Report - sflix.to

Report Overview

Visited public
2023-12-24 02:53:15
Tags
URL
sflix.to
Finishing URL
sflix.to/
IP / ASN
104.31.16.7
#13335 CLOUDFLARENET
Title
SFlix | Watch HD Movies Online Free | TV Series & Stream Live

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
sflix.to	118126	unknown	2021-03-06 16:37:47	2023-12-10 11:06:07	2.2 kB	88 kB	104.31.16.7
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-23 07:47:31	1.1 kB	68 kB	142.250.74.131
fooptoat.com	unknown	unknown	No data	No data	839 B	31 kB	139.45.197.245
use.fontawesome.com	942	2012-10-18	2017-01-30 05:43:25	2023-12-23 05:10:33	970 B	118 kB	172.64.141.13
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-12-23 12:19:46	431 B	32 kB	104.17.25.14
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-23 11:48:11	427 B	94 kB	142.250.74.168
img.sflix.to	380011	unknown	2021-03-16 08:52:02	2023-11-16 21:52:51	1.0 kB	69 kB	104.31.16.7
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15 22:36:43	2023-12-23 17:26:16	459 B	160 kB	104.18.10.207
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18 02:37:31	2023-12-23 11:13:01	440 B	52 kB	104.18.10.207
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-12-23 13:02:34	435 B	31 kB	142.250.74.74
bytogeticr.com	unknown	2022-05-19	2022-05-19 12:14:07	2023-12-23 21:13:50	425 B	914 B	172.67.178.81
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-23 11:30:50	474 B	34 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-24 02:49:23	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-12-24 02:49:23	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-12-24 02:49:23	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-12-24 02:49:23	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-12-24 02:49:23	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-12-24 02:49:23	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-12-24 02:49:23	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-12-24 02:49:24	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-12-24 02:49:25	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-12-24 02:49:25	medium	Client IP	Internal IP	ET DNS Query for .to TLD

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-24	medium	fooptoat.com	Sinkholed
2023-12-24	medium	fooptoat.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (20)

	URL	From	Size	First Seen	Last Seen
	unknown	Function	13 kB	2023-05-24	2024-10-21
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-24 22:40 Last Seen2024-10-21 00:42 Times Seen26 Hash 6ce2a710249b443ea408368e6bd0807b a7a93bf3e8b3415b3fea3af90db06a371334d840 c2d216247568e8e436479db442ba0427cff1ecd7f1983f020a3408ffb622bc09 Loading...

	unknown	Function	281 B	2023-05-24	2024-10-21
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-24 22:40 Last Seen2024-10-21 00:42 Times Seen29 Hash b45ec2225eaa5059d7108920829d1c1e 09b738fda7234c0839fef4a1e0b7de75db3f2346 c1e1c11a34a0381727b2ecc830f1360edf333e5cdb264f1a9c15fb932b561180 Loading...

	unknown	Function	759 B	2023-04-13	2025-01-27
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 10:04 Last Seen2025-01-27 02:41 Times Seen194 Hash f2423e0fb745a0a938ea171936dc8ab7 d3d871b860daa4f923393a08ed5e020c591974f8 2f06b741e27c27039ebc0cbfe33b922c73f949b9902610f698e9523be7c04dbb Loading...

	unknown	Function	575 B	2023-05-24	2024-10-21
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-24 22:40 Last Seen2024-10-21 00:42 Times Seen29 Hash 33810bd71e8c71e1dbacc10114866ebd e6ceca20adf4f3fe4dbc1289fd7a07fbf2255316 bfb132f5681067f57310c738bb5a7eff204457aef23d97f17911a36d995a5038 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js	ScriptElement	87 kB	2023-03-07	2025-06-08
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-08 03:36 Times Seen59194 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js	ScriptElement	51 kB	2023-03-07	2025-06-08
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-08 01:34 Times Seen101104 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	unknown	Function	34 B	2023-04-11	2025-06-07
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:16 Last Seen2025-06-07 23:36 Times Seen67149 Hash 572cb94037fffc2a0a53b465972e15f1 0d679b041a7c1ca45cc99e2d229fc2b86762838d 6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35 Loading...

	sflix.to/	ScriptElement	153 B	2023-08-27	2025-01-27
Pretty URL sflix.to/ IP 104.31.16.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-27 20:54 Last Seen2025-01-27 07:09 Times Seen85 Hash 19297b5353373d6d4eea923efcb3b9f1 4dcf7c0fc47b184dd912a967b98f346482278cee b3f031f6b4defcad7fc6e615ef2193fcef2e1029efc60ed4d173eac68cb10d9e Loading...

	unknown	Function	1.1 kB	2023-05-24	2024-10-21
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-24 22:40 Last Seen2024-10-21 00:42 Times Seen26 Hash f0c00ab691a06d2fe4ceca249215d5c2 0cb75b9dda779aa1424fb26a71ca70b3976ee853 f53e5ca86dd96af54160c7fecae241938e05ebf1b046a41207d0cba371c3b01f Loading...

	sflix.to/	ScriptElement	59 kB	2023-12-24	2024-08-20
Pretty URL sflix.to/ IP 104.31.16.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-24 03:53 Last Seen2024-08-20 15:09 Times Seen13 Hash f255da84871447dd1ab13184d8948e4e c404407219ae5f9734a73c507dd3fa7326a7d341 12a10dbb0fe27a51f27e97122257e1b7666049ea31e01a3151a9208c38fed4b1 Loading...

	unknown	Function	357 B	2023-05-24	2024-10-21
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-24 22:40 Last Seen2024-10-21 00:42 Times Seen26 Hash 9b863f38d2dc230fc393eb25dbecbcf1 dfb5fd4edfe8816a26ac2f646ebf80dfb664ea83 d1c278c3cfb54661fb124438f489d7bf695060da98e39e35633dd194c15b4bac Loading...

	www.googletagmanager.com/gtag/js?id=G-BDK6T05TEW	ScriptElement	281 kB	2024-08-20	2024-08-20
Pretty URL www.googletagmanager.com/gtag/js?id=G-BDK6T05TEW IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 15:09 Last Seen2024-08-20 15:09 Times Seen1 Hash cf547dc7eae3ffe0ef73f7bf9db6e4f2 e7a387eacdc11744c1be79bc3d6a17696324f2e3 d54f27a7bec108c389c13c11e0b333be2a774111b89648983b0ca5c777c136ab Loading...

	cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/vue.min.js	ScriptElement	94 kB	2023-03-07	2025-06-08
Pretty URL cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/vue.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2025-06-08 02:00 Times Seen1803 Hash 17e942ea0854bd9dce2070bae6826937 434cdec1669f2c6c7406297a72120936bc56ed52 72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26 Loading...

	sflix.to/	ScriptElement	487 B	2023-12-24	2024-08-20
Pretty URL sflix.to/ IP 104.31.16.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-24 03:53 Last Seen2024-08-20 15:09 Times Seen13 Hash d28329f0c7f5cfdf9755dd9f273046e6 a8f80136396ba3d041462104f531b4b78128ef89 6d83b3452caf0a396325457d3173b3559bedc456464c1cd9111ef38f7faa7180 Loading...

	unknown	Function	1.2 kB	2023-09-17	2024-10-21
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-09-17 17:46 Last Seen2024-10-21 00:42 Times Seen26 Hash 6161b88c23b6158bd71368c23dd269a6 61d220cdedea9a861c686d6c8c905e611a8c505c 6b8a0f2c5e3112b3c0d825b05c203bd19ba7e58b0b8efb3232f8044fc2bee4d1 Loading...

	unknown	Function	168 B	2023-09-17	2024-10-21
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-09-17 17:46 Last Seen2024-10-21 00:42 Times Seen28 Hash 9584f251e5692afaf303dd23ef5ae29d 21c91d890a9f93f7961146916e164f4bf3d217d0 9170129a85d8f6a1e2f04a0f3386a717da84d38d4692262281d3d5be1323dea9 Loading...

	unknown	Function	150 B	2023-10-21	2024-10-21
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-10-21 17:13 Last Seen2024-10-21 00:42 Times Seen27 Hash 9b272bcbe7fad2ea2fc860c99cb9b585 d5627cecb003f96700b8d254a87a1dc7ffe6c5ac 582718d36d97b18c25c8244d8656e83944bc73c4ecfcc10e01a0b7007931f179 Loading...

	unknown	Function	289 B	2023-04-13	2025-01-27
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 10:04 Last Seen2025-01-27 02:41 Times Seen201 Hash bb3ca3e16d4c50ef755f46b070e34757 d97232984ffaec39d400385131b03559db4f6956 72899456d8908d40248fe17e3c0bfdd3f120fc28dea3f70a4907ff5ddb6a030f Loading...

	sflix.to/	ScriptElement	29 B	2023-03-07	2025-06-06
Pretty URL sflix.to/ IP 104.31.16.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:34 Last Seen2025-06-06 12:24 Times Seen282 Hash 1b7fdd744c60ca3a67ba0df5e9ac66ff a7ea5e13282f866e9132bb0eb095245da0788a37 abcb1af09d6eb4cd696f7844dc4c02883d673fccfeeb2369ff588b84964d7d36 Loading...

	sflix.to/js/group_11/app.min.js?v=6.3	ScriptElement	167 kB	2023-12-02	2025-06-07
Pretty URL sflix.to/js/group_11/app.min.js?v=6.3 IP 104.31.16.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-02 07:28 Last Seen2025-06-07 18:29 Times Seen130 Hash 18b9246b7c6ec7d3a5fe518837dad0d5 d9dc10752068db17fb3eab39a7bd0f59ff15ecfa 4bab0331e1251641b96825dab60f3b965ac33a42aacd13d565cac1a5d2e42a86 Loading...

HTTP Transactions (20)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/vue.min.js

104.17.25.14

200 OK

31 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/vue.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sflix.to/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65449)
Size
31 kB (30769 bytes)
Hash
17e942ea0854bd9dce2070bae6826937
434cdec1669f2c6c7406297a72120936bc56ed52
72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26

HTTP Headers

GET /ajax/libs/vue/2.6.10/vue.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sflix.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 24 Dec 2023 02:52:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 30769
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb0402c-16deb"
last-modified: Mon, 04 May 2020 16:17:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 278349
expires: Fri, 13 Dec 2024 02:52:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6Z0kkFKLu2m3PNF%2B%2FyFJD5rj9iPBLUNFiWFkIyGiDPqBsoj7HbIFqwzmM6BFZmuindOtWqHPnl76KvyFak3r3UNluZfkD3a1t3ICiXIlzhqJsbn1EpSxuAVMy%2B9hKp5hllEz1o9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 83a58cdf4cfe568f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

142.250.74.74

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://sflix.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT

File type
ASCII text, with very long lines (65451)
Size
30 kB (30399 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sflix.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 21 Dec 2023 15:59:32 GMT
expires: Fri, 20 Dec 2024 15:59:32 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 211995
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-BDK6T05TEW

142.250.74.168

200 OK

93 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-BDK6T05TEW
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://sflix.to/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (5955)
Size
93 kB (93119 bytes)
Hash
cf547dc7eae3ffe0ef73f7bf9db6e4f2
e7a387eacdc11744c1be79bc3d6a17696324f2e3
d54f27a7bec108c389c13c11e0b333be2a774111b89648983b0ca5c777c136ab

HTTP Headers

GET /gtag/js?id=G-BDK6T05TEW HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sflix.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 24 Dec 2023 02:52:47 GMT
expires: Sun, 24 Dec 2023 02:52:47 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93119
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

img.sflix.to/xxrz/400x400/100/66/35/66356c25ce98cb12993249e21742b129/66356c25ce98cb12993249e21742b129.png

104.31.16.7

200 OK

63 kB

URL GET HTTP/3
img.sflix.to/xxrz/400x400/100/66/35/66356c25ce98cb12993249e21742b129/66356c25ce98cb12993249e21742b129.png
IP
104.31.16.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sflix.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectsflix.to
Fingerprint45:3E:15:9C:35:6F:79:73:B3:AE:69:DB:AD:CE:1A:EC:86:58:3A:13
ValidityMon, 04 Dec 2023 07:36:48 GMT - Sun, 03 Mar 2024 07:36:47 GMT

File type
PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced
Size
63 kB (63014 bytes)
Hash
893fdb5bb997c33e3e0a556506d9b4e0
7d58879c97078d401114c05b27ac52d068ea8613
70d56be6a41b16fa2d2a3e85fe96610beba6f58ae82dc407b8ac2cecc898cb50

HTTP Headers

GET /xxrz/400x400/100/66/35/66356c25ce98cb12993249e21742b129/66356c25ce98cb12993249e21742b129.png HTTP/1.1
Host: img.sflix.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sflix.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 24 Dec 2023 02:52:47 GMT
content-type: image/png
content-length: 63014
last-modified: Tue, 06 Apr 2021 03:56:09 GMT
vary: Accept-Encoding
etag: "606bdbd9-f626"
x-cache: HIT
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DGeJgqN6pliSkuIdFcYO3006BnbpKeEUa4AQFk2cKnUKJB%2Ffo5XVhN07TCkMvPprgha4nfPEoEgaYdoIVBBQa79kDM4wUIb8FR2DfYtdF6RKf9f0daunkLjYGGJYy6k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83a58cdf29610b02-OSL
alt-svc: h3=":443"; ma=86400

bytogeticr.com/?p=5dnq6h

172.67.178.81

204 No Content

0 B

URL GET HTTP/2
bytogeticr.com/?p=5dnq6h
IP
172.67.178.81:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sflix.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectbytogeticr.com
Fingerprint93:49:45:B5:EF:A0:5E:19:C4:5F:06:F7:75:3C:01:E5:40:0A:BF:41
ValiditySun, 10 Dec 2023 13:13:36 GMT - Sat, 09 Mar 2024 13:13:35 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?p=5dnq6h HTTP/1.1
Host: bytogeticr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sflix.to/
Origin: https://sflix.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sun, 24 Dec 2023 02:52:48 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=suGqusNQb5nkFsFDJ%2Bl%2BL6rbPWFro%2FINZK2N9kcjnXu2njzq7Q2Bma%2Fj44Unrp7MQJ3ppxaiiydapRsPISvJolHpsWFSAjC1E8fpT5GiSxhYPj3HuC0R%2FAhYonSsXkk4Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83a58ce2684b56bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

sflix.to/

104.31.16.7

200 OK

0 B

URL HEAD HTTP/3
sflix.to/
IP
104.31.16.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sflix.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectsflix.to
Fingerprint45:3E:15:9C:35:6F:79:73:B3:AE:69:DB:AD:CE:1A:EC:86:58:3A:13
ValidityMon, 04 Dec 2023 07:36:48 GMT - Sun, 03 Mar 2024 07:36:47 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD / HTTP/1.1
Host: sflix.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sflix.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 24 Dec 2023 02:52:48 GMT
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0, 1; mode=block
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CcMYLn7gjEgUGfkboKeEQbf7YsQR08ZAof35mB5yPb1hRefeA5HQGLAy8htVOSy3u7TEmTvObQcTKvX80gi3%2FZ04L7HZiX%2FeeiHGPc4wHXC9V4qOZPjSYuEZPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83a58ce24a070b02-OSL
alt-svc: h3=":443"; ma=86400

sflix.to/js/group_11/app.min.js?v=6.3

104.31.16.7

200 OK

77 kB

URL GET HTTP/3
sflix.to/js/group_11/app.min.js?v=6.3
IP
104.31.16.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sflix.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectsflix.to
Fingerprint45:3E:15:9C:35:6F:79:73:B3:AE:69:DB:AD:CE:1A:EC:86:58:3A:13
ValidityMon, 04 Dec 2023 07:36:48 GMT - Sun, 03 Mar 2024 07:36:47 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
77 kB (77301 bytes)
Hash
18b9246b7c6ec7d3a5fe518837dad0d5
d9dc10752068db17fb3eab39a7bd0f59ff15ecfa
4bab0331e1251641b96825dab60f3b965ac33a42aacd13d565cac1a5d2e42a86

HTTP Headers

GET /js/group_11/app.min.js?v=6.3 HTTP/1.1
Host: sflix.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sflix.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 24 Dec 2023 02:52:47 GMT
content-type: application/javascript; charset=UTF-8
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0, 1; mode=block
cache-control: public, max-age=2592000
last-modified: Wed, 29 Nov 2023 04:35:53 GMT
etag: W/"28bc2-18c195cacc2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L83WgTvPB6siQMI2WFx6V%2BiUhLSDeIZxqe2%2BfBmxI1quYQrAsrMwXyqMK25HgznK0%2Fyqc4r%2Bv920pR1zro4lLJmJyr8T8D7EYo%2FHNtUsmPoJwvPfT8bmYO2Ryg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83a58cdf19600b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.131

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://sflix.to/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sflix.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Dec 2023 15:31:06 GMT
expires: Wed, 18 Dec 2024 15:31:06 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
age: 386502
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&display=swap

142.250.74.106

200 OK

34 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://sflix.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT

File type
gzip compressed data, max compression
Size
34 kB (33739 bytes)
Hash
aaa08ea14c3a1acce542390bfc626451
eae4df562191d6c01567ad75f20bc4968c4673bf
f4efb667bf46fcaaeafa192c11cc369b014193fbf4854d58fbce6f5073cc1ffc

HTTP Headers

GET /css2?family=Montserrat:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sflix.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 24 Dec 2023 02:52:48 GMT
date: Sun, 24 Dec 2023 02:52:48 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fooptoat.com/tag.min.js

139.45.197.245

200 OK

26 kB

URL GET HTTP/2
fooptoat.com/tag.min.js
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://sflix.to/
Certificate
IssuerLet's Encrypt
Subjectfooptoat.com
FingerprintD7:80:9D:51:BC:AF:4C:D5:6D:10:06:65:15:86:A3:17:98:87:70:FA
ValidityWed, 13 Dec 2023 08:39:05 GMT - Tue, 12 Mar 2024 08:39:04 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
26 kB (25797 bytes)
Hash
e5127d9f54a32c6cf876e6f784f09a37
5e960002e4624ca243783a396df8063f9dc0f0fa
aed42c22ed3848179ef1fe01a882222cdae099a05495c5f0b05986b30e7ac870

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: fooptoat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sflix.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 24 Dec 2023 02:52:48 GMT
content-type: text/javascript; charset=utf-8
content-length: 25797
content-encoding: br
x-trace-id: f675bad3c7879662ef4c0a85d22bd136
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Sat, 23 Dec 2023 13:20:57 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.131

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://sflix.to/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sflix.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Dec 2023 15:31:06 GMT
expires: Wed, 18 Dec 2024 15:31:06 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
age: 386502
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2

172.64.141.13

200 OK

67 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2
IP
172.64.141.13:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sflix.to/
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 67400, version 1.0
Size
67 kB (67400 bytes)
Hash
14a08198ec7d1eb96d515362293fed36
965d78c34637d1bdab6277805faecb6caa959669
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d

HTTP Headers

GET /releases/v5.3.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sflix.to
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 24 Dec 2023 02:52:48 GMT
content-type: font/woff2
content-length: 67400
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "14a08198ec7d1eb96d515362293fed36"
last-modified: Fri, 22 Sep 2023 01:45:31 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 2227917
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7Z2IzE%2BNEZnKIAQhKuZwI4OUyT3JHlDlXlSGDwvtYYMNK7cgS90pwRugGAtsa%2FKQCE%2FLENzHxcDDkyrgosNZG9yNZrvD%2BAd6wdvrZmvML8y2xqoomSrJatMSG33u%2BiT0XvAgpkg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83a58ce369d023c3-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.sflix.to/xxrz/100x100/100/a2/33/a233d4c4a1426ca77ec1d34deec62f71/a233d4c4a1426ca77ec1d34deec62f71.png

104.31.16.7

200 OK

5.1 kB

URL GET HTTP/3
img.sflix.to/xxrz/100x100/100/a2/33/a233d4c4a1426ca77ec1d34deec62f71/a233d4c4a1426ca77ec1d34deec62f71.png
IP
104.31.16.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sflix.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectsflix.to
Fingerprint45:3E:15:9C:35:6F:79:73:B3:AE:69:DB:AD:CE:1A:EC:86:58:3A:13
ValidityMon, 04 Dec 2023 07:36:48 GMT - Sun, 03 Mar 2024 07:36:47 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Size
5.1 kB (5100 bytes)
Hash
e01b45b734c49cda9fddbb5f80f1b208
09f4f304dc876b54e616483c4ee7763fdd9dd4dc
a6294579602684f7a0bff5999816edd5a670f1dbbe0f37d3f65c732f04fc5998

HTTP Headers

GET /xxrz/100x100/100/a2/33/a233d4c4a1426ca77ec1d34deec62f71/a233d4c4a1426ca77ec1d34deec62f71.png HTTP/1.1
Host: img.sflix.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sflix.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 24 Dec 2023 02:52:49 GMT
content-type: image/png
content-length: 5100
last-modified: Tue, 06 Apr 2021 03:56:09 GMT
vary: Accept-Encoding
etag: "606bdbd9-13ec"
x-cache: HIT
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06k%2FVAxTezLFsmOQV9AiEBPGKOd8pS4Vp0hOSRFD3OwoXWqlC2XyKkp1SneS2%2F5XCGiN6YNHDSU%2BqOZwDb0Vlr%2BqU%2BknTUWBK5HHWGwEjiHTcrm7kWc%2BYMtiQkII2Rw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83a58ce83b800b02-OSL
alt-svc: h3=":443"; ma=86400

sflix.to/ajax/verify?domain=sflix.to

104.31.16.7

200 OK

15 B

URL GET HTTP/3
sflix.to/ajax/verify?domain=sflix.to
IP
104.31.16.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sflix.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectsflix.to
Fingerprint45:3E:15:9C:35:6F:79:73:B3:AE:69:DB:AD:CE:1A:EC:86:58:3A:13
ValidityMon, 04 Dec 2023 07:36:48 GMT - Sun, 03 Mar 2024 07:36:47 GMT

File type
JSON data
Size
15 B (15 bytes)
Hash
28ec1eee5f4049e3c4f2135069c1d2c8
3505519507ca1c2a089c46e100b80408ca278421
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

HTTP Headers

GET /ajax/verify?domain=sflix.to HTTP/1.1
Host: sflix.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://sflix.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 24 Dec 2023 02:52:49 GMT
content-type: application/json; charset=utf-8
content-length: 15
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0, 1; mode=block
content-language: en
etag: W/"f-NQVRlQfKHCoInEbhALgECMonhCE"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khwqkOZAjh9X358sfhXl2JNyx1MKv2TQj%2FwFzmV2jmpegG4IxZyLI%2B06LgjceuZAVoKOXyxoWsp0HOOeoRMVNtYGVVilCXUeJhTUqy9keAqfgSfCkmIv6Q39Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83a58ce83b820b02-OSL
alt-svc: h3=":443"; ma=86400

stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css

104.18.10.207

200 OK

160 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sflix.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT

File type
ASCII text, with very long lines (65324)
Size
160 kB (159515 bytes)
Hash
7cc40c199d128af6b01e74a28c5900b0
d305110fb79113a961394b433d851a3410342b8c
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

HTTP Headers

GET /bootstrap/4.4.1/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sflix.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 24 Dec 2023 02:52:47 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"7cc40c199d128af6b01e74a28c5900b0"
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-cachedat: 10/31/2023 19:00:00
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1078
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: bae8a1587e900a782629330c8ed740ae
cdn-cache: HIT
cf-cache-status: HIT
age: 2582013
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 83a58cdf1cdd712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.3.1/css/all.css

172.64.141.13

200 OK

49 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.3.1/css/all.css
IP
172.64.141.13:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sflix.to/
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (48464)
Size
49 kB (48649 bytes)
Hash
10519cfd3206802f58315b877a9beab5
03232d7095b4a14b88810a0ffe76ae50726c23c6
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9

HTTP Headers

GET /releases/v5.3.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sflix.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 24 Dec 2023 02:52:47 GMT
content-type: text/css
cache-control: max-age=31556926
etag: W/"10519cfd3206802f58315b877a9beab5"
last-modified: Fri, 22 Sep 2023 01:45:29 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2060103
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3rMi3io6l%2B0IVPUs4gm7dOU8gBHZ6Q7VpIvEGKTUY7rzXTDll2wgPwHDv1YV381CAs2xQoLmISYsNG6VMw%2ByGDjnmKZBKhKdEgd4NrA8TaPhCMEvmLYX5mlkx%2BlTsOCO1I7koGM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83a58cdf8f4e6355-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

104.18.10.207

200 OK

51 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sflix.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT

File type
ASCII text, with very long lines (50758)
Size
51 kB (51039 bytes)
Hash
67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

HTTP Headers

GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sflix.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 24 Dec 2023 02:52:47 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"67176c242e1bdc20603c878dee836df3"
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 10/31/2023 18:58:40
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1048
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: b4cfe8e30360f11c0ed964a925f5154c
cdn-cache: HIT
cf-cache-status: HIT
age: 2334059
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 83a58cdf2cdf712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

sflix.to/ajax/login-state

104.31.16.7

200 OK

216 B

URL GET HTTP/3
sflix.to/ajax/login-state
IP
104.31.16.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sflix.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectsflix.to
Fingerprint45:3E:15:9C:35:6F:79:73:B3:AE:69:DB:AD:CE:1A:EC:86:58:3A:13
ValidityMon, 04 Dec 2023 07:36:48 GMT - Sun, 03 Mar 2024 07:36:47 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
216 B (216 bytes)
Hash
9fd679a699e9074e78d58b51f56f7deb
050be0a5fa83732f1ebc5aa74dd21fdce987c051
513d9c141bd7823c6500bf40938ae64a47d373cbe1b22ca834827676ca20543f

HTTP Headers

GET /ajax/login-state HTTP/1.1
Host: sflix.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://sflix.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 24 Dec 2023 02:52:49 GMT
content-type: application/json; charset=utf-8
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0, 1; mode=block
content-language: en
etag: W/"d8-R6JFTYCzz9JLwYU4VIqVMGUySyY"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NTE7JfmQChh%2B7A8Ynblu2oNeHweTncf0tP4Ot2s6hQp30jKVOwRAWrYDyo6zSlnluhjYI64sSt3aTujbL7oX8z%2BFgJ7E3icEGVBz8p7KsLYpv06s1Ti3Y%2BgpBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83a58ce83b810b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fooptoat.com/5/6534241/?oo=1&aab=1

139.45.197.245

200 OK

2.8 kB

URL GET HTTP/2
fooptoat.com/5/6534241/?oo=1&aab=1
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://sflix.to/
Certificate
IssuerLet's Encrypt
Subjectfooptoat.com
FingerprintD7:80:9D:51:BC:AF:4C:D5:6D:10:06:65:15:86:A3:17:98:87:70:FA
ValidityWed, 13 Dec 2023 08:39:05 GMT - Tue, 12 Mar 2024 08:39:04 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2996), with no line terminators
Size
2.8 kB (2756 bytes)
Hash
fc931051dcdb9252b531f00bbcc56f4e
6769ecadab3a5016df033ed80f8175743bf84236
9ba919d16695d2ad3333b81f6f030d5f10670ec7bdb6bf977a5246671359d8ea

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/6534241/?oo=1&aab=1 HTTP/1.1
Host: fooptoat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sflix.to
DNT: 1
Connection: keep-alive
Referer: https://sflix.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 24 Dec 2023 02:52:48 GMT
content-type: application/json
x-trace-id: 7cd4c840299684caae015c5d92bd97e8
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://sflix.to
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=e70f510650444ba8a4fa55ba4957fbb1; expires=Mon, 23 Dec 2024 02:52:48 GMT; path=/; secure; SameSite=None
oaidts=1703386368; expires=Mon, 23 Dec 2024 02:52:48 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

sflix.to/css/group_11/theme_4/home.css

104.31.16.7

200 OK

5.6 kB

URL GET HTTP/3
sflix.to/css/group_11/theme_4/home.css
IP
104.31.16.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sflix.to/
Certificate
IssuerGoogle Trust Services LLC
Subjectsflix.to
Fingerprint45:3E:15:9C:35:6F:79:73:B3:AE:69:DB:AD:CE:1A:EC:86:58:3A:13
ValidityMon, 04 Dec 2023 07:36:48 GMT - Sun, 03 Mar 2024 07:36:47 GMT

File type
ASCII text, with very long lines (5720), with no line terminators
Size
5.6 kB (5644 bytes)
Hash
b578950db427d648a50a7428bfdd02ca
f98478e1b440c9128bd4c233a79f24ac076b6314
0a002c011b83fb116886dd326d810b04a0a927b7a4cceba3592bdb1fdc10452b

HTTP Headers

GET /css/group_11/theme_4/home.css HTTP/1.1
Host: sflix.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sflix.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 24 Dec 2023 02:52:47 GMT
content-type: text/css; charset=UTF-8
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0, 1; mode=block
cache-control: public, max-age=2592000
last-modified: Wed, 15 Feb 2023 19:06:08 GMT
etag: W/"160c-186567847fb"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kD1wUdAoNNgfkyWqy490ZEWKwJD1pYUKpERjiaLPmqrhis%2F0o8%2Ff1SzpoYE15AWsHqfFnQMyftOpwLrBGXsTbh9gJ4NBv4VdtbSDnLt9wQIHJIS7E%2FqwESjTuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83a58cdf095a0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (20)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by