3383343ff159dc2e9e55 Loading...

	drive.filen.io/static/js/885.04acd75a.chunk.js	8.0 kB	2024-01-21	2024-04-20
Pretty URL drive.filen.io/static/js/885.04acd75a.chunk.js IP 146.0.41.207 ASN #24961 myLoc managed IT AG Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-21 17:27:53 Last Seen2024-04-20 10:30:14 Times Seen8 Hash 78ec63985c0eeb4127c32c787d750323 884313ec5f67629f101e7afe42ba397a2c0bbb16 ebf5dbc2b0465c9b308c111314d9400c913fdd14756688d01f3e8ceea9e88f50 Loading...

	drive.filen.io/static/js/273.97b75179.chunk.js	8.3 kB	2024-01-21	2024-04-20
Pretty URL drive.filen.io/static/js/273.97b75179.chunk.js IP 146.0.41.207 ASN #24961 myLoc managed IT AG Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-21 17:27:53 Last Seen2024-04-20 10:30:14 Times Seen8 Hash 35b00f33817a766f3dda35c1df261e17 b96b78009c00a6b58125390471f8889479f2c5f0 c7f3816ffaeacc17adb81267854ab84eb6dd72134446458c34e0868bdad5d4b2 Loading...

	drive.filen.io/static/js/827.d99a6ec2.chunk.js	11 kB	2024-01-21	2024-04-20
Pretty URL drive.filen.io/static/js/827.d99a6ec2.chunk.js IP 146.0.41.207 ASN #24961 myLoc managed IT AG Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-21 17:27:53 Last Seen2024-04-20 10:30:14 Times Seen8 Hash a03ab90b24790d054707393a36281a8e a2dd5faa5b479132942b93e7a77447c66d746717 8b03274d7a59e6ad789bdbda62a2a68ff321a4b6eb7bc715409b864800cbf13f Loading...

	drive.filen.io/static/js/505.a2c8d27b.chunk.js	14 kB	2024-04-20	2024-04-20
Pretty URL drive.filen.io/static/js/505.a2c8d27b.chunk.js IP 146.0.41.207 ASN #24961 myLoc managed IT AG Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-20 10:30:14 Last Seen2024-04-20 10:30:14 Times Seen2 Hash 737011cb4a837d1e6d613c80f27b59b7 182e3e1b2848cc44bee172caec6a312eaa403c7f 723f700ef67bb920d1d4460555e6e2a2de5dfef27a8342e13f78637bf155e1f5 Loading...

	cdn.filen.io/ht/HackTimer.js	3.9 kB	2023-03-12	2024-04-20
Pretty URL cdn.filen.io/ht/HackTimer.js IP 146.0.41.207 ASN #24961 myLoc managed IT AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 16:56:13 Last Seen2024-04-20 10:30:14 Times Seen730 Hash 57f0865c530bf9b3c1acfb01ab995a6e fe9d961af77b72bce7f4f4519f1df2e647dcd523 4236417ac81c93aec5ba39c08995d52a575b9e179215dc972c7abb9df2a0cf12 Loading...

HTTP Transactions (19)

	URL	IP	Response	Size
	drive.filen.io/StartAllBack_3.7.7.4898.zip	146.0.41.205	200 OK	764 B
URL User Request GET HTTP/1.1 drive.filen.io/StartAllBack_3.7.7.4898.zip IP 146.0.41.205:443 ASN #24961 myLoc managed IT AG Certificate IssuerLet's Encrypt Subjectfilen.io FingerprintE2:CD:98:AB:F0:DE:80:F3:F5:A4:5C:55:55:F3:27:9B:D2:01:E3:7C ValiditySat, 03 Feb 2024 13:27:17 GMT - Fri, 03 May 2024 13:27:16 GMT File type HTML document, Unicode text, UTF-8 text, with very long lines (1742), with no line terminators Size 764 B (764 bytes) Hash b0b02ea8d96d4e1c7b39fac01f317ba3 418c6ea5f7870e06f44c3c0ad63312fffb24b70a d41392b991d00c24a1359de4da4c96213aa44ec17423df65784b70927286281c HTTP Headers `GET /StartAllBack_3.7.7.4898.zip HTTP/1.1 Host: drive.filen.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Sat, 20 Apr 2024 08:29:46 GMT Content-Type: text/html Last-Modified: Wed, 03 Jan 2024 06:47:07 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"659502eb-6d2" Cache-Control: max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-Policy: strict-origin Content-Encoding: gzip`

	drive.filen.io/webstreams.js	146.0.41.205	200 OK	13 kB
URL GET HTTP/1.1 drive.filen.io/webstreams.js IP 146.0.41.205:443 ASN #24961 myLoc managed IT AG Requested by https://drive.filen.io/StartAllBack_3.7.7.4898.zip Certificate IssuerLet's Encrypt Subjectfilen.io FingerprintE2:CD:98:AB:F0:DE:80:F3:F5:A4:5C:55:55:F3:27:9B:D2:01:E3:7C ValiditySat, 03 Feb 2024 13:27:17 GMT - Fri, 03 May 2024 13:27:16 GMT File type JavaScript source, ASCII text, with very long lines (43821), with CRLF line terminators Size 13 kB (12937 bytes) Hash 3c9c74f39d36f4ef17782991cd91f0b5 4273e37bc93862c46012068ed785b4fdd78056cb 50592a828c61bd748631bcb4bd583b55d11de89164189b47f4ac031af5696f07 HTTP Headers `GET /webstreams.js HTTP/1.1 Host: drive.filen.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://drive.filen.io/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Sat, 20 Apr 2024 08:29:46 GMT Content-Type: application/javascript Last-Modified: Wed, 16 Nov 2022 22:25:21 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"63756351-ac8e" Cache-Control: max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-Policy: strict-origin Content-Encoding: gzip`

	drive.filen.io/static/css/main.eeb9c19c.css	146.0.41.207	200 OK	7.9 kB
URL GET HTTP/1.1 drive.filen.io/static/css/main.eeb9c19c.css IP 146.0.41.207:443 ASN #24961 myLoc managed IT AG Requested by https://drive.filen.io/StartAllBack_3.7.7.4898.zip Certificate IssuerLet's Encrypt Subjectfilen.io FingerprintE2:CD:98:AB:F0:DE:80:F3:F5:A4:5C:55:55:F3:27:9B:D2:01:E3:7C ValiditySat, 03 Feb 2024 13:27:17 GMT - Fri, 03 May 2024 13:27:16 GMT File type ASCII text, with very long lines (28947), with CRLF, LF line terminators Size 7.9 kB (7920 bytes) Hash 7cffefc763afd98d9ad5af16ca29c23d 6d05dcec456759dab980009a96335dafdecebc02 137eb8ad31d1b65aaeffb448e624640e6625ab8c4c43c63060f611b7c2c5c712 HTTP Headers `GET /static/css/main.eeb9c19c.css HTTP/1.1 Host: drive.filen.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://drive.filen.io/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Sat, 20 Apr 2024 08:29:46 GMT Content-Type: text/css Last-Modified: Wed, 03 Jan 2024 06:47:07 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"659502eb-a11f" Cache-Control: max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-Policy: strict-origin Content-Encoding: gzip`

	cdn.filen.io/ht/HackTimer.js	146.0.41.207	200 OK	1.3 kB
URL GET HTTP/1.1 cdn.filen.io/ht/HackTimer.js IP 146.0.41.207:443 ASN #24961 myLoc managed IT AG Requested by https://drive.filen.io/StartAllBack_3.7.7.4898.zip Certificate IssuerLet's Encrypt Subjectfilen.io FingerprintE2:CD:98:AB:F0:DE:80:F3:F5:A4:5C:55:55:F3:27:9B:D2:01:E3:7C ValiditySat, 03 Feb 2024 13:27:17 GMT - Fri, 03 May 2024 13:27:16 GMT File type JavaScript source, ASCII text Size 1.3 kB (1272 bytes) Hash 57f0865c530bf9b3c1acfb01ab995a6e fe9d961af77b72bce7f4f4519f1df2e647dcd523 4236417ac81c93aec5ba39c08995d52a575b9e179215dc972c7abb9df2a0cf12 HTTP Headers `GET /ht/HackTimer.js HTTP/1.1 Host: cdn.filen.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://drive.filen.io/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: nginx Date: Sat, 20 Apr 2024 08:29:46 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Fri, 26 Jun 2020 21:59:13 GMT Vary: Accept-Encoding, Accept-Encoding ETag: W/"5ef66fb1-f46" Access-Control-Allow-Origin: * X-Cache-Status: HIT Cache-Control: max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-Policy: strict-origin Content-Encoding: gzip

	drive.filen.io/static/js/main.8419430e.js	146.0.41.205	200 OK	471 kB
URL GET HTTP/1.1 drive.filen.io/static/js/main.8419430e.js IP 146.0.41.205:443 ASN #24961 myLoc managed IT AG Requested by https://drive.filen.io/StartAllBack_3.7.7.4898.zip Certificate IssuerLet's Encrypt Subjectfilen.io FingerprintE2:CD:98:AB:F0:DE:80:F3:F5:A4:5C:55:55:F3:27:9B:D2:01:E3:7C ValiditySat, 03 Feb 2024 13:27:17 GMT - Fri, 03 May 2024 13:27:16 GMT File type JavaScript source, ASCII text, with very long lines (65465) Size 471 kB (471447 bytes) Hash 2f9075a7574cffb95d7114ff3978dbe1 519f014e4b4f1df74655e96b8f7481b17029ec5b b8e44c787a9f49bbf2f3c325e00534b6736f0a5f40ab3383343ff159dc2e9e55 HTTP Headers `GET /static/js/main.8419430e.js HTTP/1.1 Host: drive.filen.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://drive.filen.io/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Sat, 20 Apr 2024 08:29:46 GMT Content-Type: application/javascript Last-Modified: Wed, 03 Jan 2024 06:47:07 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"659502eb-160c2c" Cache-Control: max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-Policy: strict-origin Content-Encoding: gzip`

	drive.filen.io/static/media/inter-v12-latin-500.c72c72b70c82b1f4bacf.woff2	146.0.41.205	200 OK	18 kB
URL GET HTTP/1.1 drive.filen.io/static/media/inter-v12-latin-500.c72c72b70c82b1f4bacf.woff2 IP 146.0.41.205:443 ASN #24961 myLoc managed IT AG Requested by https://drive.filen.io/StartAllBack_3.7.7.4898.zip Certificate IssuerLet's Encrypt Subjectfilen.io FingerprintE2:CD:98:AB:F0:DE:80:F3:F5:A4:5C:55:55:F3:27:9B:D2:01:E3:7C ValiditySat, 03 Feb 2024 13:27:17 GMT - Fri, 03 May 2024 13:27:16 GMT File type Web Open Font Format (Version 2), TrueType, length 17552, version 1.0 Size 18 kB (17552 bytes) Hash 0627ec86dfad171ba217bbc765326ed7 d83f8aac9cb272a8825602735e3766f4975d5c68 d53336707c39d1ec20a2b1f7399ca9f183c45592e215a42fd596dfa2dbb8ad7a HTTP Headers `GET /static/media/inter-v12-latin-500.c72c72b70c82b1f4bacf.woff2 HTTP/1.1 Host: drive.filen.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Referer: https://drive.filen.io/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Sat, 20 Apr 2024 08:29:46 GMT Content-Type: application/octet-stream Content-Length: 17552 Last-Modified: Wed, 03 Jan 2024 06:47:07 GMT Connection: keep-alive ETag: "659502eb-4490" Cache-Control: max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-Policy: strict-origin Accept-Ranges: bytes`

	cdn.filen.io/cfg.json?noCache=1713601787006	146.0.41.207	200 OK	916 B
URL GET HTTP/1.1 cdn.filen.io/cfg.json?noCache=1713601787006 IP 146.0.41.207:443 ASN #24961 myLoc managed IT AG Requested by https://drive.filen.io/StartAllBack_3.7.7.4898.zip Certificate IssuerLet's Encrypt Subjectfilen.io FingerprintE2:CD:98:AB:F0:DE:80:F3:F5:A4:5C:55:55:F3:27:9B:D2:01:E3:7C ValiditySat, 03 Feb 2024 13:27:17 GMT - Fri, 03 May 2024 13:27:16 GMT File type JSON text data Size 916 B (916 bytes) Hash 2cc5cdf253a1985874efcffea621a32f e37ece687346bd5cc3f69aa1981614aa3fb4e00d 2030f952758a50e7482a86d782935585b822bee7a92c0ff22d77eafd3a933962 HTTP Headers `GET /cfg.json?noCache=1713601787006 HTTP/1.1 Host: cdn.filen.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://drive.filen.io/ Origin: https://drive.filen.io DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: nginx Date: Sat, 20 Apr 2024 08:29:47 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Tue, 19 Dec 2023 09:30:05 GMT Vary: Accept-Encoding, Accept-Encoding ETag: W/"6581629d-d3e" Access-Control-Allow-Origin: * X-Cache-Status: BYPASS Cache-Control: max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-Policy: strict-origin Content-Encoding: gzip

	socket.filen.io/socket.io/?EIO=3&transport=websocket	146.0.41.205		0 B
URL socket.filen.io/socket.io/?EIO=3&transport=websocket IP 146.0.41.205:0 ASN #24961 myLoc managed IT AG File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /socket.io/?EIO=3&transport=websocket HTTP/1.1 Host: socket.filen.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: https://drive.filen.io Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: j4bV3sdQAoGwF9KL9b22/w== DNT: 1 Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Server: nginx Date: Sat, 20 Apr 2024 08:29:47 GMT Connection: upgrade Upgrade: websocket Sec-WebSocket-Accept: jZFzwBZFuBUZweo7A6XVO+FElAE= Access-Control-Allow-Origin: *`

	drive.filen.io/static/media/logo_animated.5b2a93fbda359a792c23.gif	146.0.41.207		342 kB
URL GET drive.filen.io/static/media/logo_animated.5b2a93fbda359a792c23.gif IP 146.0.41.207:0 ASN #24961 myLoc managed IT AG Requested by https://drive.filen.io/StartAllBack_3.7.7.4898.zip Certificate IssuerLet's Encrypt Subjectfilen.io FingerprintE2:CD:98:AB:F0:DE:80:F3:F5:A4:5C:55:55:F3:27:9B:D2:01:E3:7C ValiditySat, 03 Feb 2024 13:27:17 GMT - Fri, 03 May 2024 13:27:16 GMT File type GIF image data, version 89a, 512 x 512 Size 342 kB (341517 bytes) Hash b5998105ca9c544a5190c73b104e1c20 3d85731e756da66ee4455d7effb1193e3c0d8eed 21ae3b454fa753ff87aefe5c568bf8262d4120d27b6b538ae759aa73e9e169a8 HTTP Headers `GET /static/media/logo_animated.5b2a93fbda359a792c23.gif HTTP/1.1 Host: drive.filen.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://drive.filen.io/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Sat, 20 Apr 2024 08:29:47 GMT Content-Type: image/gif Content-Length: 341517 Last-Modified: Wed, 03 Jan 2024 06:47:07 GMT Connection: keep-alive ETag: "659502eb-5360d" Cache-Control: max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-Policy: strict-origin Accept-Ranges: bytes`

	drive.filen.io/static/js/885.04acd75a.chunk.js	146.0.41.207	200 OK	3.2 kB
URL GET HTTP/1.1 drive.filen.io/static/js/885.04acd75a.chunk.js IP 146.0.41.207:443 ASN #24961 myLoc managed IT AG Requested by https://drive.filen.io/StartAllBack_3.7.7.4898.zip Certificate IssuerLet's Encrypt Subjectfilen.io FingerprintE2:CD:98:AB:F0:DE:80:F3:F5:A4:5C:55:55:F3:27:9B:D2:01:E3:7C ValiditySat, 03 Feb 2024 13:27:17 GMT - Fri, 03 May 2024 13:27:16 GMT File type JavaScript source, ASCII text, with very long lines (7997) Size 3.2 kB (3159 bytes) Hash 78ec63985c0eeb4127c32c787d750323 884313ec5f67629f101e7afe42ba397a2c0bbb16 ebf5dbc2b0465c9b308c111314d9400c913fdd14756688d01f3e8ceea9e88f50 HTTP Headers `GET /static/js/885.04acd75a.chunk.js HTTP/1.1 Host: drive.filen.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://drive.filen.io/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Sat, 20 Apr 2024 08:29:47 GMT Content-Type: application/javascript Last-Modified: Wed, 03 Jan 2024 06:47:07 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"659502eb-1f6c" Cache-Control: max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-Policy: strict-origin Content-Encoding: gzip`

	drive.filen.io/static/js/273.97b75179.chunk.js	146.0.41.207	200 OK	3.3 kB
URL GET HTTP/1.1 drive.filen.io/static/js/273.97b75179.chunk.js IP 146.0.41.207:443 ASN #24961 myLoc managed IT AG Requested by https://drive.filen.io/StartAllBack_3.7.7.4898.zip Certificate IssuerLet's Encrypt Subjectfilen.io FingerprintE2:CD:98:AB:F0:DE:80:F3:F5:A4:5C:55:55:F3:27:9B:D2:01:E3:7C ValiditySat, 03 Feb 2024 13:27:17 GMT - Fri, 03 May 2024 13:27:16 GMT File type JavaScript source, ASCII text, with very long lines (8239) Size 3.3 kB (3287 bytes) Hash 35b00f33817a766f3dda35c1df261e17 b96b78009c00a6b58125390471f8889479f2c5f0 c7f3816ffaeacc17adb81267854ab84eb6dd72134446458c34e0868bdad5d4b2 HTTP Headers `GET /static/js/273.97b75179.chunk.js HTTP/1.1 Host: drive.filen.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://drive.filen.io/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Sat, 20 Apr 2024 08:29:47 GMT Content-Type: application/javascript Last-Modified: Wed, 03 Jan 2024 06:47:07 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"659502eb-205e" Cache-Control: max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-Policy: strict-origin Content-Encoding: gzip`

	drive.filen.io/apple-touch-icon.png	146.0.41.207	200 OK	4.0 kB
URL GET HTTP/1.1 drive.filen.io/apple-touch-icon.png IP 146.0.41.207:443 ASN #24961 myLoc managed IT AG Requested by https://drive.filen.io/StartAllBack_3.7.7.4898.zip Certificate IssuerLet's Encrypt Subjectfilen.io FingerprintE2:CD:98:AB:F0:DE:80:F3:F5:A4:5C:55:55:F3:27:9B:D2:01:E3:7C ValiditySat, 03 Feb 2024 13:27:17 GMT - Fri, 03 May 2024 13:27:16 GMT File type PNG image data, 180 x 180, 8-bit grayscale, non-interlaced Size 4.0 kB (3979 bytes) Hash e979ca1017e8898f4f2a21b5f2d255ee b392d1b90a6391f25694ddfa78b98456305eb1b6 920c673246811ef1550e4550889b3ab4169fc3750b1ac0ac873806c2080783ac HTTP Headers `GET /apple-touch-icon.png HTTP/1.1 Host: drive.filen.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://drive.filen.io/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Sat, 20 Apr 2024 08:29:47 GMT Content-Type: image/png Content-Length: 3979 Last-Modified: Tue, 29 Aug 2023 18:14:43 GMT Connection: keep-alive ETag: "64ee3593-f8b" Cache-Control: max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-Policy: strict-origin Accept-Ranges: bytes`

	drive.filen.io/favicon-16x16.png	146.0.41.207	200 OK	741 B
URL GET HTTP/1.1 drive.filen.io/favicon-16x16.png IP 146.0.41.207:443 ASN #24961 myLoc managed IT AG Requested by https://drive.filen.io/StartAllBack_3.7.7.4898.zip Certificate IssuerLet's Encrypt Subjectfilen.io FingerprintE2:CD:98:AB:F0:DE:80:F3:F5:A4:5C:55:55:F3:27:9B:D2:01:E3:7C ValiditySat, 03 Feb 2024 13:27:17 GMT - Fri, 03 May 2024 13:27:16 GMT File type PNG image data, 16 x 16, 8-bit gray+alpha, non-interlaced Size 741 B (741 bytes) Hash 17aafc353feb76b1c719a5b7dc87f98f b838dc2d4bf7e380f7772a6c7b04f089d154beaa 01c932610aab2302431752446a54e01fa48ed27c11ad7f17846ee5b9617b8c40 HTTP Headers `GET /favicon-16x16.png HTTP/1.1 Host: drive.filen.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://drive.filen.io/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Sat, 20 Apr 2024 08:29:47 GMT Content-Type: image/png Content-Length: 741 Last-Modified: Tue, 29 Aug 2023 18:14:43 GMT Connection: keep-alive ETag: "64ee3593-2e5" Cache-Control: max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-Policy: strict-origin Accept-Ranges: bytes`

	drive.filen.io/static/js/827.d99a6ec2.chunk.js	146.0.41.207	200 OK	3.9 kB
URL GET HTTP/1.1 drive.filen.io/static/js/827.d99a6ec2.chunk.js IP 146.0.41.207:443 ASN #24961 myLoc managed IT AG Requested by https://drive.filen.io/StartAllBack_3.7.7.4898.zip Certificate IssuerLet's Encrypt Subjectfilen.io FingerprintE2:CD:98:AB:F0:DE:80:F3:F5:A4:5C:55:55:F3:27:9B:D2:01:E3:7C ValiditySat, 03 Feb 2024 13:27:17 GMT - Fri, 03 May 2024 13:27:16 GMT File type JavaScript source, ASCII text, with very long lines (11062) Size 3.9 kB (3938 bytes) Hash a03ab90b24790d054707393a36281a8e a2dd5faa5b479132942b93e7a77447c66d746717 8b03274d7a59e6ad789bdbda62a2a68ff321a4b6eb7bc715409b864800cbf13f HTTP Headers `GET /static/js/827.d99a6ec2.chunk.js HTTP/1.1 Host: drive.filen.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://drive.filen.io/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Sat, 20 Apr 2024 08:29:47 GMT Content-Type: application/javascript Last-Modified: Wed, 03 Jan 2024 06:47:07 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"659502eb-2b65" Cache-Control: max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-Policy: strict-origin Content-Encoding: gzip`

	drive.filen.io/static/js/505.a2c8d27b.chunk.js	146.0.41.207	200 OK	5.0 kB
URL GET HTTP/1.1 drive.filen.io/static/js/505.a2c8d27b.chunk.js IP 146.0.41.207:443 ASN #24961 myLoc managed IT AG Requested by https://drive.filen.io/StartAllBack_3.7.7.4898.zip Certificate IssuerLet's Encrypt Subjectfilen.io FingerprintE2:CD:98:AB:F0:DE:80:F3:F5:A4:5C:55:55:F3:27:9B:D2:01:E3:7C ValiditySat, 03 Feb 2024 13:27:17 GMT - Fri, 03 May 2024 13:27:16 GMT File type JavaScript source, ASCII text, with very long lines (13813) Size 5.0 kB (5010 bytes) Hash 737011cb4a837d1e6d613c80f27b59b7 182e3e1b2848cc44bee172caec6a312eaa403c7f 723f700ef67bb920d1d4460555e6e2a2de5dfef27a8342e13f78637bf155e1f5 HTTP Headers `GET /static/js/505.a2c8d27b.chunk.js HTTP/1.1 Host: drive.filen.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://drive.filen.io/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Sat, 20 Apr 2024 08:29:47 GMT Content-Type: application/javascript Last-Modified: Wed, 03 Jan 2024 06:47:07 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"659502eb-3624" Cache-Control: max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-Policy: strict-origin Content-Encoding: gzip`

	drive.filen.io/static/media/dark_logo.41ab3ed5c0117abdb8e47d6bac43d9ae.svg	146.0.41.207	200 OK	1.6 kB
URL GET HTTP/1.1 drive.filen.io/static/media/dark_logo.41ab3ed5c0117abdb8e47d6bac43d9ae.svg IP 146.0.41.207:443 ASN #24961 myLoc managed IT AG Requested by https://drive.filen.io/StartAllBack_3.7.7.4898.zip Certificate IssuerLet's Encrypt Subjectfilen.io FingerprintE2:CD:98:AB:F0:DE:80:F3:F5:A4:5C:55:55:F3:27:9B:D2:01:E3:7C ValiditySat, 03 Feb 2024 13:27:17 GMT - Fri, 03 May 2024 13:27:16 GMT File type SVG Scalable Vector Graphics image Size 1.6 kB (1613 bytes) Hash 9fb67221354e45ebce43532b7826bb33 249e06e4ecd346b4f77c1b2b573dafededf89aed b8cb793aed379c322d0b1b2fe7525d9d7d2bdbb2bd1da42342a681bcf3aacc4f HTTP Headers `GET /static/media/dark_logo.41ab3ed5c0117abdb8e47d6bac43d9ae.svg HTTP/1.1 Host: drive.filen.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://drive.filen.io/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Sat, 20 Apr 2024 08:29:47 GMT Content-Type: image/svg+xml Last-Modified: Wed, 03 Jan 2024 06:47:07 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"659502eb-1034" Cache-Control: max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-Policy: strict-origin Content-Encoding: gzip`

	drive.filen.io/static/media/dark_logo.41ab3ed5c0117abdb8e47d6bac43d9ae.svg	146.0.41.207	200 OK	1.6 kB
URL GET HTTP/1.1 drive.filen.io/static/media/dark_logo.41ab3ed5c0117abdb8e47d6bac43d9ae.svg IP 146.0.41.207:443 ASN #24961 myLoc managed IT AG Requested by https://drive.filen.io/StartAllBack_3.7.7.4898.zip Certificate IssuerLet's Encrypt Subjectfilen.io FingerprintE2:CD:98:AB:F0:DE:80:F3:F5:A4:5C:55:55:F3:27:9B:D2:01:E3:7C ValiditySat, 03 Feb 2024 13:27:17 GMT - Fri, 03 May 2024 13:27:16 GMT File type SVG Scalable Vector Graphics image Size 1.6 kB (1613 bytes) Hash 9fb67221354e45ebce43532b7826bb33 249e06e4ecd346b4f77c1b2b573dafededf89aed b8cb793aed379c322d0b1b2fe7525d9d7d2bdbb2bd1da42342a681bcf3aacc4f HTTP Headers `GET /static/media/dark_logo.41ab3ed5c0117abdb8e47d6bac43d9ae.svg HTTP/1.1 Host: drive.filen.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://drive.filen.io/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Sat, 20 Apr 2024 08:29:47 GMT Content-Type: image/svg+xml Last-Modified: Wed, 03 Jan 2024 06:47:07 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"659502eb-1034" Cache-Control: max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-Policy: strict-origin Content-Encoding: gzip`

	drive.filen.io/login1.webp	146.0.41.207		228 kB
URL GET drive.filen.io/login1.webp IP 146.0.41.207:0 ASN #24961 myLoc managed IT AG Requested by https://drive.filen.io/StartAllBack_3.7.7.4898.zip Certificate IssuerLet's Encrypt Subjectfilen.io FingerprintE2:CD:98:AB:F0:DE:80:F3:F5:A4:5C:55:55:F3:27:9B:D2:01:E3:7C ValiditySat, 03 Feb 2024 13:27:17 GMT - Fri, 03 May 2024 13:27:16 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 2832x4240, Scaling: [none]x[none], YUV color, decoders should clamp Size 228 kB (227584 bytes) Hash 58171870e5209878a5ae07c35b7a197c 8b85604d3087e41b9af465fc53bd5bbcc684b959 cb2555a6bdf01ef87844a92df52e2ad4168e711ac6de538e9dccb86e31cab960 HTTP Headers `GET /login1.webp HTTP/1.1 Host: drive.filen.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://drive.filen.io/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Sat, 20 Apr 2024 08:29:47 GMT Content-Type: image/webp Content-Length: 227584 Last-Modified: Thu, 26 Oct 2023 22:42:47 GMT Connection: keep-alive ETag: "653aeb67-37900" Cache-Control: max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-Policy: strict-origin Accept-Ranges: bytes`

	socket.filen.io/socket.io/?EIO=3&transport=websocket	146.0.41.205	101 Switching Protocols	0 B
URL GET HTTP/1.1 socket.filen.io/socket.io/?EIO=3&transport=websocket IP 146.0.41.205:443 ASN #24961 myLoc managed IT AG Requested by https://drive.filen.io/StartAllBack_3.7.7.4898.zip Certificate IssuerLet's Encrypt Subjectfilen.io FingerprintE2:CD:98:AB:F0:DE:80:F3:F5:A4:5C:55:55:F3:27:9B:D2:01:E3:7C ValiditySat, 03 Feb 2024 13:27:17 GMT - Fri, 03 May 2024 13:27:16 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /socket.io/?EIO=3&transport=websocket HTTP/1.1 Host: socket.filen.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: https://drive.filen.io Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: j4bV3sdQAoGwF9KL9b22/w== DNT: 1 Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Server: nginx Date: Sat, 20 Apr 2024 08:29:47 GMT Connection: upgrade Upgrade: websocket Sec-WebSocket-Accept: jZFzwBZFuBUZweo7A6XVO+FElAE= Access-Control-Allow-Origin: *`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (19)

URL User Request GET HTTP/1.1

IP

ASN

Certificate