Report - vikingf1le.us.to/f/yeCO4YmJpX

Report Overview

Visited public
2024-12-01 08:08:55
Tags
dyndns
URL
vikingf1le.us.to/f/yeCO4YmJpX
Finishing URL
vikingf1le.us.to/f/yeCO4YmJpX
IP / ASN
162.159.140.160
#13335 CLOUDFLARENET
Title
game-cloud.meadow-(77791).rar
Suspicious - DynDNS domain

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24	2024-11-27	496 B	7.3 kB	104.16.79.73
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-11-27	6.2 kB	339 kB	104.18.94.41
maxxter.mooo.com	unknown	2000-03-24	2024-12-01	2024-12-01	2.4 kB	81 kB	135.181.208.216
vikingf1le.us.to	unknown	unknown	2024-10-08	2024-10-08	1.5 kB	6.0 kB	172.66.0.102
vikingfile.com	unknown	2024-08-22	2024-10-21	2024-10-21	476 B	3.1 kB	188.114.96.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (49)

	URL	From	Size	First Seen	Last Seen
	vikingf1le.us.to/assets/custom-0b295c18913e200a4e6c987fa3eedf57.js	ScriptElement	12 kB	2024-12-01	2024-12-30
Pretty URL vikingf1le.us.to/assets/custom-0b295c18913e200a4e6c987fa3eedf57.js IP 172.66.0.102 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-01 08:08 Last Seen2024-12-30 14:37 Times Seen3 Hash 38d251b9f54289f20c4d5b493b96a160 3f7f1c54a10eac1b517a49f779465ed14ee5e4a7 6bb94c528578cda2febc617f12610591a0768afe09b06f36f5431be9a1b0035d Loading...

	challenges.cloudflare.com/turnstile/v0/api.js?onload=showCaptcha	ScriptElement	48 kB	2024-11-25	2024-12-05
Pretty URL challenges.cloudflare.com/turnstile/v0/api.js?onload=showCaptcha IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-25 20:51 Last Seen2024-12-05 22:23 Times Seen3518 Hash 1685878b80eecb073e51c13f17a5e530 0fffa666f98f2d8c1156d46d7f9ab90c5b089af3 c61e2e1347b9aca3d8f0c9725490470651a1f6c02841ff71f90305ea391ca6d2 Loading...

	static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015	ScriptElement	20 kB	2024-06-07	2025-05-22
Pretty URL static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 IP 104.16.79.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-07 09:21 Last Seen2025-05-22 05:08 Times Seen51431 Hash ec18af6d41f6f278b6aed3bdabffa7bc 62c9e2cab76b888829f3c5335e91c320b22329ae 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f Loading...

	cdn.tapioni.com/adgpt.js	ScriptElement	2.4 kB	2024-11-19	2024-12-17
Pretty URL cdn.tapioni.com/adgpt.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-19 10:59 Last Seen2024-12-17 05:39 Times Seen65 Hash 4184c925efeb11722b94ba1fbae67042 79f42daf0dbc42a68973d389a9af13fb5cad974f ccb5550d5544978b089eaf1ec10b37ea06af3b5fe53a7cd4fe07ac1b3c2a3a83 Loading...

	maxxter.mooo.com/CyFvUa1.js	ScriptElement	246 kB	2024-11-30	2024-12-17
Pretty URL maxxter.mooo.com/CyFvUa1.js IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-30 22:39 Last Seen2024-12-17 09:21 Times Seen60 Hash 4cdf721c3e9cd4df8fd947ed6b1139a8 bf85824a762ad1a08d5e4282d31fccb8c746d647 30499a13e821afc6edc2c5113f8f37745e4dc7a87edce2aa2a2c2c6c987fa2ab Loading...

	maxxter.mooo.com/api/users/485609?host=vikingf1le.us.to&ev=217&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvikingf1le.us.to%2Ff%2FyeCO4YmJpX&sid=a0693c7a-dc9f-40d2-8118-78c8468288c3&i=1&kw=file%20hosting%2Ccloud%20hosting%2Csecure%20file%20sharing%2Canonymous%20file%20sharing%2Clarge%20file%20sharing%2Cno%20mail%20required%2Cno%20speed%20limit%2Cfast%20file%20sharing%2Creliable%20file%20sharing&url=https%3A%2F%2Fvikingf1le.us.to%2Ff%2FyeCO4YmJpX	ScriptElement	625 B	2024-12-01	2024-12-01
Pretty URL maxxter.mooo.com/api/users/485609?host=vikingf1le.us.to&ev=217&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvikingf1le.us.to%2Ff%2FyeCO4YmJpX&sid=a0693c7a-dc9f-40d2-8118-78c8468288c3&i=1&kw=file%20hosting%2Ccloud%20hosting%2Csecure%20file%20sharing%2Canonymous%20file%20sharing%2Clarge%20file%20sharing%2Cno%20mail%20required%2Cno%20speed%20limit%2Cfast%20file%20sharing%2Creliable%20file%20sharing&url=https%3A%2F%2Fvikingf1le.us.to%2Ff%2FyeCO4YmJpX IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-01 08:08 Last Seen2024-12-01 08:08 Times Seen1 Hash 365bdfb5a4310e3d9aa72401312f3219 a9dfa1ec217c4d679f7a314a24c84910961a4c93 e27763d70d9e6a2afc9e3d565742534b02c2848f1c7e48ce258b2fae3fe1ad79 Loading...

	vikingf1le.us.to/f/yeCO4YmJpX	ScriptElement	0 B	0001-01-01	2025-05-22
Pretty URL vikingf1le.us.to/f/yeCO4YmJpX IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-22 05:08 Times Seen4741765 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cr8c3/0x4AAAAAAAgbsMNBuk2d3Qp6/light/fbE/normal/auto/	ScriptElement	3.5 kB	2024-12-01	2024-12-01
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cr8c3/0x4AAAAAAAgbsMNBuk2d3Qp6/light/fbE/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-01 08:08 Last Seen2024-12-01 08:08 Times Seen1 Hash ebd5cacff86964119d460e7115259e22 efa417bc770ac709f99ad3461141de780967ff42 7af357619a2e1accb56416ac62caf4d639a1fbbb052c0df1c2e1f1d4a371c1dd Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8eb196f8a8515696&lang=auto	ScriptElement	125 kB	2024-12-01	2024-12-01
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8eb196f8a8515696&lang=auto IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-01 08:08 Last Seen2024-12-01 08:08 Times Seen1 Hash 03071773746cff8225b1b3ae1ceeb317 527bb0370c53c390271a805b42515873e5608869 9aacba0f309c016f99ecfe3690a99b9d485a9ef72dc064e52df0b32129e520b4 Loading...

		Size	First Seen	Last Seen
	#1 Eval - fc965e1181932134f7feeb55582c56c3	28 B	2024-12-01 08:08	2024-12-01 08:08
Pretty Observations First Seen2024-12-01 08:08 Last Seen2024-12-01 08:08 Times Seen1 Hash fc965e1181932134f7feeb55582c56c3 cf8d5af84d8645237b6d3bf967ebd58634076817 66fa689f8914ea89c98f6e86a956b0c785e55f43b534e652b5793e948643f884 Loading...

	#2 Eval - 190703fdefdc4cc06e49d361c31619e5	28 B	2024-12-01 08:08	2024-12-01 08:08
Pretty Observations First Seen2024-12-01 08:08 Last Seen2024-12-01 08:08 Times Seen1 Hash 190703fdefdc4cc06e49d361c31619e5 4055a8c72e7eb18ba243f8416406893f57bc4922 2891538ba08117751e5ee37e8185fe8b34271065728f6a4022208b75f263b9cb Loading...

	#3 Eval - 46a8f75ae711512816c9feffe39cfcf1	28 B	2024-12-01 08:08	2024-12-01 08:08
Pretty Observations First Seen2024-12-01 08:08 Last Seen2024-12-01 08:08 Times Seen1 Hash 46a8f75ae711512816c9feffe39cfcf1 ede46e63368265084b72d689e4236f0a35e49461 3f0427724b0b54682c03061569abc3ec27dfb77afd4b041069c4f759916ab14c Loading...

	#4 Eval - 573246a47de3d7a4aa8a43e95d92b7e4	28 B	2024-12-01 08:08	2024-12-01 08:08
Pretty Observations First Seen2024-12-01 08:08 Last Seen2024-12-01 08:08 Times Seen1 Hash 573246a47de3d7a4aa8a43e95d92b7e4 fc45464005fe8b4e6919e077731dd6b197b5637c 7f3423de983c5ee440bba9fd1986d1a823faaa2f0e557066479dee349673cd59 Loading...

	#5 Eval - 9f7d67fbe54f7e79f12747e50f522e6b	28 B	2024-12-01 08:08	2024-12-01 08:08
Pretty Observations First Seen2024-12-01 08:08 Last Seen2024-12-01 08:08 Times Seen1 Hash 9f7d67fbe54f7e79f12747e50f522e6b b621410bc98db34551340b2369a8c8782d7f0de4 d83a3137c16dc26c3dafd1e4682d696f6d94bd57780d9e7c4a03314101b16872 Loading...

	#6 Eval - 378522553a3595dda8bbcbd490f8244a	28 B	2024-12-01 08:08	2024-12-01 08:08
Pretty Observations First Seen2024-12-01 08:08 Last Seen2024-12-01 08:08 Times Seen1 Hash 378522553a3595dda8bbcbd490f8244a abf73bd6e466fcd58838667d318a04007338f95f 7c91b580c3473bef2edc396a93f24e3f3fc441cbb20521a6f7acfaf51862dbb6 Loading...

	#7 Eval - 203811e8a757f875af13ea5588dc0b70	28 B	2024-12-01 08:08	2024-12-01 08:08
Pretty Observations First Seen2024-12-01 08:08 Last Seen2024-12-01 08:08 Times Seen1 Hash 203811e8a757f875af13ea5588dc0b70 d6299b3807010c40fbbe1ee31781723912fdfcbd 6c1ddc3d17ce179a2548994c080a439a82c451a456e2e1bb3951ac36609a30ff Loading...

	#8 Eval - 28c5c37542aa303b41d1912a9d25b3c4	28 B	2024-12-01 08:08	2024-12-01 08:08
Pretty Observations First Seen2024-12-01 08:08 Last Seen2024-12-01 08:08 Times Seen1 Hash 28c5c37542aa303b41d1912a9d25b3c4 97030c95bb87ff7f9f1bff03e48426dbc66b216f 6aafa67e5a61115fd797f01243021b09805e0cd023984e64c6cf8cb3c0d65520 Loading...

	#9 Eval - 90f14a1cfa87e4e847b6d770c7b28643	28 B	2024-12-01 08:08	2024-12-01 08:08
Pretty Observations First Seen2024-12-01 08:08 Last Seen2024-12-01 08:08 Times Seen1 Hash 90f14a1cfa87e4e847b6d770c7b28643 3a2afcd8c516c36ed9cef1d83327ed06d320712c 3f3f31c3383bc34faa57ca705ff4c0c28f330acfa8c5a07e20982360af13c34f Loading...

	#10 Eval - 1d00f17107fa78960fcf7d1ec8dd1092	28 B	2024-12-01 08:08	2024-12-01 08:08
Pretty Observations First Seen2024-12-01 08:08 Last Seen2024-12-01 08:08 Times Seen1 Hash 1d00f17107fa78960fcf7d1ec8dd1092 f8fecd98a8d351022167d13175b025f871864821 c056e8e4de2f193719e139bb0ff214992e226f54b88316ff59f83765841ece1f Loading...

	#11 Eval - 71127c568aa15c2c242a7a5058928718	28 B	2024-12-01 08:08	2024-12-01 08:08
Pretty Observations First Seen2024-12-01 08:08 Last Seen2024-12-01 08:08 Times Seen1 Hash 71127c568aa15c2c242a7a5058928718 7d44fe378c95ab963fb023bae582a7a6ffd5a407 b5d5695ae906630cf60db72e6c0051a89c13620b94b845c80f2441798abf322f Loading...

	#12 Eval - 82308c989c23cc2dbc076d1c832eaa06	28 B	2024-12-01 08:08	2024-12-01 08:08
Pretty Observations First Seen2024-12-01 08:08 Last Seen2024-12-01 08:08 Times Seen1 Hash 82308c989c23cc2dbc076d1c832eaa06 d0a50feedc748af8fe26e18c523bb57c4c97c86d 28de35dd9a6ed2befb31f66484820fcbc726ea5dc2627b7d915b95a1000fe0fd Loading...

	#13 Eval - 62eed534f79089ab315a90b7c1532748	28 B	2024-12-01 08:08	2024-12-01 08:08
Pretty Observations First Seen2024-12-01 08:08 Last Seen2024-12-01 08:08 Times Seen1 Hash 62eed534f79089ab315a90b7c1532748 abbd6f47385284e394be7895c256d3ae473c2b76 f14fd1c18d2c5a1f9b8d4dad89d8eb66ff505ecafd3c6dd815e67147cfb45bc3 Loading...

	#14 Eval - d3b9319a5e4a309e7efb4df58a9950d8	28 B	2024-12-01 08:08	2024-12-01 08:08
Pretty Observations First Seen2024-12-01 08:08 Last Seen2024-12-01 08:08 Times Seen1 Hash d3b9319a5e4a309e7efb4df58a9950d8 bbb01880504f4ce04053b9ec45f647109eb88722 153afeec3e369a831cb82b47df60839fb56c56f01827bac554d137696d06a7d9 Loading...

	#15 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07 01:03	2025-05-22 05:07
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-05-22 05:07 Times Seen370591 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#16 Eval - 8129b1358ed70e32cd7629463a23ce50	28 B	2024-12-01 08:08	2024-12-01 08:08
Pretty Observations First Seen2024-12-01 08:08 Last Seen2024-12-01 08:08 Times Seen1 Hash 8129b1358ed70e32cd7629463a23ce50 fc755543c9d1ee25545570794149597ab093dab4 35b460e1865f1dfbd77e6c12fc8cf5cb303ad2c94f3c65bff09b1d1d4bc00b1a Loading...

	#17 Eval - ed55f42d9a283f005fbd2d8ff463c8ef	28 B	2024-12-01 08:08	2024-12-01 08:08
Pretty Observations First Seen2024-12-01 08:08 Last Seen2024-12-01 08:08 Times Seen1 Hash ed55f42d9a283f005fbd2d8ff463c8ef 5f996c3000db58a82e1c177dfd6e4fec99315f7c d56fe68c27dcf3f426ad1196762c721db96fb2db36d674bd85e586b1bbd42cd8 Loading...

	#18 Eval - 19aeb0d890f99b945899e07d520db4b0	28 B	2024-12-01 08:08	2024-12-01 08:08
Pretty Observations First Seen2024-12-01 08:08 Last Seen2024-12-01 08:08 Times Seen1 Hash 19aeb0d890f99b945899e07d520db4b0 cf819b30fa9e4dfeedf8ce4f09b754d991590091 74536d01712cbddfc9430c66d10e12a316544a5cdcec5318e19d5e1d47e9f3ad Loading...

	#19 Eval - ae23284d8b631cc88553e2208efb9a7a	28 B	2024-12-01 08:08	2024-12-01 08:08
Pretty Observations First Seen2024-12-01 08:08 Last Seen2024-12-01 08:08 Times Seen1 Hash ae23284d8b631cc88553e2208efb9a7a 37cb9b3c1f13a714b83f99b08b10ad6af7b40b17 15fc24f580c2c26f8534170c7c795043171245f8b403e2418813eedaf3fea183 Loading...

	#20 Eval - 147040933dd73e10c281d950a75be266	28 B	2024-12-01 08:08	2024-12-01 08:08
Pretty Observations First Seen2024-12-01 08:08 Last Seen2024-12-01 08:08 Times Seen1 Hash 147040933dd73e10c281d950a75be266 16e0f062f2c68684bf2b406e0deacb493a2b06a8 d39902f81a6381f6ad933e626f2ba708c8fda30b4bbc21e518a062d27fa5ed17 Loading...

	#21 Eval - b7d085ddaa3338994f8af20e1347d879	28 B	2024-12-01 08:08	2024-12-01 08:08
Pretty Observations First Seen2024-12-01 08:08 Last Seen2024-12-01 08:08 Times Seen1 Hash b7d085ddaa3338994f8af20e1347d879 c63fab4fbc58bc6dda5d85fc14c8146b7c08e93f 3e843c7b3a0f387837fe20ad6a41ab6bfd61bf186b8741bb40ec6461b400651a Loading...

	#22 Eval - 6c6c90500a5a1522df5f8bf9793e974b	28 B	2024-12-01 08:08	2024-12-01 08:08
Pretty Observations First Seen2024-12-01 08:08 Last Seen2024-12-01 08:08 Times Seen1 Hash 6c6c90500a5a1522df5f8bf9793e974b 70f73ddb8f0277b46a544ebf7c69981e124c9c47 6162e57aba67daf24da584b24e56df03871fa1612cca4fc62cf3841d4f66f53a Loading...

	#23 Eval - 5c41b9921ae1e25032c5349c029ddd90	28 B	2024-12-01 08:08	2024-12-01 08:08
Pretty Observations First Seen2024-12-01 08:08 Last Seen2024-12-01 08:08 Times Seen1 Hash 5c41b9921ae1e25032c5349c029ddd90 fb3b36f7f405c083cf4925953163489821cb450f a5cbc0a2144c0a854f80f34b1a91be89f1f1c77127387737a27fe1f8d159d095 Loading...

	#24 Eval - 8bf72c871f4ec970dd2f9f6b7fc01b0b	28 B	2024-12-01 08:08	2024-12-01 08:08
Pretty Observations First Seen2024-12-01 08:08 Last Seen2024-12-01 08:08 Times Seen1 Hash 8bf72c871f4ec970dd2f9f6b7fc01b0b b33e4be2a6b72bf63242d976d40c378123274a98 547aaf11fd69b01a3270b09566a33f048013fd6c46cb22e976616943904752e1 Loading...

	#25 Eval - 073ad813820f6db59437f08863f0c33b	28 B	2024-12-01 08:08	2024-12-01 08:08
Pretty Observations First Seen2024-12-01 08:08 Last Seen2024-12-01 08:08 Times Seen1 Hash 073ad813820f6db59437f08863f0c33b bfc2a4cb8a9e3fdd7c677525e9de690db56663f1 25f7762fb375b331501018f9af9d5108f8e40cd9709db238e66287b997133347 Loading...

	#26 Eval - 3aa7afc122f0e9f756bcb2e0fc59efa7	28 B	2024-12-01 08:08	2024-12-01 08:08
Pretty Observations First Seen2024-12-01 08:08 Last Seen2024-12-01 08:08 Times Seen1 Hash 3aa7afc122f0e9f756bcb2e0fc59efa7 68164c666290309bf81cf0cf747a24a2e21b72c7 cd5c9f147e974642a1deb164fb709ac3ed0dd7fa1f0b34b1ead00a448743802b Loading...

	#27 Eval - ac7c8782c04551953527877aca1b3527	28 B	2024-12-01 08:09	2024-12-01 08:09
Pretty Observations First Seen2024-12-01 08:09 Last Seen2024-12-01 08:09 Times Seen1 Hash ac7c8782c04551953527877aca1b3527 ee6343eb4f10ccf2186560d4ed4e30c04bff3ef1 106db657128d1c6b9afd6b24eb2bc8a9331751458a8a7e57105be55ae35af92d Loading...

	#28 Eval - 56a481dea5bfa4f15e53320969f42f02	28 B	2024-12-01 08:09	2024-12-01 08:09
Pretty Observations First Seen2024-12-01 08:09 Last Seen2024-12-01 08:09 Times Seen1 Hash 56a481dea5bfa4f15e53320969f42f02 f8449feee552702959f03ad23e337e31a8a358e2 653a1facab1705ab90d09c69c3d860db940e709591dd1a54a2d1ce25d4a674f8 Loading...

	#29 Eval - 785cbe084084fd09226570ea7542b1f5	28 B	2024-12-01 08:09	2024-12-01 08:09
Pretty Observations First Seen2024-12-01 08:09 Last Seen2024-12-01 08:09 Times Seen1 Hash 785cbe084084fd09226570ea7542b1f5 e8fb4f64c4ed5a233b0e17a5dcbe92fbda855320 30169d069c8bbaec9c1eb9543e10ce27ab413e593278f69bdb4d1699bcd6d624 Loading...

	#30 Eval - 4e6c13f85a80a52ea0a22a26b1db4fea	28 B	2024-12-01 08:09	2024-12-01 08:09
Pretty Observations First Seen2024-12-01 08:09 Last Seen2024-12-01 08:09 Times Seen1 Hash 4e6c13f85a80a52ea0a22a26b1db4fea 5b30ac1aed5bbd3905f4bb07c252ab3b23553c6e 40e865c96ca32715ab9a73a7088a75a13e55c7cb9baca2f99a2e1617ec5e5f31 Loading...

	#31 Eval - e294f331338fea9de2e2ccabfd034475	28 B	2024-12-01 08:09	2024-12-01 08:09
Pretty Observations First Seen2024-12-01 08:09 Last Seen2024-12-01 08:09 Times Seen1 Hash e294f331338fea9de2e2ccabfd034475 cf687b3eea698a333f42a09f0b09109eba3d0b73 4abd9f17a1980e7c6a5cc5d6672729b9ee516c9596fb5b59ad4a2085fd116c65 Loading...

	#32 Eval - 8a1b0122f1ce82ac161ccc498405c31b	28 B	2024-12-01 08:09	2024-12-01 08:09
Pretty Observations First Seen2024-12-01 08:09 Last Seen2024-12-01 08:09 Times Seen1 Hash 8a1b0122f1ce82ac161ccc498405c31b 57579128d56f245004c7f4a15d44b5c181a58dac c704a7ad2ad2fe3a01a6b5a46966ae6d51b1eede14f4c415f7214d2fc4761ad1 Loading...

	#33 Eval - 7363cee7ab3418a24afca74d658caae5	28 B	2024-12-01 08:09	2024-12-01 08:09
Pretty Observations First Seen2024-12-01 08:09 Last Seen2024-12-01 08:09 Times Seen1 Hash 7363cee7ab3418a24afca74d658caae5 bb14cbc501c0391b0d5ea22587b6671698bc82f2 cb7a74e24949b1b6fe287b0c6f3d53fa64f7390a9c8dc370fd81eb460b874334 Loading...

	#34 Eval - b47764e49b9d044b8dddf3309dca1b9f	28 B	2024-12-01 08:09	2024-12-01 08:09
Pretty Observations First Seen2024-12-01 08:09 Last Seen2024-12-01 08:09 Times Seen1 Hash b47764e49b9d044b8dddf3309dca1b9f 561f6888bc86be8b1101f8565a73cb6a4a039555 c3b9d52a491ed6faae04caa66a86a5a10c1cf76db3c24b086fa698ea96b160b8 Loading...

	#35 Eval - 97a2776de83a27ea8b105e30868c8c8e	28 B	2024-12-01 08:09	2024-12-01 08:09
Pretty Observations First Seen2024-12-01 08:09 Last Seen2024-12-01 08:09 Times Seen1 Hash 97a2776de83a27ea8b105e30868c8c8e 2c08d679e8dafb75cb5b23a2a06d49880d0d5bdc 97b8ac931ac5587a52c729c071fd5fd9dc86bb7469e576131966e9dea7a4a55b Loading...

	#36 Eval - 2c91a4e58cef77bcfc4a172ae43430b9	28 B	2024-12-01 08:09	2024-12-01 08:09
Pretty Observations First Seen2024-12-01 08:09 Last Seen2024-12-01 08:09 Times Seen1 Hash 2c91a4e58cef77bcfc4a172ae43430b9 588d0d0553600913c17e570a39c158dd5f67b5e7 4f71293ace9ee7bf76bd401503c578606a0792898b1384fe1afb2bfcb4aee9ae Loading...

	#37 Eval - 17f0bdcf659ce3d121e7614adf807834	28 B	2024-12-01 08:09	2024-12-01 08:09
Pretty Observations First Seen2024-12-01 08:09 Last Seen2024-12-01 08:09 Times Seen1 Hash 17f0bdcf659ce3d121e7614adf807834 7e4b481ebe4b6400aa7cea94ea9633ba9e2b530b 8d7528dfe8bc590a37f0a0107d5393fb87aa6ff910e68566fa4d217d21028363 Loading...

	#38 Eval - eeb8cec2c2cdf8f5f59762bebb205239	28 B	2024-12-01 08:09	2024-12-01 08:09
Pretty Observations First Seen2024-12-01 08:09 Last Seen2024-12-01 08:09 Times Seen1 Hash eeb8cec2c2cdf8f5f59762bebb205239 531760c6dbcdc88e3cb40512aef87a390496d6d3 f249f118e1025fb3528233c4214e7fd57a087fa7568475a6db472cd5b7222a0e Loading...

	#39 Eval - d01ec5d3624605b60a44878263e2fcc6	28 B	2024-12-01 08:09	2024-12-01 08:09
Pretty Observations First Seen2024-12-01 08:09 Last Seen2024-12-01 08:09 Times Seen1 Hash d01ec5d3624605b60a44878263e2fcc6 71543b30a0f9b322a4537cb2c92a407e7db3e1f1 76ffcb702ab9f1b9afa92e3dfc2b27857053fee8beb32b4ce1f3ad511a287214 Loading...

	#40 Eval - 7d75acf6bd1ae928b0a30b4db5c0431a	61 B	2024-11-25 20:51	2024-12-05 22:23
Pretty Observations First Seen2024-11-25 20:51 Last Seen2024-12-05 22:23 Times Seen3558 Hash 7d75acf6bd1ae928b0a30b4db5c0431a 395aec81ad59826b4f2bc5f414a05dc29a8e469f 0c583f882c231923858b1b0db86422bd0f373bd7d72ee3c4787dfdba46338efc Loading...

HTTP Transactions (18)

URL IP Response Size

challenges.cloudflare.com/turnstile/v0/api.js?onload=showCaptcha

104.18.94.41

302 Found

0 B

URL
challenges.cloudflare.com/turnstile/v0/api.js?onload=showCaptcha
IP
104.18.94.41:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js?onload=showCaptcha HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vikingf1le.us.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 01 Dec 2024 08:08:29 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/b/a6e12e96a2d5/api.js
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb196f33f0156ae-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

maxxter.mooo.com/CyFvUa1.js

135.181.208.216

200 OK

79 kB

URL GET HTTP/2
maxxter.mooo.com/CyFvUa1.js
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://vikingf1le.us.to/f/yeCO4YmJpX
Certificate
IssuerLet's Encrypt
Subjecta.mysalo.store
FingerprintCA:11:49:48:A8:85:3A:C5:2A:3F:B1:96:BB:46:FA:EF:2C:7E:9F:03
ValidityFri, 29 Nov 2024 11:28:37 GMT - Thu, 27 Feb 2025 11:28:36 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Size
79 kB (78656 bytes)
Hash
4cdf721c3e9cd4df8fd947ed6b1139a8
bf85824a762ad1a08d5e4282d31fccb8c746d647
30499a13e821afc6edc2c5113f8f37745e4dc7a87edce2aa2a2c2c6c987fa2ab

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /CyFvUa1.js HTTP/1.1
Host: maxxter.mooo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vikingf1le.us.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 01 Dec 2024 08:08:30 GMT
content-type: application/javascript
content-length: 78656
last-modified: Thu, 28 Nov 2024 10:37:42 GMT
vary: Accept-Encoding
etag: "674847f6-13340"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 73
cf-ray: 8e99be19094f4c86-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1

104.18.94.41

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cr8c3/0x4AAAAAAAgbsMNBuk2d3Qp6/light/fbE/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintC1:16:CA:AE:53:D5:B8:63:59:BB:EB:73:AB:F0:98:7E:EE:7F:E3:EB
ValiditySun, 03 Nov 2024 16:27:50 GMT - Sat, 01 Feb 2025 17:27:46 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cr8c3/0x4AAAAAAAgbsMNBuk2d3Qp6/light/fbE/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 01 Dec 2024 08:08:30 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 8eb196f959295696-OSL
alt-svc: h3=":443"; ma=86400

vikingf1le.us.to/assets/custom-0b295c18913e200a4e6c987fa3eedf57.js

172.66.0.102

301 Moved Permanently

3.7 kB

URL GET HTTP/3
vikingf1le.us.to/assets/custom-0b295c18913e200a4e6c987fa3eedf57.js
IP
172.66.0.102:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vikingf1le.us.to/f/yeCO4YmJpX
Certificate
IssuerGoogle Trust Services
Subjectvikingf1le.us.to
FingerprintB8:79:4B:50:5F:49:16:13:50:58:EF:5E:75:6C:34:44:4A:D0:E8:D4
ValiditySun, 06 Oct 2024 12:43:54 GMT - Sat, 04 Jan 2025 12:43:53 GMT

File type
data
Size
3.7 kB (3675 bytes)
Hash
68ffcc271978372d22d411df94bd0cd3
9ec0a42979728bf9db065a97cbc99d7f3fbf73c4
2a4d9a7fda187713872dc9449e284bd5fd1da21cdec943f2b03b02cab254a7bf

HTTP Headers

GET /assets/custom-0b295c18913e200a4e6c987fa3eedf57.js HTTP/1.1
Host: vikingf1le.us.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vikingf1le.us.to/f/yeCO4YmJpX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
date: Sun, 01 Dec 2024 08:08:30 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J3O3B3UnVaFWd6aQV%2B93%2FsVir96d%2BEQoTC2OnuKBl8AwOOKFC4t1LUKi0uZ7rR6N6RDcyc36mywjUTei%2FOmy8wg5ImMKFSUPVIvY9CefsaUwZ1mzqqtEz42vQtV051b5REJB"}],"group":"cf-nel","max_age":604800}
location: https://vikingfile.com/assets/custom-0b295c18913e200a4e6c987fa3eedf57.js
cache-control: max-age=14400
cf-cache-status: EXPIRED
cf-ray: 8eb196f2df99b52d-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

vikingf1le.us.to/cdn-cgi/rum?

172.66.0.102

204 No Content

0 B

URL POST HTTP/3
vikingf1le.us.to/cdn-cgi/rum?
IP
172.66.0.102:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vikingf1le.us.to/f/yeCO4YmJpX
Certificate
IssuerGoogle Trust Services
Subjectvikingf1le.us.to
FingerprintB8:79:4B:50:5F:49:16:13:50:58:EF:5E:75:6C:34:44:4A:D0:E8:D4
ValiditySun, 06 Oct 2024 12:43:54 GMT - Sat, 04 Jan 2025 12:43:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: vikingf1le.us.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1338
Origin: https://vikingf1le.us.to
DNT: 1
Connection: keep-alive
Referer: https://vikingf1le.us.to/f/yeCO4YmJpX
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Sun, 01 Dec 2024 08:08:31 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://vikingf1le.us.to
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 8eb196faef9db52d-OSL
x-frame-options: DENY

vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico

188.114.96.1

200 OK

2.2 kB

URL GET
vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

Requested by
https://vikingf1le.us.to/f/yeCO4YmJpX
Certificate
IssuerGoogle Trust Services
Subjectvikingfile.com
FingerprintDA:EE:10:85:0A:D6:0C:C3:78:8F:4F:D5:00:91:98:D5:2A:4B:17:C8
ValidityMon, 21 Oct 2024 11:00:30 GMT - Sun, 19 Jan 2025 11:00:29 GMT

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
2.2 kB (2210 bytes)
Hash
cc97d1c91b4029e9315685b09f85893d
afda933d321379aef9a5d43d4fea5f85a1ea4b0c
9debfd0610612fddc8bd5e5b83000df0c52e2beabcbc3c93ae530565c0cb708d

HTTP Headers

GET /assets/favicon-64375c377b5df8304acbdad4f4430694.ico HTTP/1.1
Host: vikingfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vikingf1le.us.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 01 Dec 2024 08:08:31 GMT
content-type: image/x-icon
last-modified: Mon, 19 Aug 2024 05:43:14 GMT
etag: W/"66c2db72-3c2e"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZcKKzgpON2XChzr%2B5Lvem7sJGbMVXKgxxLsRKeBoAxbcz%2FXFQhKdFco0O8b%2FkPn5oDXHuzUYpxEd%2BtY3t%2Flip2U0OkV9qzIr18FXxOsT%2FZrr9iJEiG%2Bp%2F%2FyrLSEBu%2Fv0Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb196fa0cdc1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19196&min_rtt=17352&rtt_var=7824&sent=11&recv=6&lost=0&retrans=0&sent_bytes=4058&recv_bytes=1124&delivery_rate=34231&cwnd=12000&unsent_bytes=0&cid=a76cf17c64e55662&ts=388&x=1", cfHdrFlush;dur=0

vikingf1le.us.to/assets/favicon-64375c377b5df8304acbdad4f4430694.ico

172.66.0.102

301 Moved Permanently

673 B

URL GET
vikingf1le.us.to/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
IP
172.66.0.102:0
ASN
#13335 CLOUDFLARENET

Requested by
https://vikingf1le.us.to/f/yeCO4YmJpX
Certificate
IssuerGoogle Trust Services
Subjectvikingf1le.us.to
FingerprintB8:79:4B:50:5F:49:16:13:50:58:EF:5E:75:6C:34:44:4A:D0:E8:D4
ValiditySun, 06 Oct 2024 12:43:54 GMT - Sat, 04 Jan 2025 12:43:53 GMT

File type
data
Size
673 B (673 bytes)
Hash
548bbb8c2030693953022a8198baded4
862efb59ecfe01aff78e5056ae0c025b8c23a192
1a30b4d6fcb9456824eee21583cdb5ddfb272a82b336a7e4c2297c6252464996

HTTP Headers

GET /assets/favicon-64375c377b5df8304acbdad4f4430694.ico HTTP/1.1
Host: vikingf1le.us.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vikingf1le.us.to/f/yeCO4YmJpX
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
date: Sun, 01 Dec 2024 08:08:31 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jvGoLKgoezC%2Bv06jrVS3ZI7ZSR1w5y1JC2YQrEyJCbtXg70jpKk2mWjdjhH0KXh037o2rW4Q47JCD1Xcl2sgKog%2BZ6b7l26feyyNyRBh7Owf5%2FJMRCC98tbCBq9XyYDHAeS6"}],"group":"cf-nel","max_age":604800}
location: https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
cf-ray: 8eb196f9cf9cb52d-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

maxxter.mooo.com/api/users/485609?host=vikingf1le.us.to&ev=217&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvikingf1le.us.to%2Ff%2FyeCO4YmJpX&sid=a0693c7a-dc9f-40d2-8118-78c8468288c3&i=1&kw=file%20hosting%2Ccloud%20hosting%2Csecure%20file%20sharing%2Canonymous%20file%20sharing%2Clarge%20file%20sharing%2Cno%20mail%20required%2Cno%20speed%20limit%2Cfast%20file%20sharing%2Creliable%20file%20sharing&url=https%3A%2F%2Fvikingf1le.us.to%2Ff%2FyeCO4YmJpX

135.181.208.216

200 OK

915 B

URL GET HTTP/2
maxxter.mooo.com/api/users/485609?host=vikingf1le.us.to&ev=217&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvikingf1le.us.to%2Ff%2FyeCO4YmJpX&sid=a0693c7a-dc9f-40d2-8118-78c8468288c3&i=1&kw=file%20hosting%2Ccloud%20hosting%2Csecure%20file%20sharing%2Canonymous%20file%20sharing%2Clarge%20file%20sharing%2Cno%20mail%20required%2Cno%20speed%20limit%2Cfast%20file%20sharing%2Creliable%20file%20sharing&url=https%3A%2F%2Fvikingf1le.us.to%2Ff%2FyeCO4YmJpX
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://vikingf1le.us.to/f/yeCO4YmJpX
Certificate
IssuerLet's Encrypt
Subjecta.mysalo.store
FingerprintCA:11:49:48:A8:85:3A:C5:2A:3F:B1:96:BB:46:FA:EF:2C:7E:9F:03
ValidityFri, 29 Nov 2024 11:28:37 GMT - Thu, 27 Feb 2025 11:28:36 GMT

File type
gzip compressed data, from Unix
Size
915 B (915 bytes)
Hash
95ad1d28d6d190fe313fd3f2c494b699
a4ea48923dbe03f31c5ba3cfad80eb8d573f41e4
f18c49983daa2b6345912f02838f3e47500870142fad5c9d7d328c15d9de7e12

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /api/users/485609?host=vikingf1le.us.to&ev=217&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvikingf1le.us.to%2Ff%2FyeCO4YmJpX&sid=a0693c7a-dc9f-40d2-8118-78c8468288c3&i=1&kw=file%20hosting%2Ccloud%20hosting%2Csecure%20file%20sharing%2Canonymous%20file%20sharing%2Clarge%20file%20sharing%2Cno%20mail%20required%2Cno%20speed%20limit%2Cfast%20file%20sharing%2Creliable%20file%20sharing&url=https%3A%2F%2Fvikingf1le.us.to%2Ff%2FyeCO4YmJpX HTTP/1.1
Host: maxxter.mooo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vikingf1le.us.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 01 Dec 2024 08:08:31 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=SJJ3X2WPbczdOBoytLB4; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

104.16.79.73

200 OK

6.9 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
IP
104.16.79.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vikingf1le.us.to/f/yeCO4YmJpX
Certificate
IssuerGoogle Trust Services
Subjectcloudflareinsights.com
FingerprintA3:1D:4E:72:41:6A:D8:04:03:98:90:E7:8B:07:8D:A6:88:FE:B6:A3
ValidityFri, 01 Nov 2024 08:16:38 GMT - Thu, 30 Jan 2025 08:16:37 GMT

File type
JavaScript source, ASCII text, with very long lines (19948), with no line terminators
Size
6.9 kB (6883 bytes)
Hash
ec18af6d41f6f278b6aed3bdabffa7bc
62c9e2cab76b888829f3c5335e91c320b22329ae
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

HTTP Headers

GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vikingf1le.us.to
DNT: 1
Connection: keep-alive
Referer: https://vikingf1le.us.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Dec 2024 08:08:29 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.6.1"
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb196f32faab524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8eb196f8a8515696/1733040511294/miTlCIcbX7C0oVA

104.18.94.41

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8eb196f8a8515696/1733040511294/miTlCIcbX7C0oVA
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cr8c3/0x4AAAAAAAgbsMNBuk2d3Qp6/light/fbE/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintC1:16:CA:AE:53:D5:B8:63:59:BB:EB:73:AB:F0:98:7E:EE:7F:E3:EB
ValiditySun, 03 Nov 2024 16:27:50 GMT - Sat, 01 Feb 2025 17:27:46 GMT

File type
PNG image data, 84 x 75, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
08f96da660d4659f824682463bfd53de
21c4dacf5815abb01892c39c51553a02bceb33f7
19488604d5ad4d4bfc0a2d1010fe0541e5d79286a18288f6ef84da29398c9733

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/i/8eb196f8a8515696/1733040511294/miTlCIcbX7C0oVA HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cr8c3/0x4AAAAAAAgbsMNBuk2d3Qp6/light/fbE/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 01 Dec 2024 08:08:33 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8eb197082cd15696-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8eb196f8a8515696/1733040511295/f30a5135f29743763f69cdaf50553cf2cc7329f290a1099fed02f72788fa7bfd/lYDeij62Ev6ckW4

104.18.94.41

401 Unauthorized

1 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8eb196f8a8515696/1733040511295/f30a5135f29743763f69cdaf50553cf2cc7329f290a1099fed02f72788fa7bfd/lYDeij62Ev6ckW4
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cr8c3/0x4AAAAAAAgbsMNBuk2d3Qp6/light/fbE/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintC1:16:CA:AE:53:D5:B8:63:59:BB:EB:73:AB:F0:98:7E:EE:7F:E3:EB
ValiditySun, 03 Nov 2024 16:27:50 GMT - Sat, 01 Feb 2025 17:27:46 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/pat/8eb196f8a8515696/1733040511295/f30a5135f29743763f69cdaf50553cf2cc7329f290a1099fed02f72788fa7bfd/lYDeij62Ev6ckW4 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cr8c3/0x4AAAAAAAgbsMNBuk2d3Qp6/light/fbE/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Sun, 01 Dec 2024 08:08:33 GMT
content-type: text/plain; charset=utf-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g8wpRNfKXQ3Y_ac2vUFU88sxzKfKQoQmf7QL3J4j6e_0AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAscjm_UO_k901rNdCKgLw5bvI4i6M_jDNCIXpfs2LRbtxwLOrUyplqVvML_hVlB5tIDMuj0ihhaOFHose-Y0_UjQnNUGE_vol46VvGgscTMtTjU4xINriap8AMTIygvljEBt6my-nBwkUGhY3U9v5iKC-eWR5bTfvrqFsuIVxafkSfhHqDXB4KLGNjvOOV71GGJ9x4yxA-C2OcULZ1uDDKuvAaMhuiWdF6OzSTXruP9yPg1vmuteavOW1re0YDbCbtK16PhHdSzWym7v_FrvId-2zf26j50FlTd_vl_DcKNDVCgWDoU0uX3cU6V3rSQoVXREEqPr-2ywSGru8ZuXRoQIDAQAB", max-age=20, PrivateToken challenge="AAIAHXNhdC5wYXQtaXNzdWVyLmNsb3VkZmxhcmUuY29tIPMKUTXyl0N2P2nNr1BVPPLMcynykKEJn-0C9yeI-nv9ABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsLS4HBnLGydwK-bLQGRCaoyMsrXBRrDgQVmxS06j3UF0nYSd6GdTGCKIu1WV60eg-tJtTttfEVq7wHVQf4vzjYBidmCh88ebzxKv2GB6PESSodf5MsEup9xd5dxpkYScgL1CCJq89kRrOQ_CS61bvkL_oGyZf4ffqG5THgaOsopqj8dFLH6_SMy9yf8EgMYqpyjxfKsD-1_qb1m1DRjJEKPWKIGwmHXIKQJUqsxZFm4_Inwkxx7QMpVP4GyqlTxFVz7stWwJRSkMLHjEM_IWLUYfPhuwIUVqmRjGsY1n8flA1bRfxaWHNDxoi25-M2BKTP9NkNNJBbTKErhrZ9LGywIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIPMKUTXyl0N2P2nNr1BVPPLMcynykKEJn-0C9yeI-nv9ABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA2ofNYujuBSGe3VokTOshcBYsN3IYqVG1vzSM-oCNQXOis6OMxshBYgGBi7QofI09eX3MiEJXFbY9F5l3e8-_QYq1SaXGxnEUzFLxdxsrqg_HDC1t7FnimSy0L1ex7MmHaWHHFKZvblAZW4u3w1pnvpb9w-jFqacUEW3fpSMZS_Yd7X8ZtgHadv02nmX_vYOfXYz1-xrGqFTGxaoYv67qpr8Z_qEW3JxhCu5bAG07lhyKUQwCjYBaHaw9ts0dop6n4rTO43MDNBGwSB1W3JKJgCrpVXUb1nOd5pPabD8TOMECeRricTImLIJXlsMxbWvR9FO1r0FuE_1vIFSjDDXnaQIDAQAB", max-age=20
server: cloudflare
cf-ray: 8eb19708ad825696-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/671528551:1733037182:v3Wny655fkPEcm6d23KRckYXOl_a-g0m9IuvJlMsBTM/8eb196f8a8515696/b4iZ5nWwwBcZJ5HBOxlTk._JA59jlQX8QsFWCxCMb3c-1733040510-1.1.1.1-9FSUFtRg_79d_1uPKiJ.T4HLNLpw1fxDz4V1T94toKrdAde0nHvqz62FpOakTOIA

104.18.94.41

200 OK

108 kB

URL POST HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/671528551:1733037182:v3Wny655fkPEcm6d23KRckYXOl_a-g0m9IuvJlMsBTM/8eb196f8a8515696/b4iZ5nWwwBcZJ5HBOxlTk._JA59jlQX8QsFWCxCMb3c-1733040510-1.1.1.1-9FSUFtRg_79d_1uPKiJ.T4HLNLpw1fxDz4V1T94toKrdAde0nHvqz62FpOakTOIA
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cr8c3/0x4AAAAAAAgbsMNBuk2d3Qp6/light/fbE/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintC1:16:CA:AE:53:D5:B8:63:59:BB:EB:73:AB:F0:98:7E:EE:7F:E3:EB
ValiditySun, 03 Nov 2024 16:27:50 GMT - Sat, 01 Feb 2025 17:27:46 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
108 kB (108201 bytes)
Hash
9e049e46423a046de74cf64bc509fa4a
cdf1066d6268a542cc1eb9fff41b90cf75011038
99c236a9d8070e6954ac9b2c72eae3e29c7d8babe2482fd3fcebf1ac57b6cf1c

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/671528551:1733037182:v3Wny655fkPEcm6d23KRckYXOl_a-g0m9IuvJlMsBTM/8eb196f8a8515696/b4iZ5nWwwBcZJ5HBOxlTk._JA59jlQX8QsFWCxCMb3c-1733040510-1.1.1.1-9FSUFtRg_79d_1uPKiJ.T4HLNLpw1fxDz4V1T94toKrdAde0nHvqz62FpOakTOIA HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cr8c3/0x4AAAAAAAgbsMNBuk2d3Qp6/light/fbE/normal/auto/
Content-type: application/x-www-form-urlencoded
CF-Challenge: b4iZ5nWwwBcZJ5HBOxlTk._JA59jlQX8QsFWCxCMb3c-1733040510-1.1.1.1-9FSUFtRg_79d_1uPKiJ.T4HLNLpw1fxDz4V1T94toKrdAde0nHvqz62FpOakTOIA
CF-Chl-RetryAttempt: 0
Content-Length: 2703
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 01 Dec 2024 08:08:31 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: xyykIa62m3uk8KaGQkLNlp6xyE36Ha+Kb65LwSqY+bTpoBwyye4E1iIfDbZ0OOQkMsHxgcLb8shojuzF+VQwMmZRmqAXCJFPtl/+cg+pjqFT2vi/uLZNJhnu/HCMmW976Tp/sgGhujfen47KY7LeWUwJUCYzO+uOye0++/u3lr6rFydr6hQr5pLp2iqSONCnMwvZpTx7B+b6HC06AdDQ9GGWtKg3wkx4bwEw0BAhOL34Gvb/9pMB9RwxjyNWNRBqxeLUdPx0L4+Qa4sDjzOAChfK5p0F7X+BtkrFi33J/hSMIoNK6/Au3mHIxv8jcXMjOfdMGMg0Rp9xBi/Bm40hRSlfkYuKNM8JQNXOdT0hIQ2z1ZO2NY2sC607oXl4P4pqHJGFGrpCzwtK9VFi/FwN3e2vNRLx3thvbApSMsFK4jnmRPZrWr9MO4TQgfIFxfz8T5ks8V9S2WUMmhuN8A==$7Ndq3yowrGs0zMYj
server: cloudflare
cf-ray: 8eb196fb7be25696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

104.18.94.41

200 OK

25 kB

URL POST HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/671528551:1733037182:v3Wny655fkPEcm6d23KRckYXOl_a-g0m9IuvJlMsBTM/8eb196f8a8515696/b4iZ5nWwwBcZJ5HBOxlTk._JA59jlQX8QsFWCxCMb3c-1733040510-1.1.1.1-9FSUFtRg_79d_1uPKiJ.T4HLNLpw1fxDz4V1T94toKrdAde0nHvqz62FpOakTOIA
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cr8c3/0x4AAAAAAAgbsMNBuk2d3Qp6/light/fbE/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintC1:16:CA:AE:53:D5:B8:63:59:BB:EB:73:AB:F0:98:7E:EE:7F:E3:EB
ValiditySun, 03 Nov 2024 16:27:50 GMT - Sat, 01 Feb 2025 17:27:46 GMT

File type
ASCII text, with very long lines (26296), with no line terminators
Size
25 kB (25440 bytes)
Hash
a4194bbfe408fa310136970ea0d2de06
090c15afe21e9ffb58cfdd01bc0c566e09d86d77
d70349ae5e96e0b2d72eeca887fcbd83f1ddd42875519b70c5f883c4adfd9d42

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/671528551:1733037182:v3Wny655fkPEcm6d23KRckYXOl_a-g0m9IuvJlMsBTM/8eb196f8a8515696/b4iZ5nWwwBcZJ5HBOxlTk._JA59jlQX8QsFWCxCMb3c-1733040510-1.1.1.1-9FSUFtRg_79d_1uPKiJ.T4HLNLpw1fxDz4V1T94toKrdAde0nHvqz62FpOakTOIA HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cr8c3/0x4AAAAAAAgbsMNBuk2d3Qp6/light/fbE/normal/auto/
Content-type: application/x-www-form-urlencoded
CF-Challenge: b4iZ5nWwwBcZJ5HBOxlTk._JA59jlQX8QsFWCxCMb3c-1733040510-1.1.1.1-9FSUFtRg_79d_1uPKiJ.T4HLNLpw1fxDz4V1T94toKrdAde0nHvqz62FpOakTOIA
CF-Chl-RetryAttempt: 0
Content-Length: 28050
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 01 Dec 2024 08:08:33 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 4GoTOHFxUmyUO4F9CTJNDODN43LvYRXg/Opi4PC91QdTqrnu5EiWRpby/X4dMfsx8F/6q8V1W+5fJPEE$fxU7Hm0LKYJTznC0
server: cloudflare
cf-ray: 8eb197099e985696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/b/a6e12e96a2d5/api.js

104.18.94.41

200 OK

48 kB

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/b/a6e12e96a2d5/api.js
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vikingf1le.us.to/f/yeCO4YmJpX
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintC1:16:CA:AE:53:D5:B8:63:59:BB:EB:73:AB:F0:98:7E:EE:7F:E3:EB
ValiditySun, 03 Nov 2024 16:27:50 GMT - Sat, 01 Feb 2025 17:27:46 GMT

File type
JavaScript source, ASCII text, with very long lines (47694)
Size
48 kB (47695 bytes)
Hash
1685878b80eecb073e51c13f17a5e530
0fffa666f98f2d8c1156d46d7f9ab90c5b089af3
c61e2e1347b9aca3d8f0c9725490470651a1f6c02841ff71f90305ea391ca6d2

HTTP Headers

GET /turnstile/v0/b/a6e12e96a2d5/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vikingf1le.us.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 01 Dec 2024 08:08:30 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 21 Nov 2024 17:58:42 GMT
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb196f3ca0a5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cr8c3/0x4AAAAAAAgbsMNBuk2d3Qp6/light/fbE/normal/auto/

104.18.94.41

200 OK

26 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cr8c3/0x4AAAAAAAgbsMNBuk2d3Qp6/light/fbE/normal/auto/
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vikingf1le.us.to/f/yeCO4YmJpX
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintC1:16:CA:AE:53:D5:B8:63:59:BB:EB:73:AB:F0:98:7E:EE:7F:E3:EB
ValiditySun, 03 Nov 2024 16:27:50 GMT - Sat, 01 Feb 2025 17:27:46 GMT

File type
HTML document, ASCII text, with very long lines (22074)
Size
26 kB (26290 bytes)
Hash
e12e36bd5105cbea653e982079f01406
f127c4f88b4086bede4d5a579ee3488ec91f5dcd
437e339d1e7ce77db08d6eba09d724d4cd10bc984d83265679bfab5fac39191f

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cr8c3/0x4AAAAAAAgbsMNBuk2d3Qp6/light/fbE/normal/auto/ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vikingf1le.us.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 01 Dec 2024 08:08:30 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
referrer-policy: same-origin
document-policy: js-profiling
server: cloudflare
cf-ray: 8eb196f8a8515696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

maxxter.mooo.com/api/pageview/485609?kw=file+hosting%2Ccloud+hosting%2Csecure+file+sharing%2Canonymous+file+sharing%2Clarge+file+sharing%2Cno+mail+required%2Cno+speed+limit%2Cfast+file+sharing%2Creliable+file+sharing&host=vikingf1le.us.to&ev=217&url=https%3A%2F%2Fvikingf1le.us.to%2Ff%2FyeCO4YmJpX&sid=a0693c7a-dc9f-40d2-8118-78c8468288c3&i=true

135.181.208.216

200 OK

0 B

URL POST HTTP/2
maxxter.mooo.com/api/pageview/485609?kw=file+hosting%2Ccloud+hosting%2Csecure+file+sharing%2Canonymous+file+sharing%2Clarge+file+sharing%2Cno+mail+required%2Cno+speed+limit%2Cfast+file+sharing%2Creliable+file+sharing&host=vikingf1le.us.to&ev=217&url=https%3A%2F%2Fvikingf1le.us.to%2Ff%2FyeCO4YmJpX&sid=a0693c7a-dc9f-40d2-8118-78c8468288c3&i=true
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://vikingf1le.us.to/f/yeCO4YmJpX
Certificate
IssuerLet's Encrypt
Subjecta.mysalo.store
FingerprintCA:11:49:48:A8:85:3A:C5:2A:3F:B1:96:BB:46:FA:EF:2C:7E:9F:03
ValidityFri, 29 Nov 2024 11:28:37 GMT - Thu, 27 Feb 2025 11:28:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

POST /api/pageview/485609?kw=file+hosting%2Ccloud+hosting%2Csecure+file+sharing%2Canonymous+file+sharing%2Clarge+file+sharing%2Cno+mail+required%2Cno+speed+limit%2Cfast+file+sharing%2Creliable+file+sharing&host=vikingf1le.us.to&ev=217&url=https%3A%2F%2Fvikingf1le.us.to%2Ff%2FyeCO4YmJpX&sid=a0693c7a-dc9f-40d2-8118-78c8468288c3&i=true HTTP/1.1
Host: maxxter.mooo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vikingf1le.us.to
DNT: 1
Connection: keep-alive
Referer: https://vikingf1le.us.to/
Cookie: nauid=SJJ3X2WPbczdOBoytLB4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
server: nginx
date: Sun, 01 Dec 2024 08:08:31 GMT
content-length: 0
x-robots-tag: noindex, nofollow
cache-control: private
X-Firefox-Spdy: h2

maxxter.mooo.com/api/settings/485609

135.181.208.216

200 OK

33 B

URL GET HTTP/2
maxxter.mooo.com/api/settings/485609
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://vikingf1le.us.to/f/yeCO4YmJpX
Certificate
IssuerLet's Encrypt
Subjecta.mysalo.store
FingerprintCA:11:49:48:A8:85:3A:C5:2A:3F:B1:96:BB:46:FA:EF:2C:7E:9F:03
ValidityFri, 29 Nov 2024 11:28:37 GMT - Thu, 27 Feb 2025 11:28:36 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
33 B (33 bytes)
Hash
511ff610a0435434dd22a4836719fbb3
0cf692a9ecb6dd3d715e3315e0eeccc1c384f0c3
d090111da31c837d965f1dcf49b00a53cf41686d0913627f78c5ff36d693c6d0

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /api/settings/485609 HTTP/1.1
Host: maxxter.mooo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vikingf1le.us.to/
Origin: https://vikingf1le.us.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 01 Dec 2024 08:08:30 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8eb196f8a8515696&lang=auto

104.18.94.41

200 OK

125 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8eb196f8a8515696&lang=auto
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cr8c3/0x4AAAAAAAgbsMNBuk2d3Qp6/light/fbE/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintC1:16:CA:AE:53:D5:B8:63:59:BB:EB:73:AB:F0:98:7E:EE:7F:E3:EB
ValiditySun, 03 Nov 2024 16:27:50 GMT - Sat, 01 Feb 2025 17:27:46 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
125 kB (125185 bytes)
Hash
03071773746cff8225b1b3ae1ceeb317
527bb0370c53c390271a805b42515873e5608869
9aacba0f309c016f99ecfe3690a99b9d485a9ef72dc064e52df0b32129e520b4

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8eb196f8a8515696&lang=auto HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cr8c3/0x4AAAAAAAgbsMNBuk2d3Qp6/light/fbE/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 01 Dec 2024 08:08:30 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 8eb196f9592c5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (49)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations