Report - sharevault.cloud/MYD1GK

Report Overview

Visited public
2025-07-12 13:11:31
Tags
Submit Tags
URL
sharevault.cloud/MYD1GK
Finishing URL
about:neterror?e=dnsNotFound&u=https%3A//fafyughf.com/&c=UTF-8&d=We%20can%E2%80%99t%20connect%20to%20the%20server%20at%20fafyughf.com.
IP / ASN
52.173.151.229
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Title
Server Not Found

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fafyughf.com	unknown	unknown	2025-07-12	2025-07-12	481 B	0 B	0.0.0.0
sharevault.cloud	unknown	2024-04-05	2024-04-09	2025-06-29	491 B	4.9 kB	52.173.151.229
grabify.world	unknown	2019-04-10	2020-03-11	2025-07-05	488 B	5.0 kB	104.21.80.1
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24	2025-07-09	470 B	20 kB	104.16.80.73
grabify.link	181878	2015-07-05	2015-07-08	2025-07-12	7.3 kB	219 kB	104.26.9.202

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-07-12 13:11:10	medium	Client IP	104.26.9.202	ET INFO Observed IP Tracking Domain (grabify .link in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-07-12	medium	fafyughf.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (11)

URL IP Response Size

GET static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

104.16.80.73

200 OK

20 kB

URL GET
static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
IP
104.16.80.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://grabify.link/MYD1GK
Certificate
IssuerGoogle Trust Services
Subjectcloudflareinsights.com
Fingerprint9D:9F:FB:08:8A:BA:46:3F:69:F6:F3:D7:AE:78:13:8D:FD:5A:C8:D5
ValidityWed, 25 Jun 2025 22:10:34 GMT - Tue, 23 Sep 2025 23:10:19 GMT

File type
JavaScript source, ASCII text, with very long lines (19948), with no line terminators
Size
20 kB (19948 bytes)
Hash
ec18af6d41f6f278b6aed3bdabffa7bc
62c9e2cab76b888829f3c5335e91c320b22329ae
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

HTTP Headers

GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://grabify.link
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Jul 2025 13:11:13 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.6.1"
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 95e0c902ac5256c1-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

GET grabify.link/favicon.ico

104.26.9.202

200 OK

22 kB

URL GET
grabify.link/favicon.ico
IP
104.26.9.202:443
ASN
#13335 CLOUDFLARENET

Requested by
https://grabify.link/MYD1GK
Certificate
IssuerGoogle Trust Services
Subjectgrabify.link
FingerprintD9:B2:98:3B:8A:6B:65:3E:9D:2D:64:7B:E6:97:88:71:F2:DA:4D:BD
ValidityWed, 25 Jun 2025 05:10:22 GMT - Tue, 23 Sep 2025 06:10:02 GMT

File type
MS Windows icon resource - 3 icons, 64x64, 32 bits/pixel, 32x32, 32 bits/pixel
Size
22 kB (22382 bytes)
Hash
2e3ddf160b20974e2bb405b8f6422342
9ec93050ac2b80092dacc65d8b882d7f920e2b16
b00b8cd633d0a635c5840a2ae401724999d670fad974758220521143263b8d21

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: grabify.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlRodjcvbmY0RlJGckpzcGNpV3FJNUE9PSIsInZhbHVlIjoiT1pYUDZUWDNURU9ORGtlbkdabUpqZVJuU2l5cVkrZ0VSTVF4azNmYVV5TVlCd1lPQ2xZNjBsKy80VG5VSFlIOTIxNG1YZ20ycmlzOThsSzlHcjhKRXlMZEFJNlZ5RE1jeE8wSStRSU1Xb0dKam5XSlN5MG9lc2Z4RzJIa3RKRVciLCJtYWMiOiIyMTI3Mjc4ZmZhNDU2YWJkNzI0NTIzZWVmMWI3NDA2ZDNiNjA1Yzc3YWZlNDY1NTU3ODBkMzFmMTgwY2QzNDRhIiwidGFnIjoiIn0%3D; g_session=eyJpdiI6InY2NEtBNTFqN1F1Y0FoOHd2V2lQN0E9PSIsInZhbHVlIjoiajl5TkJCRVRhV2Z4WGZFWmFlcXlWWlJGTzhybmNxYWNad1dhK0dZRVBMQkFLb3FITEpBbXAxN1J0QlpjMDBPZzdHaEpjVUhWQjhscEx4UXlKYWhmUVpaTGo3cmVpdi9xWmR2VXpNQnFzT1NBMjA0UXBHTVVVdnVLL1JzYWNaZDUiLCJtYWMiOiJjYjc1N2RmOWJkMzRjN2ViYzNmODBkOWFlOTkyMmVkNDM4ZWI4YzY5MDU2YmFlZTdiOWRhYWQ5YWQyYmQwODRlIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 12 Jul 2025 13:11:15 GMT
content-type: image/vnd.microsoft.icon
content-encoding: br
last-modified: Thu, 02 Mar 2023 08:48:42 GMT
etag: W/"576e-5f5e6e55d2ad7"
cf-cache-status: REVALIDATED
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FQytM6IQnTo4mTYyhyFrEOUI86vY20pmrKBIzh6gwervE4sCB7M8rLkke06xb5w%2ByM4uYudKHduv2pWHWBEPc67wQqXi991DiJFR6oLbp1nZs05thUBEXI6C3sXq2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 95e0c90adaf956c7-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2943&min_rtt=1084&rtt_var=2194&sent=68&recv=17&lost=0&retrans=0&sent_bytes=65697&recv_bytes=4472&delivery_rate=11063099&cwnd=24000&unsent_bytes=0&cid=9e1e58af96abcfbc&ts=2692&x=1", cfExtPri, cfHdrFlush;dur=0

GET grabify.link/js/jquery-2.5.2.min.js

104.26.9.202

200 OK

12 kB

URL GET
grabify.link/js/jquery-2.5.2.min.js
IP
104.26.9.202:443
ASN
#13335 CLOUDFLARENET

Requested by
https://grabify.link/MYD1GK
Certificate
IssuerGoogle Trust Services
Subjectgrabify.link
FingerprintD9:B2:98:3B:8A:6B:65:3E:9D:2D:64:7B:E6:97:88:71:F2:DA:4D:BD
ValidityWed, 25 Jun 2025 05:10:22 GMT - Tue, 23 Sep 2025 06:10:02 GMT

File type
JavaScript source, ASCII text, with very long lines (12080), with no line terminators
Size
12 kB (12080 bytes)
Hash
5aada261fbed49fea7f53c6d61470066
95e2cc301f395cb13f8bb3fc5f9dc87a732dabc5
8a827bf98696ac93d30f54c03fafa8b7ff44a20abdea1c68a46e35d5d2bf9071

HTTP Headers

GET /js/jquery-2.5.2.min.js HTTP/1.1
Host: grabify.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlRodjcvbmY0RlJGckpzcGNpV3FJNUE9PSIsInZhbHVlIjoiT1pYUDZUWDNURU9ORGtlbkdabUpqZVJuU2l5cVkrZ0VSTVF4azNmYVV5TVlCd1lPQ2xZNjBsKy80VG5VSFlIOTIxNG1YZ20ycmlzOThsSzlHcjhKRXlMZEFJNlZ5RE1jeE8wSStRSU1Xb0dKam5XSlN5MG9lc2Z4RzJIa3RKRVciLCJtYWMiOiIyMTI3Mjc4ZmZhNDU2YWJkNzI0NTIzZWVmMWI3NDA2ZDNiNjA1Yzc3YWZlNDY1NTU3ODBkMzFmMTgwY2QzNDRhIiwidGFnIjoiIn0%3D; g_session=eyJpdiI6InY2NEtBNTFqN1F1Y0FoOHd2V2lQN0E9PSIsInZhbHVlIjoiajl5TkJCRVRhV2Z4WGZFWmFlcXlWWlJGTzhybmNxYWNad1dhK0dZRVBMQkFLb3FITEpBbXAxN1J0QlpjMDBPZzdHaEpjVUhWQjhscEx4UXlKYWhmUVpaTGo3cmVpdi9xWmR2VXpNQnFzT1NBMjA0UXBHTVVVdnVLL1JzYWNaZDUiLCJtYWMiOiJjYjc1N2RmOWJkMzRjN2ViYzNmODBkOWFlOTkyMmVkNDM4ZWI4YzY5MDU2YmFlZTdiOWRhYWQ5YWQyYmQwODRlIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 12 Jul 2025 13:11:14 GMT
content-type: application/javascript
content-length: 4310
cf-ray: 95e0c90c8dbc56c7-OSL
last-modified: Mon, 05 May 2025 22:27:05 GMT
etag: "2f30-6346afff57b6f-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xZ0mx1iOk%2Bam2TkRySlmmCKhXPiYgdVGOT356%2BKaUbQPPhmXTBSFggsHQXPnRK9%2BY7SPNx%2B00gcU3Rwd1hJr6pN1qd%2BnToT4Tb%2FTB3NGt2533hpUOo4nwajoYD7X1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3187&min_rtt=1084&rtt_var=2276&sent=63&recv=16&lost=0&retrans=0&sent_bytes=60579&recv_bytes=4427&delivery_rate=11063099&cwnd=24000&unsent_bytes=0&cid=9e1e58af96abcfbc&ts=2325&x=1", cfExtPri, cfHdrFlush;dur=0

POST grabify.link/cdn-cgi/rum?

104.26.9.202

204 No Content

0 B

URL POST
grabify.link/cdn-cgi/rum?
IP
104.26.9.202:443
ASN
#13335 CLOUDFLARENET

Requested by
https://grabify.link/MYD1GK
Certificate
IssuerGoogle Trust Services
Subjectgrabify.link
FingerprintD9:B2:98:3B:8A:6B:65:3E:9D:2D:64:7B:E6:97:88:71:F2:DA:4D:BD
ValidityWed, 25 Jun 2025 05:10:22 GMT - Tue, 23 Sep 2025 06:10:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: grabify.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 885
Origin: https://grabify.link
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im5HY0YzUnVGM1lqdW9yb2pnb3ZRQ2c9PSIsInZhbHVlIjoiOW44RWROODlMNEJweDUxdGEwakNtQUt5MEo3VCs3d25EUXFybDlnZXVtRnp4cmhUdXVyNlQ0b2Z4UzQ3QjZFbXZKRUJSbDdPRU1Ecmk3THRncUx2eVEwQW1pdkUvcTgwVDJ3cTFTeXUyeUhnTFMvSVlENjk4QUo3cC9NUzJIemQiLCJtYWMiOiI0ODM1NjNhNzRhZjllZTI2MWY0NjdiNzE3ZmQwZjA4MGZmOTQ3MTkxN2E3YjkxODhmMzAwYThlOGQxNmJiODVkIiwidGFnIjoiIn0%3D; g_session=eyJpdiI6IjAramY1N1VuVmtPdGdkalhoYm5jZHc9PSIsInZhbHVlIjoicUMybkloeTJiWDlhZ3Q1WkQ0R2tNVE56a2lnUGVXQTBidGtnZW8vUUF2SGg3dVFHcjFPQUJUNFZSU0xKdVFmMzRwOUpjcGdDVGZSaFdMWm5CSEM4c1Rka01ENy9Kcy83blpnTkplM09uOHBJelBKejRiTDRid0FCVjlUR3hnYTkiLCJtYWMiOiJmNzgxN2EwZDE3NzhmMzUxMDY0MzdlYzZiMTYwYzhkODA5NmVlMWJmYTc2NjQyZjZhZjlhYTBkNjc2NjgxZmI2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/3 204 No Content
date: Sat, 12 Jul 2025 13:11:16 GMT
access-control-allow-origin: https://grabify.link
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 95e0c9165df556c7-OSL
x-frame-options: DENY
x-content-type-options: nosniff

GET grabify.link/MYD1GK

104.26.9.202

200 OK

4.5 kB

URL User Request GET
grabify.link/MYD1GK
IP
104.26.9.202:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectgrabify.link
FingerprintD9:B2:98:3B:8A:6B:65:3E:9D:2D:64:7B:E6:97:88:71:F2:DA:4D:BD
ValidityWed, 25 Jun 2025 05:10:22 GMT - Tue, 23 Sep 2025 06:10:02 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (495)
Size
4.5 kB (4526 bytes)
Hash
22e10586f4fdcdac425478f7015c0814
5b18400955ec5a2ca9061c05d90ee00c008d36a5
679f7e8613f5975b3dac5ba1da7bc8c41dcf9f2c83e5e1299cdfa1ca0b52d386

HTTP Headers

GET /MYD1GK HTTP/1.1
Host: grabify.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Jul 2025 13:11:12 GMT
content-type: text/html; charset=UTF-8
content-encoding: br
cache-control: no-cache, private
x-ratelimit-limit: 15
x-ratelimit-remaining: 14
set-cookie: XSRF-TOKEN=eyJpdiI6IlRodjcvbmY0RlJGckpzcGNpV3FJNUE9PSIsInZhbHVlIjoiT1pYUDZUWDNURU9ORGtlbkdabUpqZVJuU2l5cVkrZ0VSTVF4azNmYVV5TVlCd1lPQ2xZNjBsKy80VG5VSFlIOTIxNG1YZ20ycmlzOThsSzlHcjhKRXlMZEFJNlZ5RE1jeE8wSStRSU1Xb0dKam5XSlN5MG9lc2Z4RzJIa3RKRVciLCJtYWMiOiIyMTI3Mjc4ZmZhNDU2YWJkNzI0NTIzZWVmMWI3NDA2ZDNiNjA1Yzc3YWZlNDY1NTU3ODBkMzFmMTgwY2QzNDRhIiwidGFnIjoiIn0%3D; expires=Sat, 12 Jul 2025 18:11:12 GMT; Max-Age=18000; path=/; secure
g_session=eyJpdiI6InY2NEtBNTFqN1F1Y0FoOHd2V2lQN0E9PSIsInZhbHVlIjoiajl5TkJCRVRhV2Z4WGZFWmFlcXlWWlJGTzhybmNxYWNad1dhK0dZRVBMQkFLb3FITEpBbXAxN1J0QlpjMDBPZzdHaEpjVUhWQjhscEx4UXlKYWhmUVpaTGo3cmVpdi9xWmR2VXpNQnFzT1NBMjA0UXBHTVVVdnVLL1JzYWNaZDUiLCJtYWMiOiJjYjc1N2RmOWJkMzRjN2ViYzNmODBkOWFlOTkyMmVkNDM4ZWI4YzY5MDU2YmFlZTdiOWRhYWQ5YWQyYmQwODRlIiwidGFnIjoiIn0%3D; expires=Sat, 12 Jul 2025 18:11:12 GMT; Max-Age=18000; path=/; secure; httponly
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=haCykefCh%2FNR83lYd6aWXImMzpBlEuGdmStLJ26DIQ2WknORBBP4y52EP3vW8zmRIrIOJgIBT%2F8nb7kAdoO4fZY5uzXB6kzys5ba98d5qlYrOb7dUCryte6PVY2JdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 95e0c8f21acb56a2-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfCacheStatus;desc="DYNAMIC", cfOrigin;dur=2177,cfEdge;dur=50, cfL4;desc="?proto=TCP&rtt=493&min_rtt=448&rtt_var=130&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3256&recv_bytes=1253&delivery_rate=7133004&cwnd=253&unsent_bytes=0&cid=dcef5a91311c6154&ts=2254&x=0"
X-Firefox-Spdy: h2

GET grabify.link/js/ads.js

104.26.9.202

200 OK

22 B

URL GET
grabify.link/js/ads.js
IP
104.26.9.202:443
ASN
#13335 CLOUDFLARENET

Requested by
https://grabify.link/MYD1GK
Certificate
IssuerGoogle Trust Services
Subjectgrabify.link
FingerprintD9:B2:98:3B:8A:6B:65:3E:9D:2D:64:7B:E6:97:88:71:F2:DA:4D:BD
ValidityWed, 25 Jun 2025 05:10:22 GMT - Tue, 23 Sep 2025 06:10:02 GMT

File type
ASCII text
Size
22 B (22 bytes)
Hash
f6e2186486eb52f45ccbcd7b58e273e7
a1d561c86b8aa5a5747e6acf5950562a8e1012e9
be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac

HTTP Headers

GET /js/ads.js HTTP/1.1
Host: grabify.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlRodjcvbmY0RlJGckpzcGNpV3FJNUE9PSIsInZhbHVlIjoiT1pYUDZUWDNURU9ORGtlbkdabUpqZVJuU2l5cVkrZ0VSTVF4azNmYVV5TVlCd1lPQ2xZNjBsKy80VG5VSFlIOTIxNG1YZ20ycmlzOThsSzlHcjhKRXlMZEFJNlZ5RE1jeE8wSStRSU1Xb0dKam5XSlN5MG9lc2Z4RzJIa3RKRVciLCJtYWMiOiIyMTI3Mjc4ZmZhNDU2YWJkNzI0NTIzZWVmMWI3NDA2ZDNiNjA1Yzc3YWZlNDY1NTU3ODBkMzFmMTgwY2QzNDRhIiwidGFnIjoiIn0%3D; g_session=eyJpdiI6InY2NEtBNTFqN1F1Y0FoOHd2V2lQN0E9PSIsInZhbHVlIjoiajl5TkJCRVRhV2Z4WGZFWmFlcXlWWlJGTzhybmNxYWNad1dhK0dZRVBMQkFLb3FITEpBbXAxN1J0QlpjMDBPZzdHaEpjVUhWQjhscEx4UXlKYWhmUVpaTGo3cmVpdi9xWmR2VXpNQnFzT1NBMjA0UXBHTVVVdnVLL1JzYWNaZDUiLCJtYWMiOiJjYjc1N2RmOWJkMzRjN2ViYzNmODBkOWFlOTkyMmVkNDM4ZWI4YzY5MDU2YmFlZTdiOWRhYWQ5YWQyYmQwODRlIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 12 Jul 2025 13:11:13 GMT
content-type: application/javascript
content-length: 22
cf-ray: 95e0c9027ae156c7-OSL
last-modified: Mon, 22 Jan 2024 08:59:40 GMT
etag: "16-60f850cd8071e"
cf-cache-status: HIT
age: 3443
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=19ld8KTSvn6o2w7CKus7WDTrKbey0zJUI5DEIRCQcNqHlwk9%2FJBEKy6tZNGJaegVb4PYjbl7wf52t1vkLBbbbV7ITiTiUmNTVEHIg4jukRa9PO6BK34nptTgVFlPKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4526&min_rtt=3661&rtt_var=1990&sent=12&recv=7&lost=0&retrans=0&sent_bytes=4114&recv_bytes=2467&delivery_rate=638043&cwnd=12000&unsent_bytes=0&cid=9e1e58af96abcfbc&ts=451&x=1", cfExtPri, cfHdrFlush;dur=0

GET grabify.link/js/jquery-2.5.1.min.js?id=becdb2801a6652a4af84f6a2d3f8a4f2

104.26.9.202

200 OK

174 kB

URL GET
grabify.link/js/jquery-2.5.1.min.js?id=becdb2801a6652a4af84f6a2d3f8a4f2
IP
104.26.9.202:443
ASN
#13335 CLOUDFLARENET

Requested by
https://grabify.link/MYD1GK
Certificate
IssuerGoogle Trust Services
Subjectgrabify.link
FingerprintD9:B2:98:3B:8A:6B:65:3E:9D:2D:64:7B:E6:97:88:71:F2:DA:4D:BD
ValidityWed, 25 Jun 2025 05:10:22 GMT - Tue, 23 Sep 2025 06:10:02 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
174 kB (173996 bytes)
Hash
85fb6280d58a75de191b75a8d836d143
5453485d28da41bbba410bba3865ff59c3322893
3082121a3d7275fc00adac2f971af5c34e55ae002fea029fa115e1ac84c27d22

HTTP Headers

GET /js/jquery-2.5.1.min.js?id=becdb2801a6652a4af84f6a2d3f8a4f2 HTTP/1.1
Host: grabify.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlRodjcvbmY0RlJGckpzcGNpV3FJNUE9PSIsInZhbHVlIjoiT1pYUDZUWDNURU9ORGtlbkdabUpqZVJuU2l5cVkrZ0VSTVF4azNmYVV5TVlCd1lPQ2xZNjBsKy80VG5VSFlIOTIxNG1YZ20ycmlzOThsSzlHcjhKRXlMZEFJNlZ5RE1jeE8wSStRSU1Xb0dKam5XSlN5MG9lc2Z4RzJIa3RKRVciLCJtYWMiOiIyMTI3Mjc4ZmZhNDU2YWJkNzI0NTIzZWVmMWI3NDA2ZDNiNjA1Yzc3YWZlNDY1NTU3ODBkMzFmMTgwY2QzNDRhIiwidGFnIjoiIn0%3D; g_session=eyJpdiI6InY2NEtBNTFqN1F1Y0FoOHd2V2lQN0E9PSIsInZhbHVlIjoiajl5TkJCRVRhV2Z4WGZFWmFlcXlWWlJGTzhybmNxYWNad1dhK0dZRVBMQkFLb3FITEpBbXAxN1J0QlpjMDBPZzdHaEpjVUhWQjhscEx4UXlKYWhmUVpaTGo3cmVpdi9xWmR2VXpNQnFzT1NBMjA0UXBHTVVVdnVLL1JzYWNaZDUiLCJtYWMiOiJjYjc1N2RmOWJkMzRjN2ViYzNmODBkOWFlOTkyMmVkNDM4ZWI4YzY5MDU2YmFlZTdiOWRhYWQ5YWQyYmQwODRlIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 12 Jul 2025 13:11:14 GMT
content-type: application/javascript
cf-ray: 95e0c9027ae356c7-OSL
last-modified: Mon, 05 May 2025 22:27:04 GMT
etag: "2a7ac-6346affe9659f-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UvE14Ky6rULVp7dl99TErQTIj%2BtoOgTEWYmd0rZmuUXisJvHRlIrfjpXO%2Fh5UmccN0%2FD3jkx5jdM4d8zZOh9huLAb4T0mFa4W3enfTg4U4EGUKuyD9RTMZCd%2FYk9UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5064&min_rtt=3661&rtt_var=2569&sent=13&recv=8&lost=0&retrans=0&sent_bytes=4854&recv_bytes=2511&delivery_rate=638043&cwnd=12000&unsent_bytes=0&cid=9e1e58af96abcfbc&ts=1366&x=1", cfExtPri, cfHdrFlush;dur=0

POST grabify.link/cdn-cgi/rum?

104.26.9.202

204 No Content

0 B

URL POST
grabify.link/cdn-cgi/rum?
IP
104.26.9.202:443
ASN
#13335 CLOUDFLARENET

Requested by
https://grabify.link/MYD1GK
Certificate
IssuerGoogle Trust Services
Subjectgrabify.link
FingerprintD9:B2:98:3B:8A:6B:65:3E:9D:2D:64:7B:E6:97:88:71:F2:DA:4D:BD
ValidityWed, 25 Jun 2025 05:10:22 GMT - Tue, 23 Sep 2025 06:10:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: grabify.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1395
Origin: https://grabify.link
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlRodjcvbmY0RlJGckpzcGNpV3FJNUE9PSIsInZhbHVlIjoiT1pYUDZUWDNURU9ORGtlbkdabUpqZVJuU2l5cVkrZ0VSTVF4azNmYVV5TVlCd1lPQ2xZNjBsKy80VG5VSFlIOTIxNG1YZ20ycmlzOThsSzlHcjhKRXlMZEFJNlZ5RE1jeE8wSStRSU1Xb0dKam5XSlN5MG9lc2Z4RzJIa3RKRVciLCJtYWMiOiIyMTI3Mjc4ZmZhNDU2YWJkNzI0NTIzZWVmMWI3NDA2ZDNiNjA1Yzc3YWZlNDY1NTU3ODBkMzFmMTgwY2QzNDRhIiwidGFnIjoiIn0%3D; g_session=eyJpdiI6InY2NEtBNTFqN1F1Y0FoOHd2V2lQN0E9PSIsInZhbHVlIjoiajl5TkJCRVRhV2Z4WGZFWmFlcXlWWlJGTzhybmNxYWNad1dhK0dZRVBMQkFLb3FITEpBbXAxN1J0QlpjMDBPZzdHaEpjVUhWQjhscEx4UXlKYWhmUVpaTGo3cmVpdi9xWmR2VXpNQnFzT1NBMjA0UXBHTVVVdnVLL1JzYWNaZDUiLCJtYWMiOiJjYjc1N2RmOWJkMzRjN2ViYzNmODBkOWFlOTkyMmVkNDM4ZWI4YzY5MDU2YmFlZTdiOWRhYWQ5YWQyYmQwODRlIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 204 No Content
date: Sat, 12 Jul 2025 13:11:15 GMT
access-control-allow-origin: https://grabify.link
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 95e0c9129f7656c7-OSL
x-frame-options: DENY
x-content-type-options: nosniff

GET fafyughf.com/

0.0.0.0

0 B

URL User Request GET
fafyughf.com/
IP
0.0.0.0:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: fafyughf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET sharevault.cloud/MYD1GK

52.173.151.229

302 Found

4.5 kB

URL User Request GET
sharevault.cloud/MYD1GK
IP
52.173.151.229:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerDigiCert, Inc.
Subjectsharevault.cloud
FingerprintBC:9C:C7:5C:1B:9D:D5:AF:9C:6A:F0:36:D6:87:F2:B1:9A:31:AB:0E
ValidityTue, 27 May 2025 00:00:00 GMT - Thu, 27 Nov 2025 23:59:59 GMT

File type

Size
4.5 kB (4526 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /MYD1GK HTTP/1.1
Host: sharevault.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sat, 12 Jul 2025 13:11:10 GMT
Server: Apache
Location: https://grabify.world/MYD1GK
Status: 301 Moved Permanently
cf-cache-status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 56137e603e72eeba

GET grabify.world/MYD1GK

104.21.80.1

302 Found

4.5 kB

URL User Request GET
grabify.world/MYD1GK
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectgrabify.world
FingerprintEC:BD:9D:22:0E:A2:93:E1:1A:A8:AB:F2:6D:5B:B8:68:36:64:C7:0E
ValidityFri, 16 May 2025 23:32:03 GMT - Fri, 15 Aug 2025 00:30:49 GMT

File type

Size
4.5 kB (4526 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /MYD1GK HTTP/1.1
Host: grabify.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 12 Jul 2025 13:11:10 GMT
location: https://grabify.link/MYD1GK
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=NtoVIjyep3lJYYOFveLClcgXyF81ssL%2BiReHQUY6I3wWtpphN4%2B75oCBU8g3GfFS2rwKUKAREu2qE2KGVUvhJxvRGh3133JEjXkB"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 95e0c8f19ebc56b7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (11)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL POST

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL POST

IP

ASN

Requested by

Certificate