Report - tolfex-soft.com/

Report Overview

Visited public
2025-06-22 00:34:37
Tags
Submit Tags
URL
tolfex-soft.com/
Finishing URL
tolfex-soft.com/
IP / ASN
185.62.58.189
#62370 Snel.com B.V.
Title
Tolfex ™ - The Official App WebSite 2025 [UPDATED]

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-06-18	1.0 kB	36 kB	104.17.25.14
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-06-18	3.2 kB	148 kB	142.250.74.35
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-06-18	493 B	12 kB	142.250.74.10
d3e54v103j8qbb.cloudfront.net	unknown	2008-04-25	2016-03-11	2025-06-19	511 B	90 kB	54.230.245.223
ajax.googleapis.com	12905	2005-01-25	2012-05-22	2025-06-18	443 B	14 kB	142.250.178.42
tolfex-soft.com	unknown	unknown	No data	No data	10 kB	451 kB	185.62.58.189
api.tolfex-soft.com	unknown	unknown	No data	No data	1.4 kB	66 kB	104.21.32.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-06-22	medium	tolfex-soft.com	Sinkholed
2025-06-22	medium	tolfex-soft.com	Sinkholed
2025-06-22	medium	tolfex-soft.com	Sinkholed
2025-06-22	medium	tolfex-soft.com	Sinkholed
2025-06-22	medium	tolfex-soft.com	Sinkholed
2025-06-22	medium	tolfex-soft.com	Sinkholed
2025-06-22	medium	tolfex-soft.com	Sinkholed
2025-06-22	medium	tolfex-soft.com	Sinkholed
2025-06-22	medium	tolfex-soft.com	Sinkholed
2025-06-22	medium	tolfex-soft.com	Sinkholed
2025-06-22	medium	tolfex-soft.com	Sinkholed
2025-06-22	medium	tolfex-soft.com	Sinkholed
2025-06-22	medium	tolfex-soft.com	Sinkholed
2025-06-22	medium	tolfex-soft.com	Sinkholed
2025-06-22	medium	tolfex-soft.com	Sinkholed
2025-06-22	medium	tolfex-soft.com	Sinkholed
2025-06-22	medium	tolfex-soft.com	Sinkholed
2025-06-22	medium	tolfex-soft.com	Sinkholed
2025-06-22	medium	tolfex-soft.com	Sinkholed
2025-06-22	medium	tolfex-soft.com	Sinkholed
2025-06-22	medium	tolfex-soft.com	Sinkholed
2025-06-22	medium	tolfex-soft.com	Sinkholed
2025-06-22	medium	tolfex-soft.com	Sinkholed
2025-06-22	medium	tolfex-soft.com	Sinkholed
2025-06-22	medium	tolfex-soft.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (12)

	URL	From	Size	First Seen	Last Seen
	tolfex-soft.com/	EventHandler	16 B	2023-04-10	2025-07-20
Pretty URL tolfex-soft.com/ IP 185.62.58.189 ASN #62370 Snel.com B.V. Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 15:57 Last Seen2025-07-20 06:37 Times Seen74874 Hash 7c3c3ddeb80438dcbb3d081d2d00e152 5a4016732ee72ec77b4f6ab17047bcea6d2ea34d 321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187 Loading...

	tolfex-soft.com/	ScriptElement	181 B	2023-03-07	2025-07-20
Pretty URL tolfex-soft.com/ IP 185.62.58.189 ASN #62370 Snel.com B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:17 Last Seen2025-07-20 06:04 Times Seen21110 Hash 0e9e3ad57abeefde87342864450cc232 4dc8676bf3417d597053d5f253fce034007f63da 9a37601d1f5a5f2fba3b000694d4bf5e035c606d5485dd94e2997cbe2efe5c26 Loading...

	d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6316fc09812a666ab5a8e357	ScriptElement	90 kB	2023-03-07	2025-07-20
Pretty URL d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6316fc09812a666ab5a8e357 IP 54.230.245.223 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-20 06:40 Times Seen125081 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	tolfex-soft.com/js/bitcoineranew-redisign-2.js	ScriptElement	51 kB	2023-08-05	2025-07-18
Pretty URL tolfex-soft.com/js/bitcoineranew-redisign-2.js IP 185.62.58.189 ASN #62370 Snel.com B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-05 11:32 Last Seen2025-07-18 16:05 Times Seen40 Hash e05d32dde9a53c90efdf0168a8ff32a6 9793ab16615db1d5117275e431b738bd83c9d9d5 81f60dd8a9cd78cd7105cbd6e90a0f73105f9f497136751b02cae276564b5e2f Loading...

	tolfex-soft.com/	ScriptElement	162 B	2025-06-22	2025-06-22
Pretty URL tolfex-soft.com/ IP 185.62.58.189 ASN #62370 Snel.com B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-22 00:34 Last Seen2025-06-22 00:34 Times Seen1 Hash a9c2144ed06641c514d659e2640ef475 2ff360325a2dee62aa9de067573fdacb69d07d80 797d0181b9143e4052618270ab2ce204d860d3014dc765f0821fea1610af9262 Loading...

	tolfex-soft.com/	ScriptElement	108 B	2024-08-15	2025-07-18
Pretty URL tolfex-soft.com/ IP 185.62.58.189 ASN #62370 Snel.com B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-15 00:05 Last Seen2025-07-18 16:05 Times Seen21 Hash acfe5085ca9cb8f441c44c14a6415bb0 19d4f0dc01e621c7840cf1c876594e9549020bba 7d4d2a25a2f9d9f96fb0c549155458ef71dc846b50105ee247fa8aa769a84da4 Loading...

	tolfex-soft.com/	ScriptElement	435 B	2023-03-14	2025-07-19
Pretty URL tolfex-soft.com/ IP 185.62.58.189 ASN #62370 Snel.com B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 10:45 Last Seen2025-07-19 02:26 Times Seen215 Hash 9654491a44ebf24e2758586599482b82 b4becc498cfc06d797a233d36bf2e6645476b53d 873b1577af7c21cc3661dd7524f4f8fa4c7735a5c96c170c988e47c29a85fe24 Loading...

	api.tolfex-soft.com/dist/js/loader.js	ScriptElement	9.8 kB	2024-07-03	2025-07-19
Pretty URL api.tolfex-soft.com/dist/js/loader.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-03 02:39 Last Seen2025-07-19 02:26 Times Seen206 Hash 3a609df0d4643fa4861a3ab6ba295bdc 1a50548665835183a7dcd1b8fe681bee9ff8003f 07355c339c1b5e618d742af78400302fc96ad1e601a08b554c4c3d24472a4fd6 Loading...

	tolfex-soft.com/	ScriptElement	1.2 kB	2024-08-15	2025-07-16
Pretty URL tolfex-soft.com/ IP 185.62.58.189 ASN #62370 Snel.com B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-15 00:05 Last Seen2025-07-16 13:27 Times Seen20 Hash dbb7c0f69a6245212744ebc2209acb77 a05ba4d52aca8deef48669f2e049969428c2e5e7 09e991ebaea51e6b7ea1c19d5fe099bb2e1ae78b411ab432018e7226da1640fd Loading...

	tolfex-soft.com/assets/languageSwitcher.js	ScriptElement	1.1 kB	2023-07-24	2025-07-19
Pretty URL tolfex-soft.com/assets/languageSwitcher.js IP 185.62.58.189 ASN #62370 Snel.com B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-24 11:10 Last Seen2025-07-19 02:26 Times Seen227 Hash 6dd666393aca76e7608e5ea0886102ae dc2f00219490ff31cbcbf1148e1a8e936aaf0531 65baaf73001c13bbb1ae1934c4267e35f27855d25a0f2d2ac3dd20f0df6d66ba Loading...

	ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js	ScriptElement	13 kB	2023-03-07	2025-07-20
Pretty URL ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js IP 142.250.178.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-20 00:15 Times Seen21420 Hash 7c96a5f11d9741541d5e3c42ff6380d7 d3fa2564c021cf730e58ffddb138cf6b57ed126e 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Loading...

	tolfex-soft.com/	ScriptElement	439 B	2024-08-15	2025-07-18
Pretty URL tolfex-soft.com/ IP 185.62.58.189 ASN #62370 Snel.com B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-15 00:05 Last Seen2025-07-18 16:05 Times Seen21 Hash 8c598d68b13beeb8d93b41756987892d 1967abc9e89582335945967942efdd94775354db d8bfd41c983923a8b3e72a70d8d4396377c4dcd11aba0e9a0bc00bd53b83b59e Loading...

HTTP Transactions (36)

URL IP Response Size

GET tolfex-soft.com/images/faq-item-open.png

185.62.58.189

200 OK

200 B

URL GET
tolfex-soft.com/images/faq-item-open.png
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://tolfex-soft.com/
Certificate
IssuerLet's Encrypt
Subjecttolfex-soft.com
Fingerprint33:CB:7E:8C:FB:5A:DB:DC:33:71:83:0F:8A:A6:D5:88:B1:73:CF:AB
ValiditySat, 17 May 2025 19:59:58 GMT - Fri, 15 Aug 2025 19:59:57 GMT

File type
RIFF (little-endian) data, Web/P image
Size
200 B (200 bytes)
Hash
f4babd68fff9374e08daca51602970d7
72c50ffebfca5d761b4dd7ded32f6604f2220a8f
c8a39d7a961fa91d1166e4bec736d82010f82014ce59d5a2aa6c6455475a6fac

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/faq-item-open.png HTTP/1.1
Host: tolfex-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tolfex-soft.com/css/bitcoineranew-redisign-2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Sun, 22 Jun 2025 00:34:15 GMT
content-type: image/webp
content-length: 200
last-modified: Wed, 04 Jun 2025 16:39:54 GMT
etag: "684076da-c8"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET api.tolfex-soft.com/dist/css/integration.css

104.21.32.1

200 OK

52 kB

URL GET
api.tolfex-soft.com/dist/css/integration.css
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tolfex-soft.com/
Certificate
IssuerGoogle Trust Services
Subjecttolfex-soft.com
FingerprintDD:60:6B:CD:06:07:3D:49:A3:08:F9:24:65:5F:31:3A:B8:6F:FE:99
ValidityMon, 12 May 2025 13:24:11 GMT - Sun, 10 Aug 2025 14:23:02 GMT

File type
ASCII text, with very long lines (52366), with no line terminators
Size
52 kB (52366 bytes)
Hash
74670b86d313fc9c1cfecc4577320a49
2e6f390b8455dc82ad94c868fd31c9e485d448b6
862218562bab023f4a3b3d4b4ad6f5319d8efce39f59e2eafe99e9b080805102

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dist/css/integration.css HTTP/1.1
Host: api.tolfex-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tolfex-soft.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Jun 2025 00:34:15 GMT
content-type: text/css
content-length: 9144
server: cloudflare
last-modified: Wed, 02 Apr 2025 23:20:26 GMT
etag: "cc8e-631d3e5f28280;636e4f2032640-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=432000, must-revalidate
cf-cache-status: MISS
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2FsHQv8v9O7RdApa%2BocwLOD0NveMfrEMQukuiE3mXh%2FLHz4r3TLrGeglg0ZEROvq%2BnlMe5O%2FfSTY0AICbgU80fftJ7AjDVGjSiCM7Jh7x4LV1"}]}
cf-ray: 9537a8af1cae56c3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.4.6/flags/4x3/gb.svg

104.17.25.14

200 OK

538 B

URL GET
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.4.6/flags/4x3/gb.svg
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tolfex-soft.com/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT

File type
SVG Scalable Vector Graphics image
Size
538 B (538 bytes)
Hash
d3ddd6025a06a78535b0d432d14905bf
2b5148a18b90f933e47bf895c26d61a52d21d9d8
825310f9bcc8892559317bfc87fc28d5d7bad06c02d562b5740aafcf4b040803

HTTP Headers

GET /ajax/libs/flag-icon-css/3.4.6/flags/4x3/gb.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.4.6/css/flag-icon.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 22 Jun 2025 00:34:16 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 307
cf-ray: 9537a8b2cc4b569c-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5d-21a"
last-modified: Mon, 04 May 2020 16:10:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 718112
expires: Fri, 12 Jun 2026 00:34:16 GMT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4JNmRDrsfdXJ47h6j84c7BHIqUqQoh140cUTDARfw8EDmY9h7heMMGU5tSf%2B8oO77ivfOUh7QMusWjEtAaMjdf%2BIj9v3vuXZOlmCzPOPuItwrw5IGpLkMrIrpDxqcob%2By8B8Jb44"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET tolfex-soft.com/images/bg2.png

185.62.58.189

200 OK

2.5 kB

URL GET
tolfex-soft.com/images/bg2.png
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://tolfex-soft.com/
Certificate
IssuerLet's Encrypt
Subjecttolfex-soft.com
Fingerprint33:CB:7E:8C:FB:5A:DB:DC:33:71:83:0F:8A:A6:D5:88:B1:73:CF:AB
ValiditySat, 17 May 2025 19:59:58 GMT - Fri, 15 Aug 2025 19:59:57 GMT

File type
RIFF (little-endian) data, Web/P image
Size
2.5 kB (2484 bytes)
Hash
8c0711fed1037d1b47ecf6b193bf5aff
96e596be68835835068c8263973ffafc58f8ba97
18762a77486e5423e6b9b283605c5479b248f206ded0d2ec35006bf8d76c819e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/bg2.png HTTP/1.1
Host: tolfex-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tolfex-soft.com/css/bitcoineranew-redisign-2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Sun, 22 Jun 2025 00:34:15 GMT
content-type: image/webp
content-length: 2484
last-modified: Wed, 04 Jun 2025 16:39:53 GMT
etag: "684076d9-9b4"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET tolfex-soft.com/css/bitcoineranew-redisign-2.css

185.62.58.189

200 OK

28 kB

URL GET
tolfex-soft.com/css/bitcoineranew-redisign-2.css
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://tolfex-soft.com/
Certificate
IssuerLet's Encrypt
Subjecttolfex-soft.com
Fingerprint33:CB:7E:8C:FB:5A:DB:DC:33:71:83:0F:8A:A6:D5:88:B1:73:CF:AB
ValiditySat, 17 May 2025 19:59:58 GMT - Fri, 15 Aug 2025 19:59:57 GMT

File type
ASCII text, with very long lines (27585), with no line terminators
Size
28 kB (27585 bytes)
Hash
54d147ca5146e64056734f9d4d14e836
ccec96e5b5f81684b9c92bc619b45c209d1c383e
92e91fe43316709ae51875e3c2af8c54ef0d971e2c50083f73b8ad1c0f7e30f5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/bitcoineranew-redisign-2.css HTTP/1.1
Host: tolfex-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tolfex-soft.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Sun, 22 Jun 2025 00:34:15 GMT
content-type: text/css
content-length: 27585
last-modified: Wed, 04 Jun 2025 16:39:51 GMT
etag: "684076d7-6bc1"
expires: Sun, 29 Jun 2025 00:34:15 GMT
cache-control: max-age=604800, max-age=604800, public
accept-ranges: bytes
X-Firefox-Spdy: h2

GET tolfex-soft.com/images/steps-bg.png

185.62.58.189

200 OK

14 kB

URL GET
tolfex-soft.com/images/steps-bg.png
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://tolfex-soft.com/
Certificate
IssuerLet's Encrypt
Subjecttolfex-soft.com
Fingerprint33:CB:7E:8C:FB:5A:DB:DC:33:71:83:0F:8A:A6:D5:88:B1:73:CF:AB
ValiditySat, 17 May 2025 19:59:58 GMT - Fri, 15 Aug 2025 19:59:57 GMT

File type
RIFF (little-endian) data, Web/P image
Size
14 kB (14234 bytes)
Hash
02e69c5352c2ef356b69b7291fac2b07
6b8aeb643b679b9564e943f869f1646623286663
29cfde5b1f959228c49cd0b38c7bfa3c8006e9b92773fd8181305497f0b86c2a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/steps-bg.png HTTP/1.1
Host: tolfex-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tolfex-soft.com/css/bitcoineranew-redisign-2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Sun, 22 Jun 2025 00:34:15 GMT
content-type: image/webp
content-length: 14234
last-modified: Wed, 04 Jun 2025 16:39:56 GMT
etag: "684076dc-379a"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET tolfex-soft.com/images/poster_index.jpg

185.62.58.189

200 OK

65 kB

URL GET
tolfex-soft.com/images/poster_index.jpg
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://tolfex-soft.com/
Certificate
IssuerLet's Encrypt
Subjecttolfex-soft.com
Fingerprint33:CB:7E:8C:FB:5A:DB:DC:33:71:83:0F:8A:A6:D5:88:B1:73:CF:AB
ValiditySat, 17 May 2025 19:59:58 GMT - Fri, 15 Aug 2025 19:59:57 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 831x449, Scaling: [none]x[none], YUV color, decoders should clamp
Size
65 kB (65066 bytes)
Hash
5f80b2b86b840d6e9aeab579f2e05ef4
7d7b85493c62f4d5b0e85bf6cb317693cf6c8362
32562b038e48134af7364dd82855ac272f8f6cd2f43105f9799d10a692e0deca

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/poster_index.jpg HTTP/1.1
Host: tolfex-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tolfex-soft.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Sun, 22 Jun 2025 00:34:15 GMT
content-type: image/webp
content-length: 65066
last-modified: Wed, 04 Jun 2025 16:39:55 GMT
etag: "684076db-fe2a"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET tolfex-soft.com/assets/languageSwitcher.css

185.62.58.189

200 OK

2.6 kB

URL GET
tolfex-soft.com/assets/languageSwitcher.css
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://tolfex-soft.com/
Certificate
IssuerLet's Encrypt
Subjecttolfex-soft.com
Fingerprint33:CB:7E:8C:FB:5A:DB:DC:33:71:83:0F:8A:A6:D5:88:B1:73:CF:AB
ValiditySat, 17 May 2025 19:59:58 GMT - Fri, 15 Aug 2025 19:59:57 GMT

File type
ASCII text
Size
2.6 kB (2630 bytes)
Hash
34f9a98a85713580849f35db50174b74
f7d7c21843e2df3ec700d6564d092aaa9c9ec298
8ea67b667dec3a3e1f29bed71a5f30c4338465e05f880586f2cb970159996e39

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/languageSwitcher.css HTTP/1.1
Host: tolfex-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tolfex-soft.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Sun, 22 Jun 2025 00:34:15 GMT
content-type: text/css
content-length: 2630
last-modified: Wed, 04 Jun 2025 16:39:46 GMT
etag: "684076d2-a46"
expires: Sun, 29 Jun 2025 00:34:15 GMT
cache-control: max-age=604800, max-age=604800, public
accept-ranges: bytes
X-Firefox-Spdy: h2

GET tolfex-soft.com/images/benefits-bg.png

185.62.58.189

200 OK

62 kB

URL GET
tolfex-soft.com/images/benefits-bg.png
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://tolfex-soft.com/
Certificate
IssuerLet's Encrypt
Subjecttolfex-soft.com
Fingerprint33:CB:7E:8C:FB:5A:DB:DC:33:71:83:0F:8A:A6:D5:88:B1:73:CF:AB
ValiditySat, 17 May 2025 19:59:58 GMT - Fri, 15 Aug 2025 19:59:57 GMT

File type
RIFF (little-endian) data, Web/P image
Size
62 kB (61740 bytes)
Hash
59418ad00e3cbf781a9c3fcd663a668f
cfb5ff9eb4c2cfe5695a582e72be76c50f6bb504
0f26e0ab4255b39a4d8abc7352c7851c9a0d817638bea5f38969d41d5d693fa8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/benefits-bg.png HTTP/1.1
Host: tolfex-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tolfex-soft.com/css/bitcoineranew-redisign-2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Sun, 22 Jun 2025 00:34:15 GMT
content-type: image/webp
content-length: 61740
last-modified: Wed, 04 Jun 2025 16:39:54 GMT
etag: "684076da-f12c"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

142.250.74.35

200 OK

23 kB

URL GET
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://tolfex-soft.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint6C:DD:E7:B7:B0:02:A6:B7:4F:2D:EB:A1:11:A3:4B:1C:31:F9:07:F7
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tolfex-soft.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jun 2025 11:01:16 GMT
expires: Fri, 19 Jun 2026 11:01:16 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
age: 221579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

142.250.74.35

200 OK

22 kB

URL GET
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://tolfex-soft.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint6C:DD:E7:B7:B0:02:A6:B7:4F:2D:EB:A1:11:A3:4B:1C:31:F9:07:F7
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22504, version 1.0
Size
22 kB (22504 bytes)
Hash
1c6c65523675abc6fcd78e804325bd77
898d9808304dc157f5dcb18ca169ec6e2b96b3d7
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

HTTP Headers

GET /s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tolfex-soft.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jun 2025 10:24:20 GMT
expires: Fri, 19 Jun 2026 10:24:20 GMT
cache-control: public, max-age=31536000
age: 223795
last-modified: Tue, 02 May 2023 15:12:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET tolfex-soft.com/assets/languageSwitcher.js

185.62.58.189

200 OK

1.1 kB

URL GET
tolfex-soft.com/assets/languageSwitcher.js
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://tolfex-soft.com/
Certificate
IssuerLet's Encrypt
Subjecttolfex-soft.com
Fingerprint33:CB:7E:8C:FB:5A:DB:DC:33:71:83:0F:8A:A6:D5:88:B1:73:CF:AB
ValiditySat, 17 May 2025 19:59:58 GMT - Fri, 15 Aug 2025 19:59:57 GMT

File type
JavaScript source, ASCII text
Size
1.1 kB (1109 bytes)
Hash
6dd666393aca76e7608e5ea0886102ae
dc2f00219490ff31cbcbf1148e1a8e936aaf0531
65baaf73001c13bbb1ae1934c4267e35f27855d25a0f2d2ac3dd20f0df6d66ba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/languageSwitcher.js HTTP/1.1
Host: tolfex-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tolfex-soft.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Sun, 22 Jun 2025 00:34:15 GMT
content-type: application/javascript
content-length: 1109
last-modified: Wed, 04 Jun 2025 16:39:46 GMT
etag: "684076d2-455"
expires: Sun, 29 Jun 2025 00:34:15 GMT
cache-control: max-age=604800, max-age=604800, public
accept-ranges: bytes
X-Firefox-Spdy: h2

GET tolfex-soft.com/images/Ellipse-505_1Ellipse%20505.png

185.62.58.189

200 OK

1.3 kB

URL GET
tolfex-soft.com/images/Ellipse-505_1Ellipse%20505.png
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://tolfex-soft.com/
Certificate
IssuerLet's Encrypt
Subjecttolfex-soft.com
Fingerprint33:CB:7E:8C:FB:5A:DB:DC:33:71:83:0F:8A:A6:D5:88:B1:73:CF:AB
ValiditySat, 17 May 2025 19:59:58 GMT - Fri, 15 Aug 2025 19:59:57 GMT

File type
RIFF (little-endian) data, Web/P image
Size
1.3 kB (1282 bytes)
Hash
d22a2b0ffa9c35eb23c7cf0433a1e819
e306fb0d8b20b7f22f06fade42a14ba0824b4f7a
2bd7798876d9a4bdeb1bcce00bb036c45e59af76ab3c6ff24e28cb15da4098a3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/Ellipse-505_1Ellipse%20505.png HTTP/1.1
Host: tolfex-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tolfex-soft.com/css/bitcoineranew-redisign-2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Sun, 22 Jun 2025 00:34:15 GMT
content-type: image/webp
content-length: 1282
last-modified: Wed, 04 Jun 2025 16:39:54 GMT
etag: "684076da-502"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

142.250.74.35

200 OK

30 kB

URL GET
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://tolfex-soft.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint6C:DD:E7:B7:B0:02:A6:B7:4F:2D:EB:A1:11:A3:4B:1C:31:F9:07:F7
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT

File type
Web Open Font Format (Version 2), TrueType, length 29752, version 1.0
Size
30 kB (29752 bytes)
Hash
ab1fc8621287e4ea9319a3136812cf80
fb4ed2e52e2a8d7ac50a7618a0c2ea5507a24ef3
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

HTTP Headers

GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tolfex-soft.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jun 2025 10:45:13 GMT
expires: Fri, 19 Jun 2026 10:45:13 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
content-type: font/woff2
age: 222542
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET api.tolfex-soft.com/images/loader.svg?74ab3a4b65d04814e59a43543c8379f0

104.21.32.1

200 OK

1.2 kB

URL GET
api.tolfex-soft.com/images/loader.svg?74ab3a4b65d04814e59a43543c8379f0
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tolfex-soft.com/
Certificate
IssuerGoogle Trust Services
Subjecttolfex-soft.com
FingerprintDD:60:6B:CD:06:07:3D:49:A3:08:F9:24:65:5F:31:3A:B8:6F:FE:99
ValidityMon, 12 May 2025 13:24:11 GMT - Sun, 10 Aug 2025 14:23:02 GMT

File type
SVG Scalable Vector Graphics image
Size
1.2 kB (1236 bytes)
Hash
74ab3a4b65d04814e59a43543c8379f0
8e5a0a73079044e6dca128329d6c95d39bd70266
f319d450c3745ce3b0767b2402f9a26b57ffc4a49753d6726a208b70e6858fa5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/loader.svg?74ab3a4b65d04814e59a43543c8379f0 HTTP/1.1
Host: api.tolfex-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.tolfex-soft.com/dist/css/integration.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 22 Jun 2025 00:34:16 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b0QVdOhS3rd41I7KKEy3zGMAgQm6l5EoI%2F%2Bjq5R0sp8OGo9ufCQl4m1JpOeV%2FqlKUAB5GqocwzxviJU0rD3QkyR5R4kviRhxgsHgd%2BiOjPqIjC0jCw2kp0m3sr%2BleEo3wUlU7Y8x"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 19 Oct 2023 12:39:52 GMT
etag: W/"4d4-608110d5e1600;636e4f2032640"
cache-control: public, max-age=432000, must-revalidate
cf-cache-status: MISS
content-encoding: br
cf-ray: 9537a8b21c25569f-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5223&min_rtt=504&rtt_var=4810&sent=133&recv=172&lost=0&retrans=0&sent_bytes=10326&recv_bytes=9773&delivery_rate=285562&ss_exit_cwnd=14914&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=9f7535f1aafc57ad&ts=467&inflight_dur=39&x=44"

GET cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.4.6/css/flag-icon.min.css

104.17.25.14

200 OK

34 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.4.6/css/flag-icon.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tolfex-soft.com/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT

File type
ASCII text, with very long lines (33818), with no line terminators
Size
34 kB (33818 bytes)
Hash
79fb36dda0a235254c3e31bf00b57065
89eb6d6adc16de57dda315fb2b5602bfe5728ccf
623702bd791d4553ae7226c2f48e26052e359573eb59fa98d819e9b248593e7c

HTTP Headers

GET /ajax/libs/flag-icon-css/3.4.6/css/flag-icon.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tolfex-soft.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Jun 2025 00:34:16 GMT
content-type: text/css; charset=utf-8
content-length: 1466
cf-ray: 9537a8b2280456ab-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5d-841a"
last-modified: Mon, 04 May 2020 16:10:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1017810
expires: Fri, 12 Jun 2026 00:34:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jpJJHVBCVNgX1luKENH7s7sAzDv6woQdOLmInKpIffyQsLqeGMzVFIaC8pG0x2YYhJmpMLuBtYsBbaZxc1a6b5aR%2FQ6GkbpRhaBa0oSMJrLAHuUn4jH9vFIwvbwQ2TDkPkD9XJK3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET tolfex-soft.com/images/features-bg1.png

185.62.58.189

200 OK

6.2 kB

URL GET
tolfex-soft.com/images/features-bg1.png
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://tolfex-soft.com/
Certificate
IssuerLet's Encrypt
Subjecttolfex-soft.com
Fingerprint33:CB:7E:8C:FB:5A:DB:DC:33:71:83:0F:8A:A6:D5:88:B1:73:CF:AB
ValiditySat, 17 May 2025 19:59:58 GMT - Fri, 15 Aug 2025 19:59:57 GMT

File type
RIFF (little-endian) data, Web/P image
Size
6.2 kB (6178 bytes)
Hash
ba304d378f1d002b281f25053226399b
44aa1029c93e28e35cbe1d2a88b7a5c387dd4db2
8e14dedd2181f678066124a0918be4efc44937528f27688eb9fa5c7a118c0a8f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/features-bg1.png HTTP/1.1
Host: tolfex-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tolfex-soft.com/css/bitcoineranew-redisign-2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Sun, 22 Jun 2025 00:34:15 GMT
content-type: image/webp
content-length: 6178
last-modified: Wed, 04 Jun 2025 16:39:54 GMT
etag: "684076da-1822"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET tolfex-soft.com/images/login-icon.png

185.62.58.189

200 OK

306 B

URL GET
tolfex-soft.com/images/login-icon.png
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://tolfex-soft.com/
Certificate
IssuerLet's Encrypt
Subjecttolfex-soft.com
Fingerprint33:CB:7E:8C:FB:5A:DB:DC:33:71:83:0F:8A:A6:D5:88:B1:73:CF:AB
ValiditySat, 17 May 2025 19:59:58 GMT - Fri, 15 Aug 2025 19:59:57 GMT

File type
RIFF (little-endian) data, Web/P image
Size
306 B (306 bytes)
Hash
120d120e334246181ab7a72546a00ab9
85963ca56d72d521350c6b821735a71b55367264
cb36498d7bcd3fe9f89d3f7812b3bbae40e4630b9bed3cfc78bdad3e188c4974

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/login-icon.png HTTP/1.1
Host: tolfex-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tolfex-soft.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Sun, 22 Jun 2025 00:34:15 GMT
content-type: image/webp
content-length: 306
last-modified: Wed, 04 Jun 2025 16:39:54 GMT
etag: "684076da-132"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET api.tolfex-soft.com/dist/js/loader.js

104.21.32.1

200 OK

9.8 kB

URL GET
api.tolfex-soft.com/dist/js/loader.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tolfex-soft.com/
Certificate
IssuerGoogle Trust Services
Subjecttolfex-soft.com
FingerprintDD:60:6B:CD:06:07:3D:49:A3:08:F9:24:65:5F:31:3A:B8:6F:FE:99
ValidityMon, 12 May 2025 13:24:11 GMT - Sun, 10 Aug 2025 14:23:02 GMT

File type
JavaScript source, ASCII text, with very long lines (9753)
Size
9.8 kB (9817 bytes)
Hash
3a609df0d4643fa4861a3ab6ba295bdc
1a50548665835183a7dcd1b8fe681bee9ff8003f
07355c339c1b5e618d742af78400302fc96ad1e601a08b554c4c3d24472a4fd6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dist/js/loader.js HTTP/1.1
Host: api.tolfex-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tolfex-soft.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Jun 2025 00:34:15 GMT
content-type: application/javascript
content-length: 3529
server: cloudflare
last-modified: Tue, 25 Jun 2024 08:23:23 GMT
etag: "2659-61bb29c7054c0;636e4f2032640-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=432000, must-revalidate
cf-cache-status: MISS
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=hPfSlGHY0f%2B9HRGJEVjnfOEXCuk%2Fgq1ATz09bo9LaRfQVGi7RcI59v50qWiQisAxG9gRK0qb5EIMReM3pBkdC1vc288jwXppgMGoRmoJ9Pek"}]}
cf-ray: 9537a8af2cb456c3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

142.250.74.35

200 OK

23 kB

URL GET
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://tolfex-soft.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint6C:DD:E7:B7:B0:02:A6:B7:4F:2D:EB:A1:11:A3:4B:1C:31:F9:07:F7
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23236, version 1.0
Size
23 kB (23236 bytes)
Hash
716309aab2bca045f9627f63ad79d0bf
38804233a29aaf975d557fe14e762c627bef76e0
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

HTTP Headers

GET /s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tolfex-soft.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jun 2025 10:47:56 GMT
expires: Fri, 19 Jun 2026 10:47:56 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:08:26 GMT
content-type: font/woff2
age: 222379
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET tolfex-soft.com/images/bg3.png

185.62.58.189

200 OK

13 kB

URL GET
tolfex-soft.com/images/bg3.png
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://tolfex-soft.com/
Certificate
IssuerLet's Encrypt
Subjecttolfex-soft.com
Fingerprint33:CB:7E:8C:FB:5A:DB:DC:33:71:83:0F:8A:A6:D5:88:B1:73:CF:AB
ValiditySat, 17 May 2025 19:59:58 GMT - Fri, 15 Aug 2025 19:59:57 GMT

File type
RIFF (little-endian) data, Web/P image
Size
13 kB (12676 bytes)
Hash
acf404beaeafad4622a7668efe5690db
785aff6a080a3c51e39558c260af0d39fa51112d
99be507e4a0569ce25f90c6f77004d46a05bf9654150613c5c3012abd6a114bc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/bg3.png HTTP/1.1
Host: tolfex-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tolfex-soft.com/css/bitcoineranew-redisign-2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Sun, 22 Jun 2025 00:34:15 GMT
content-type: image/webp
content-length: 12676
last-modified: Wed, 04 Jun 2025 16:39:53 GMT
etag: "684076d9-3184"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v48/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2

142.250.74.35

200 OK

21 kB

URL GET
fonts.gstatic.com/s/roboto/v48/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://tolfex-soft.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint6C:DD:E7:B7:B0:02:A6:B7:4F:2D:EB:A1:11:A3:4B:1C:31:F9:07:F7
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT

File type
Web Open Font Format (Version 2), TrueType, length 20612, version 1.0
Size
21 kB (20612 bytes)
Hash
b07da7aa3e4f363c5cdbc11312239e8c
47bf5b2f24ea4a4caafccc89b9d2a6677ef9e3b8
e44c11f4834bdd4d6b6da7b8ee5eaebc8acb41250cd6bce5cc82ea8262140eaa

HTTP Headers

GET /s/roboto/v48/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tolfex-soft.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20612
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jun 2025 11:03:40 GMT
expires: Fri, 19 Jun 2026 11:03:40 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 May 2025 23:35:01 GMT
content-type: font/woff2
age: 221435
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET tolfex-soft.com/images/favicon.ico?v=1749055167

185.62.58.189

200 OK

3.7 kB

URL GET
tolfex-soft.com/images/favicon.ico?v=1749055167
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://tolfex-soft.com/
Certificate
IssuerLet's Encrypt
Subjecttolfex-soft.com
Fingerprint33:CB:7E:8C:FB:5A:DB:DC:33:71:83:0F:8A:A6:D5:88:B1:73:CF:AB
ValiditySat, 17 May 2025 19:59:58 GMT - Fri, 15 Aug 2025 19:59:57 GMT

File type
PNG image data, 75 x 75, 8-bit/color RGBA, non-interlaced
Size
3.7 kB (3748 bytes)
Hash
82652264ed7c877f046282824c1c5bf7
bfcebd5eed28c5fa99f6083c8383f77dd8a38e36
cdfbc26e0a7feb234ece9dab7e84af9ab29244f73d62ba3de69d97f171438d7e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/favicon.ico?v=1749055167 HTTP/1.1
Host: tolfex-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tolfex-soft.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Sun, 22 Jun 2025 00:34:16 GMT
content-type: image/x-icon
last-modified: Thu, 22 May 2025 16:39:50 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=oK%2FkQ%2Bk7CvnHZ%2BeB06b6WHMKnbEN9PfHHfuHxNGo%2BeIQ9r3uutieyn1GuiCUONEqZJ1ud4kBpfKEYKqaBMBHI%2BO4%2BIq8Fm8WHMMlGLnlI5QAKPA%3D"}]}
age: 10
cache-control: max-age=14400
cf-cache-status: HIT
etag: W/"682f5356-ea4"
content-encoding: br
cf-ray: 9537a8b34c45feb8-AMS
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET tolfex-soft.com/css/components.css

185.62.58.189

200 OK

30 kB

URL GET
tolfex-soft.com/css/components.css
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://tolfex-soft.com/
Certificate
IssuerLet's Encrypt
Subjecttolfex-soft.com
Fingerprint33:CB:7E:8C:FB:5A:DB:DC:33:71:83:0F:8A:A6:D5:88:B1:73:CF:AB
ValiditySat, 17 May 2025 19:59:58 GMT - Fri, 15 Aug 2025 19:59:57 GMT

File type
ASCII text, with very long lines (29985), with no line terminators
Size
30 kB (29985 bytes)
Hash
cd7bf3efdb1f7b0f5e4f7a8b4cc24a0c
f796be80615d73f1def6c155fb90f7a547169dba
25244b309cff70775c338fb3373a2a94273872101e1f2c90db75892777b7def6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/components.css HTTP/1.1
Host: tolfex-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tolfex-soft.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Sun, 22 Jun 2025 00:34:15 GMT
content-type: text/css
content-length: 29985
last-modified: Wed, 04 Jun 2025 16:39:52 GMT
etag: "684076d8-7521"
expires: Sun, 29 Jun 2025 00:34:15 GMT
cache-control: max-age=604800, max-age=604800, public
accept-ranges: bytes
X-Firefox-Spdy: h2

GET tolfex-soft.com/images/logo.png?v=1749055167

185.62.58.189

200 OK

3.7 kB

URL GET
tolfex-soft.com/images/logo.png?v=1749055167
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://tolfex-soft.com/
Certificate
IssuerLet's Encrypt
Subjecttolfex-soft.com
Fingerprint33:CB:7E:8C:FB:5A:DB:DC:33:71:83:0F:8A:A6:D5:88:B1:73:CF:AB
ValiditySat, 17 May 2025 19:59:58 GMT - Fri, 15 Aug 2025 19:59:57 GMT

File type
PNG image data, 75 x 75, 8-bit/color RGBA, non-interlaced
Size
3.7 kB (3748 bytes)
Hash
82652264ed7c877f046282824c1c5bf7
bfcebd5eed28c5fa99f6083c8383f77dd8a38e36
cdfbc26e0a7feb234ece9dab7e84af9ab29244f73d62ba3de69d97f171438d7e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/logo.png?v=1749055167 HTTP/1.1
Host: tolfex-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tolfex-soft.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Sun, 22 Jun 2025 00:34:15 GMT
content-type: image/png
content-length: 3748
last-modified: Thu, 22 May 2025 16:39:50 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "682f5356-ea4"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
age: 10
cache-control: max-age=14400
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=9V5mdbAAme4QzFfSrH%2FcaaN9H9%2B9Tkv0QjsgVmUusa67iwX%2Bsf3rjJkZVIiG%2BIxeZFS%2BVR1a7O7Rs8K99lwYfKDX82p4LApRPhItb%2B7UKCD0a%2FY%3D"}]}
cf-ray: 9537a8ac6a899ffe-AMS
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET tolfex-soft.com/images/features-bg2.png

185.62.58.189

200 OK

14 kB

URL GET
tolfex-soft.com/images/features-bg2.png
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://tolfex-soft.com/
Certificate
IssuerLet's Encrypt
Subjecttolfex-soft.com
Fingerprint33:CB:7E:8C:FB:5A:DB:DC:33:71:83:0F:8A:A6:D5:88:B1:73:CF:AB
ValiditySat, 17 May 2025 19:59:58 GMT - Fri, 15 Aug 2025 19:59:57 GMT

File type
RIFF (little-endian) data, Web/P image
Size
14 kB (14424 bytes)
Hash
afadd47d5fa6ddea9144bafa18f38d14
ddb21bb2aef4bd710de271550e63afcf65555ef2
7c7d1716df40ee42370b34d128a1f21cb0c892e4f97e066552004e7b596b804e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/features-bg2.png HTTP/1.1
Host: tolfex-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tolfex-soft.com/css/bitcoineranew-redisign-2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Sun, 22 Jun 2025 00:34:15 GMT
content-type: image/webp
content-length: 14424
last-modified: Wed, 04 Jun 2025 16:39:54 GMT
etag: "684076da-3858"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css?family=Ubuntu:700%7CLato:300,400,700,900%7CRoboto:400&display=swap

142.250.74.10

200 OK

11 kB

URL GET
fonts.googleapis.com/css?family=Ubuntu:700%7CLato:300,400,700,900%7CRoboto:400&display=swap
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://tolfex-soft.com/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint58:09:05:96:27:31:E2:3D:AB:89:AD:1C:2E:C3:03:82:B0:27:3D:86
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT

File type
ASCII text, with very long lines (1572)
Size
11 kB (11049 bytes)
Hash
802acf7407cbf20961b6147a0c765c7a
b1d11d84cbfcd5f6bd9b89891e0aba52cd87f98b
6b5dc734a12ed6093996cf1135181b5b881fa1c953a935a384f00e1b011e61d6

HTTP Headers

GET /css?family=Ubuntu:700%7CLato:300,400,700,900%7CRoboto:400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tolfex-soft.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 22 Jun 2025 00:34:15 GMT
date: Sun, 22 Jun 2025 00:34:15 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

142.250.74.35

200 OK

24 kB

URL GET
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://tolfex-soft.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint6C:DD:E7:B7:B0:02:A6:B7:4F:2D:EB:A1:11:A3:4B:1C:31:F9:07:F7
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tolfex-soft.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jun 2025 10:45:07 GMT
expires: Fri, 19 Jun 2026 10:45:07 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
age: 222548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET tolfex-soft.com/

185.62.58.189

200 OK

83 kB

URL User Request GET
tolfex-soft.com/
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Certificate
IssuerLet's Encrypt
Subjecttolfex-soft.com
Fingerprint33:CB:7E:8C:FB:5A:DB:DC:33:71:83:0F:8A:A6:D5:88:B1:73:CF:AB
ValiditySat, 17 May 2025 19:59:58 GMT - Fri, 15 Aug 2025 19:59:57 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (889)
Size
83 kB (82949 bytes)
Hash
b0914ec8f44023312e2c02e778f12ab1
ae0b8a467a0387b2dd67ff732072f1ecdf4d6f30
8642b731cd0ccaf15fa25643c7c394c7d6cd268de1b24bc46e35e36c2b4b2aac

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: tolfex-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Sun, 22 Jun 2025 00:34:14 GMT
content-type: text/html
content-length: 82949
last-modified: Wed, 04 Jun 2025 16:39:46 GMT
etag: "684076d2-14405"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6316fc09812a666ab5a8e357

54.230.245.223

200 OK

90 kB

URL GET
d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6316fc09812a666ab5a8e357
IP
54.230.245.223:443
ASN
#16509 AMAZON-02

Requested by
https://tolfex-soft.com/
Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72
ValidityMon, 05 May 2025 00:00:00 GMT - Thu, 23 Apr 2026 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
90 kB (89476 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /js/jquery-3.5.1.min.dc5e7f18c8.js?site=6316fc09812a666ab5a8e357 HTTP/1.1
Host: d3e54v103j8qbb.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tolfex-soft.com
DNT: 1
Connection: keep-alive
Referer: https://tolfex-soft.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
content-encoding: gzip
date: Sat, 21 Jun 2025 04:37:08 GMT
cache-control: max-age=84600, must-revalidate
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: accept-encoding
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
age: 71833
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KX3sTbbWO_3hnACg6CLeUujcnI8RiTvcYbt9oXDG_Wf3DjhNePN7uA==
X-Firefox-Spdy: h2

GET tolfex-soft.com/js/bitcoineranew-redisign-2.js

185.62.58.189

200 OK

51 kB

URL GET
tolfex-soft.com/js/bitcoineranew-redisign-2.js
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://tolfex-soft.com/
Certificate
IssuerLet's Encrypt
Subjecttolfex-soft.com
Fingerprint33:CB:7E:8C:FB:5A:DB:DC:33:71:83:0F:8A:A6:D5:88:B1:73:CF:AB
ValiditySat, 17 May 2025 19:59:58 GMT - Fri, 15 Aug 2025 19:59:57 GMT

File type
JavaScript source, ASCII text, with very long lines (27813)
Size
51 kB (50696 bytes)
Hash
e05d32dde9a53c90efdf0168a8ff32a6
9793ab16615db1d5117275e431b738bd83c9d9d5
81f60dd8a9cd78cd7105cbd6e90a0f73105f9f497136751b02cae276564b5e2f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/bitcoineranew-redisign-2.js HTTP/1.1
Host: tolfex-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tolfex-soft.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Sun, 22 Jun 2025 00:34:15 GMT
content-type: application/javascript
content-length: 50696
last-modified: Wed, 04 Jun 2025 16:39:46 GMT
etag: "684076d2-c608"
expires: Sun, 29 Jun 2025 00:34:15 GMT
cache-control: max-age=604800, max-age=604800, public
accept-ranges: bytes
X-Firefox-Spdy: h2

GET ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

142.250.178.42

200 OK

13 kB

URL GET
ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
IP
142.250.178.42:443
ASN
#15169 GOOGLE

Requested by
https://tolfex-soft.com/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint58:09:05:96:27:31:E2:3D:AB:89:AD:1C:2E:C3:03:82:B0:27:3D:86
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT

File type
JavaScript source, ASCII text, with very long lines (2134)
Size
13 kB (13188 bytes)
Hash
7c96a5f11d9741541d5e3c42ff6380d7
d3fa2564c021cf730e58ffddb138cf6b57ed126e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

HTTP Headers

GET /ajax/libs/webfont/1.6.26/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tolfex-soft.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jun 2025 15:02:51 GMT
expires: Fri, 19 Jun 2026 15:02:51 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 207084
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET tolfex-soft.com/images/bg1.webp

185.62.58.189

200 OK

30 kB

URL GET
tolfex-soft.com/images/bg1.webp
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://tolfex-soft.com/
Certificate
IssuerLet's Encrypt
Subjecttolfex-soft.com
Fingerprint33:CB:7E:8C:FB:5A:DB:DC:33:71:83:0F:8A:A6:D5:88:B1:73:CF:AB
ValiditySat, 17 May 2025 19:59:58 GMT - Fri, 15 Aug 2025 19:59:57 GMT

File type
RIFF (little-endian) data, Web/P image
Size
30 kB (29588 bytes)
Hash
6c99209fab15a3f80950e45086bcf633
a8f6bda8e0501889063a4c2fca6d283832f2f569
e0986dd42afce1bd880136f60943711d6b923b3d2bf1687d64fbd7f5160fb741

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/bg1.webp HTTP/1.1
Host: tolfex-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tolfex-soft.com/css/bitcoineranew-redisign-2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Sun, 22 Jun 2025 00:34:15 GMT
content-type: image/webp
content-length: 29588
last-modified: Wed, 04 Jun 2025 16:39:46 GMT
etag: "684076d2-7394"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET tolfex-soft.com/images/vertical-dashed-line.png

185.62.58.189

200 OK

112 B

URL GET
tolfex-soft.com/images/vertical-dashed-line.png
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://tolfex-soft.com/
Certificate
IssuerLet's Encrypt
Subjecttolfex-soft.com
Fingerprint33:CB:7E:8C:FB:5A:DB:DC:33:71:83:0F:8A:A6:D5:88:B1:73:CF:AB
ValiditySat, 17 May 2025 19:59:58 GMT - Fri, 15 Aug 2025 19:59:57 GMT

File type
RIFF (little-endian) data, Web/P image
Size
112 B (112 bytes)
Hash
1ad6d027e0377ea03a3a9bba8988dae7
0000607e886de78f92a8d0b985e6a03bec64b355
8d422701c8354ca6b9887ced5309f230a1d8aaaea967d71b207604ac3c642d98

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/vertical-dashed-line.png HTTP/1.1
Host: tolfex-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tolfex-soft.com/css/bitcoineranew-redisign-2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Sun, 22 Jun 2025 00:34:15 GMT
content-type: image/webp
content-length: 112
last-modified: Wed, 04 Jun 2025 16:39:55 GMT
etag: "684076db-70"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET tolfex-soft.com/images/no-scam-bg.png

185.62.58.189

200 OK

32 kB

URL GET
tolfex-soft.com/images/no-scam-bg.png
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://tolfex-soft.com/
Certificate
IssuerLet's Encrypt
Subjecttolfex-soft.com
Fingerprint33:CB:7E:8C:FB:5A:DB:DC:33:71:83:0F:8A:A6:D5:88:B1:73:CF:AB
ValiditySat, 17 May 2025 19:59:58 GMT - Fri, 15 Aug 2025 19:59:57 GMT

File type
RIFF (little-endian) data, Web/P image
Size
32 kB (31986 bytes)
Hash
94d9adae4c0c17c155c9994326ef6af2
b708749b0fecef37c8617ac4e243df27e24f0d43
1133caefd8973113b6f5f620a04ecf5ab6952f2e6fce97f73da594fedc441a37

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/no-scam-bg.png HTTP/1.1
Host: tolfex-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tolfex-soft.com/css/bitcoineranew-redisign-2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Sun, 22 Jun 2025 00:34:15 GMT
content-type: image/webp
content-length: 31986
last-modified: Wed, 04 Jun 2025 16:39:55 GMT
etag: "684076db-7cf2"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET tolfex-soft.com/css/normalize.css

185.62.58.189

200 OK

1.9 kB

URL GET
tolfex-soft.com/css/normalize.css
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://tolfex-soft.com/
Certificate
IssuerLet's Encrypt
Subjecttolfex-soft.com
Fingerprint33:CB:7E:8C:FB:5A:DB:DC:33:71:83:0F:8A:A6:D5:88:B1:73:CF:AB
ValiditySat, 17 May 2025 19:59:58 GMT - Fri, 15 Aug 2025 19:59:57 GMT

File type
ASCII text, with very long lines (1863), with no line terminators
Size
1.9 kB (1863 bytes)
Hash
335a5b1351b11607e99d488a4fb435ec
676a51c37049628da4ec2431f80472f2ccc02b70
d95ef29b3a8ea5e57fc7385f0b2f798c2843268c45b727d3a87eb5ef85504a4c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/normalize.css HTTP/1.1
Host: tolfex-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tolfex-soft.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Sun, 22 Jun 2025 00:34:15 GMT
content-type: text/css
content-length: 1863
last-modified: Wed, 04 Jun 2025 16:39:52 GMT
etag: "684076d8-747"
expires: Sun, 29 Jun 2025 00:34:15 GMT
cache-control: max-age=604800, max-age=604800, public
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML