ftp.ayra.fun/
0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: ftp.ayra.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Tue, 05 Dec 2023 17:41:18 GMT
Server: Apache/2.4.52 (Ubuntu)
Location: ./authorize.php?xhUZRpcOSbGKCFYAT9PdNe5jPKrbvgrFIv471QBEdkCHl5RWlpBVuSNt2vPEyuAYS6JQNkQPqWXgogSab5KSuBBg13DcajtAiasi2hVoMND6dWbMb4FQTelhad6Ezw29PREUmu80FxEn8VUw0ACfSJlPu4fCPuxUCLyYnNzyb4RkDsCcIoH41Vl5Qf88ESm4Nap2ahl1jhjkpue8ZMmGJ7m8J4blCT62Yt9YPYiqkzQ5n8zBiUARunIRIBLLhIWH
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ftp.ayra.fun/authorize.php?xhUZRpcOSbGKCFYAT9PdNe5jPKrbvgrFIv471QBEdkCHl5RWlpBVuSNt2vPEyuAYS6JQNkQPqWXgogSab5KSuBBg13DcajtAiasi2hVoMND6dWbMb4FQTelhad6Ezw29PREUmu80FxEn8VUw0ACfSJlPu4fCPuxUCLyYnNzyb4RkDsCcIoH41Vl5Qf88ESm4Nap2ahl1jhjkpue8ZMmGJ7m8J4blCT62Yt9YPYiqkzQ5n8zBiUARunIRIBLLhIWH
1.8 kB URL ftp.ayra.fun/authorize.php?xhUZRpcOSbGKCFYAT9PdNe5jPKrbvgrFIv471QBEdkCHl5RWlpBVuSNt2vPEyuAYS6JQNkQPqWXgogSab5KSuBBg13DcajtAiasi2hVoMND6dWbMb4FQTelhad6Ezw29PREUmu80FxEn8VUw0ACfSJlPu4fCPuxUCLyYnNzyb4RkDsCcIoH41Vl5Qf88ESm4Nap2ahl1jhjkpue8ZMmGJ7m8J4blCT62Yt9YPYiqkzQ5n8zBiUARunIRIBLLhIWH
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (325)
Hash 37ad9b1fb8b02cceadf41b0bf4f3a546
cb3939788a02a280936095545c90795caf125fc5
210f0dc18438bd340a4fcabd76b93448cf5c4ba0ef192e49b720e69e131455aa
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
NIDS Severity Alert suricata high ET PHISHING Facebook Credential Phish Landing Page 2023-09-01
GET /authorize.php?xhUZRpcOSbGKCFYAT9PdNe5jPKrbvgrFIv471QBEdkCHl5RWlpBVuSNt2vPEyuAYS6JQNkQPqWXgogSab5KSuBBg13DcajtAiasi2hVoMND6dWbMb4FQTelhad6Ezw29PREUmu80FxEn8VUw0ACfSJlPu4fCPuxUCLyYnNzyb4RkDsCcIoH41Vl5Qf88ESm4Nap2ahl1jhjkpue8ZMmGJ7m8J4blCT62Yt9YPYiqkzQ5n8zBiUARunIRIBLLhIWH HTTP/1.1
Host: ftp.ayra.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 17:41:18 GMT
Server: Apache/2.4.52 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1787
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ftp.ayra.fun/authorize.php?Tf8uQ99pDsQGEM8poEmbWiOGlVR0z9PGClRkzZkVI2DfG1Vy5FbSLHzpRc85U20AjVdtqIWrzRgJYFAh8OpfeEjLuP4wBqhnLarbmTqVUJJQelWPP05rP0V7W5V4NH9vTgFV5E8zi9Zl85TQj9epWZUcfJ4Lsio0xbOm1MBMKQCJir8nay1OHT3Qom4AMfS0VMcXIqqbXtCsnxQWmp2LlRlCjEXkgsrkxFAhvOkgZiHRXKa5JvVkPZvmbsVaSIVF=
200 OK 1.8 kB URL User Request GET HTTP/1.1 ftp.ayra.fun/authorize.php?Tf8uQ99pDsQGEM8poEmbWiOGlVR0z9PGClRkzZkVI2DfG1Vy5FbSLHzpRc85U20AjVdtqIWrzRgJYFAh8OpfeEjLuP4wBqhnLarbmTqVUJJQelWPP05rP0V7W5V4NH9vTgFV5E8zi9Zl85TQj9epWZUcfJ4Lsio0xbOm1MBMKQCJir8nay1OHT3Qom4AMfS0VMcXIqqbXtCsnxQWmp2LlRlCjEXkgsrkxFAhvOkgZiHRXKa5JvVkPZvmbsVaSIVF=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (325)
Hash 37ad9b1fb8b02cceadf41b0bf4f3a546
cb3939788a02a280936095545c90795caf125fc5
210f0dc18438bd340a4fcabd76b93448cf5c4ba0ef192e49b720e69e131455aa
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
NIDS Severity Alert suricata high ET PHISHING Facebook Credential Phish Landing Page 2023-09-01
GET /authorize.php?Tf8uQ99pDsQGEM8poEmbWiOGlVR0z9PGClRkzZkVI2DfG1Vy5FbSLHzpRc85U20AjVdtqIWrzRgJYFAh8OpfeEjLuP4wBqhnLarbmTqVUJJQelWPP05rP0V7W5V4NH9vTgFV5E8zi9Zl85TQj9epWZUcfJ4Lsio0xbOm1MBMKQCJir8nay1OHT3Qom4AMfS0VMcXIqqbXtCsnxQWmp2LlRlCjEXkgsrkxFAhvOkgZiHRXKa5JvVkPZvmbsVaSIVF= HTTP/1.1
Host: ftp.ayra.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 17:41:18 GMT
Server: Apache/2.4.52 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1787
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ftp.ayra.fun/style.css
200 OK 2.3 kB IP
Requested by http://ftp.ayra.fun/authorize.php?Tf8uQ99pDsQGEM8poEmbWiOGlVR0z9PGClRkzZkVI2DfG1Vy5FbSLHzpRc85U20AjVdtqIWrzRgJYFAh8OpfeEjLuP4wBqhnLarbmTqVUJJQelWPP05rP0V7W5V4NH9vTgFV5E8zi9Zl85TQj9epWZUcfJ4Lsio0xbOm1MBMKQCJir8nay1OHT3Qom4AMfS0VMcXIqqbXtCsnxQWmp2LlRlCjEXkgsrkxFAhvOkgZiHRXKa5JvVkPZvmbsVaSIVF=
File type ASCII text, with CRLF line terminators
Hash ba2fc3eb5a1e0dc58c4543767abf6900
4c4e43872839902162b97a449ce1daa274b304fd
17c212c146fcd8aab640d40717850c3c579e73151c7318f51e1d0717a68d9c52
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /style.css HTTP/1.1
Host: ftp.ayra.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ftp.ayra.fun/authorize.php?Tf8uQ99pDsQGEM8poEmbWiOGlVR0z9PGClRkzZkVI2DfG1Vy5FbSLHzpRc85U20AjVdtqIWrzRgJYFAh8OpfeEjLuP4wBqhnLarbmTqVUJJQelWPP05rP0V7W5V4NH9vTgFV5E8zi9Zl85TQj9epWZUcfJ4Lsio0xbOm1MBMKQCJir8nay1OHT3Qom4AMfS0VMcXIqqbXtCsnxQWmp2LlRlCjEXkgsrkxFAhvOkgZiHRXKa5JvVkPZvmbsVaSIVF=
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 17:41:18 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Sat, 05 Nov 2022 22:21:27 GMT
ETag: "309b-5ecc09c7f07c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2262
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
200 OK 5.6 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
Requested by http://ftp.ayra.fun/authorize.php?Tf8uQ99pDsQGEM8poEmbWiOGlVR0z9PGClRkzZkVI2DfG1Vy5FbSLHzpRc85U20AjVdtqIWrzRgJYFAh8OpfeEjLuP4wBqhnLarbmTqVUJJQelWPP05rP0V7W5V4NH9vTgFV5E8zi9Zl85TQj9epWZUcfJ4Lsio0xbOm1MBMKQCJir8nay1OHT3Qom4AMfS0VMcXIqqbXtCsnxQWmp2LlRlCjEXkgsrkxFAhvOkgZiHRXKa5JvVkPZvmbsVaSIVF=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ftp.ayra.fun/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 05 Dec 2023 17:41:19 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 827266
expires: Sun, 24 Nov 2024 17:41:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvXp%2FO9M2Y4gyWGtE326yTX7TqjtHNNmSq9%2BQRrN2%2FLq%2Fuy2cGqWqOuLfHrj6gacIZeTIza%2BVKFJ3SBH0PT8bx2OTaADKPiDDnY6qbSdWw9UjjFTDUEnDCA7B5F5zsUldnpoXbrg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 830e14499b7fb524-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ftp.ayra.fun/mobile.css
200 OK 342 B IP
Requested by http://ftp.ayra.fun/authorize.php?Tf8uQ99pDsQGEM8poEmbWiOGlVR0z9PGClRkzZkVI2DfG1Vy5FbSLHzpRc85U20AjVdtqIWrzRgJYFAh8OpfeEjLuP4wBqhnLarbmTqVUJJQelWPP05rP0V7W5V4NH9vTgFV5E8zi9Zl85TQj9epWZUcfJ4Lsio0xbOm1MBMKQCJir8nay1OHT3Qom4AMfS0VMcXIqqbXtCsnxQWmp2LlRlCjEXkgsrkxFAhvOkgZiHRXKa5JvVkPZvmbsVaSIVF=
File type ASCII text, with CRLF line terminators
Hash ff445e6dd1a6ecb55a36bc3015925d70
b55be708af5bb113280847a97a193c39dd0f7a56
1fcae2489fa7fa6bacfb3fb2aa403ca2e74a8cacebb77f7c420c48a2a297a5c7
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /mobile.css HTTP/1.1
Host: ftp.ayra.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ftp.ayra.fun/authorize.php?Tf8uQ99pDsQGEM8poEmbWiOGlVR0z9PGClRkzZkVI2DfG1Vy5FbSLHzpRc85U20AjVdtqIWrzRgJYFAh8OpfeEjLuP4wBqhnLarbmTqVUJJQelWPP05rP0V7W5V4NH9vTgFV5E8zi9Zl85TQj9epWZUcfJ4Lsio0xbOm1MBMKQCJir8nay1OHT3Qom4AMfS0VMcXIqqbXtCsnxQWmp2LlRlCjEXkgsrkxFAhvOkgZiHRXKa5JvVkPZvmbsVaSIVF=
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 17:41:19 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Sat, 05 Nov 2022 22:21:27 GMT
ETag: "512-5ecc09c7f07c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 342
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
200 OK 26 kB URL GET HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
IP
Requested by http://ftp.ayra.fun/authorize.php?Tf8uQ99pDsQGEM8poEmbWiOGlVR0z9PGClRkzZkVI2DfG1Vy5FbSLHzpRc85U20AjVdtqIWrzRgJYFAh8OpfeEjLuP4wBqhnLarbmTqVUJJQelWPP05rP0V7W5V4NH9vTgFV5E8zi9Zl85TQj9epWZUcfJ4Lsio0xbOm1MBMKQCJir8nay1OHT3Qom4AMfS0VMcXIqqbXtCsnxQWmp2LlRlCjEXkgsrkxFAhvOkgZiHRXKa5JvVkPZvmbsVaSIVF=
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File type Unicode text, UTF-8 text, with very long lines (65306)
Hash 94994c66fec8c3468b269dc0cc242151
ec16bd19bf4ae9bc2e2336ac409a503bbbdaacad
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
GET /npm/bootstrap@5.1.3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ftp.ayra.fun
DNT: 1
Connection: keep-alive
Referer: http://ftp.ayra.fun/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.1.3
x-jsd-version-type: version
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
content-encoding: br
accept-ranges: bytes
date: Tue, 05 Dec 2023 17:41:19 GMT
age: 17294469
x-served-by: cache-fra-eddf8230037-FRA, cache-bma1632-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26333
X-Firefox-Spdy: h2
ftp.ayra.fun/img/logo-fb.png
200 OK 7.8 kB URL GET HTTP/1.1 ftp.ayra.fun/img/logo-fb.png
IP
Requested by http://ftp.ayra.fun/authorize.php?Tf8uQ99pDsQGEM8poEmbWiOGlVR0z9PGClRkzZkVI2DfG1Vy5FbSLHzpRc85U20AjVdtqIWrzRgJYFAh8OpfeEjLuP4wBqhnLarbmTqVUJJQelWPP05rP0V7W5V4NH9vTgFV5E8zi9Zl85TQj9epWZUcfJ4Lsio0xbOm1MBMKQCJir8nay1OHT3Qom4AMfS0VMcXIqqbXtCsnxQWmp2LlRlCjEXkgsrkxFAhvOkgZiHRXKa5JvVkPZvmbsVaSIVF=
File type PNG image data, 1400 x 500, 4-bit colormap, non-interlaced\012- data
Hash 770903af55b441a80601647cd0899567
cef75ba5c49eaee8e8b84574a96c264704e61004
1ac597dbaa79fd673f48f88e0a3f8f86f322655f7371bab07be3ec043dac8e59
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /img/logo-fb.png HTTP/1.1
Host: ftp.ayra.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ftp.ayra.fun/authorize.php?Tf8uQ99pDsQGEM8poEmbWiOGlVR0z9PGClRkzZkVI2DfG1Vy5FbSLHzpRc85U20AjVdtqIWrzRgJYFAh8OpfeEjLuP4wBqhnLarbmTqVUJJQelWPP05rP0V7W5V4NH9vTgFV5E8zi9Zl85TQj9epWZUcfJ4Lsio0xbOm1MBMKQCJir8nay1OHT3Qom4AMfS0VMcXIqqbXtCsnxQWmp2LlRlCjEXkgsrkxFAhvOkgZiHRXKa5JvVkPZvmbsVaSIVF=
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 17:41:19 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Sat, 05 Nov 2022 22:21:36 GMT
ETag: "1e8b-5ecc09d085c00"
Accept-Ranges: bytes
Content-Length: 7819
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap
200 OK 1.3 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap
IP
Requested by http://ftp.ayra.fun/authorize.php?Tf8uQ99pDsQGEM8poEmbWiOGlVR0z9PGClRkzZkVI2DfG1Vy5FbSLHzpRc85U20AjVdtqIWrzRgJYFAh8OpfeEjLuP4wBqhnLarbmTqVUJJQelWPP05rP0V7W5V4NH9vTgFV5E8zi9Zl85TQj9epWZUcfJ4Lsio0xbOm1MBMKQCJir8nay1OHT3Qom4AMfS0VMcXIqqbXtCsnxQWmp2LlRlCjEXkgsrkxFAhvOkgZiHRXKa5JvVkPZvmbsVaSIVF=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type gzip compressed data, max compression\012- data
Hash 22e9b58bd52da96f63babcbaf046f163
6bf67d869e7befb6e41af6d10ceffba7ab71e3b7
0dfdb22fcb37f37a9cabd242f7186a80d2da5b8fd883d7c9ba334737350fb184
GET /css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ftp.ayra.fun/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 05 Dec 2023 17:41:19 GMT
date: Tue, 05 Dec 2023 17:41:19 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
Requested by http://ftp.ayra.fun/authorize.php?Tf8uQ99pDsQGEM8poEmbWiOGlVR0z9PGClRkzZkVI2DfG1Vy5FbSLHzpRc85U20AjVdtqIWrzRgJYFAh8OpfeEjLuP4wBqhnLarbmTqVUJJQelWPP05rP0V7W5V4NH9vTgFV5E8zi9Zl85TQj9epWZUcfJ4Lsio0xbOm1MBMKQCJir8nay1OHT3Qom4AMfS0VMcXIqqbXtCsnxQWmp2LlRlCjEXkgsrkxFAhvOkgZiHRXKa5JvVkPZvmbsVaSIVF=
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Hash e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ftp.ayra.fun
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:00:58 GMT
expires: Fri, 29 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 477621
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
200 OK 35 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
Requested by http://ftp.ayra.fun/authorize.php?Tf8uQ99pDsQGEM8poEmbWiOGlVR0z9PGClRkzZkVI2DfG1Vy5FbSLHzpRc85U20AjVdtqIWrzRgJYFAh8OpfeEjLuP4wBqhnLarbmTqVUJJQelWPP05rP0V7W5V4NH9vTgFV5E8zi9Zl85TQj9epWZUcfJ4Lsio0xbOm1MBMKQCJir8nay1OHT3Qom4AMfS0VMcXIqqbXtCsnxQWmp2LlRlCjEXkgsrkxFAhvOkgZiHRXKa5JvVkPZvmbsVaSIVF=
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 35120, version 1.0\012- data
Hash dd986ff1050050613be051863773d677
51a12487fd51cc02ca54a984f82d63318807ca2e
d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47
GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ftp.ayra.fun
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:36:49 GMT
expires: Thu, 28 Nov 2024 21:36:49 GMT
cache-control: public, max-age=31536000
age: 504270
last-modified: Thu, 14 Sep 2023 01:03:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
Requested by http://ftp.ayra.fun/authorize.php?Tf8uQ99pDsQGEM8poEmbWiOGlVR0z9PGClRkzZkVI2DfG1Vy5FbSLHzpRc85U20AjVdtqIWrzRgJYFAh8OpfeEjLuP4wBqhnLarbmTqVUJJQelWPP05rP0V7W5V4NH9vTgFV5E8zi9Zl85TQj9epWZUcfJ4Lsio0xbOm1MBMKQCJir8nay1OHT3Qom4AMfS0VMcXIqqbXtCsnxQWmp2LlRlCjEXkgsrkxFAhvOkgZiHRXKa5JvVkPZvmbsVaSIVF=
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Hash e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ftp.ayra.fun
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:00:58 GMT
expires: Fri, 29 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 477621
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
Requested by http://ftp.ayra.fun/authorize.php?Tf8uQ99pDsQGEM8poEmbWiOGlVR0z9PGClRkzZkVI2DfG1Vy5FbSLHzpRc85U20AjVdtqIWrzRgJYFAh8OpfeEjLuP4wBqhnLarbmTqVUJJQelWPP05rP0V7W5V4NH9vTgFV5E8zi9Zl85TQj9epWZUcfJ4Lsio0xbOm1MBMKQCJir8nay1OHT3Qom4AMfS0VMcXIqqbXtCsnxQWmp2LlRlCjEXkgsrkxFAhvOkgZiHRXKa5JvVkPZvmbsVaSIVF=
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Hash e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ftp.ayra.fun
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:00:58 GMT
expires: Fri, 29 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 477621
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
200 OK 35 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
Requested by http://ftp.ayra.fun/authorize.php?Tf8uQ99pDsQGEM8poEmbWiOGlVR0z9PGClRkzZkVI2DfG1Vy5FbSLHzpRc85U20AjVdtqIWrzRgJYFAh8OpfeEjLuP4wBqhnLarbmTqVUJJQelWPP05rP0V7W5V4NH9vTgFV5E8zi9Zl85TQj9epWZUcfJ4Lsio0xbOm1MBMKQCJir8nay1OHT3Qom4AMfS0VMcXIqqbXtCsnxQWmp2LlRlCjEXkgsrkxFAhvOkgZiHRXKa5JvVkPZvmbsVaSIVF=
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 35120, version 1.0\012- data
Hash dd986ff1050050613be051863773d677
51a12487fd51cc02ca54a984f82d63318807ca2e
d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47
GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ftp.ayra.fun
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:36:49 GMT
expires: Thu, 28 Nov 2024 21:36:49 GMT
cache-control: public, max-age=31536000
age: 504270
last-modified: Thu, 14 Sep 2023 01:03:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
200 OK 35 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
Requested by http://ftp.ayra.fun/authorize.php?Tf8uQ99pDsQGEM8poEmbWiOGlVR0z9PGClRkzZkVI2DfG1Vy5FbSLHzpRc85U20AjVdtqIWrzRgJYFAh8OpfeEjLuP4wBqhnLarbmTqVUJJQelWPP05rP0V7W5V4NH9vTgFV5E8zi9Zl85TQj9epWZUcfJ4Lsio0xbOm1MBMKQCJir8nay1OHT3Qom4AMfS0VMcXIqqbXtCsnxQWmp2LlRlCjEXkgsrkxFAhvOkgZiHRXKa5JvVkPZvmbsVaSIVF=
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 35120, version 1.0\012- data
Hash dd986ff1050050613be051863773d677
51a12487fd51cc02ca54a984f82d63318807ca2e
d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47
GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ftp.ayra.fun
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:36:49 GMT
expires: Thu, 28 Nov 2024 21:36:49 GMT
cache-control: public, max-age=31536000
age: 504270
last-modified: Thu, 14 Sep 2023 01:03:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ftp.ayra.fun/apple-touch-icon.png
200 OK 9.4 kB URL GET HTTP/1.1 ftp.ayra.fun/apple-touch-icon.png
IP
Requested by http://ftp.ayra.fun/authorize.php?Tf8uQ99pDsQGEM8poEmbWiOGlVR0z9PGClRkzZkVI2DfG1Vy5FbSLHzpRc85U20AjVdtqIWrzRgJYFAh8OpfeEjLuP4wBqhnLarbmTqVUJJQelWPP05rP0V7W5V4NH9vTgFV5E8zi9Zl85TQj9epWZUcfJ4Lsio0xbOm1MBMKQCJir8nay1OHT3Qom4AMfS0VMcXIqqbXtCsnxQWmp2LlRlCjEXkgsrkxFAhvOkgZiHRXKa5JvVkPZvmbsVaSIVF=
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 46fdc9fe95ddfe2841c264f5980f0713
0906572b21fbc6e78488f2d896fcb131d9ec3faa
d7b8b2d258301afb544f09e0b8078c8b44f96d65dde6a57ab48d2aba2943306d
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /apple-touch-icon.png HTTP/1.1
Host: ftp.ayra.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ftp.ayra.fun/authorize.php?Tf8uQ99pDsQGEM8poEmbWiOGlVR0z9PGClRkzZkVI2DfG1Vy5FbSLHzpRc85U20AjVdtqIWrzRgJYFAh8OpfeEjLuP4wBqhnLarbmTqVUJJQelWPP05rP0V7W5V4NH9vTgFV5E8zi9Zl85TQj9epWZUcfJ4Lsio0xbOm1MBMKQCJir8nay1OHT3Qom4AMfS0VMcXIqqbXtCsnxQWmp2LlRlCjEXkgsrkxFAhvOkgZiHRXKa5JvVkPZvmbsVaSIVF=
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 17:41:19 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Sat, 05 Nov 2022 22:21:28 GMT
ETag: "24bd-5ecc09c8e4a00"
Accept-Ranges: bytes
Content-Length: 9405
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
ftp.ayra.fun/favicon-16x16.png
404 Not Found 274 B URL GET HTTP/1.1 ftp.ayra.fun/favicon-16x16.png
IP
Requested by http://ftp.ayra.fun/authorize.php?Tf8uQ99pDsQGEM8poEmbWiOGlVR0z9PGClRkzZkVI2DfG1Vy5FbSLHzpRc85U20AjVdtqIWrzRgJYFAh8OpfeEjLuP4wBqhnLarbmTqVUJJQelWPP05rP0V7W5V4NH9vTgFV5E8zi9Zl85TQj9epWZUcfJ4Lsio0xbOm1MBMKQCJir8nay1OHT3Qom4AMfS0VMcXIqqbXtCsnxQWmp2LlRlCjEXkgsrkxFAhvOkgZiHRXKa5JvVkPZvmbsVaSIVF=
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f82bb0b51c4a2c3421f34c23c98bb7f7
b4be802fa22055909700910f526d288f3eb6fb1b
be7cfba3ba478826cf04d3e4ca4db87fe45461ea71c39cdaa96250987885761c
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /favicon-16x16.png HTTP/1.1
Host: ftp.ayra.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ftp.ayra.fun/authorize.php?Tf8uQ99pDsQGEM8poEmbWiOGlVR0z9PGClRkzZkVI2DfG1Vy5FbSLHzpRc85U20AjVdtqIWrzRgJYFAh8OpfeEjLuP4wBqhnLarbmTqVUJJQelWPP05rP0V7W5V4NH9vTgFV5E8zi9Zl85TQj9epWZUcfJ4Lsio0xbOm1MBMKQCJir8nay1OHT3Qom4AMfS0VMcXIqqbXtCsnxQWmp2LlRlCjEXkgsrkxFAhvOkgZiHRXKa5JvVkPZvmbsVaSIVF=
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Tue, 05 Dec 2023 17:41:19 GMT
Server: Apache/2.4.52 (Ubuntu)
Content-Length: 274
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
185.236.228.18
104.17.25.14
151.101.1.229