Report - www.filecrypt.cc/Container/E4A20A0A72.html

Report Overview

Visited public
2025-05-11 15:22:36
Tags
URL
www.filecrypt.cc/Container/E4A20A0A72.html
Finishing URL
www.filecrypt.cc/Container/E4A20A0A72.html
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Title
Filecrypt

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-05-07	446 B	2.5 kB	142.250.74.10
www.filecrypt.cc	559628	2014-04-07	2015-05-06	2025-04-20	8.9 kB	610 kB	104.21.32.1
youradexchange.com	273384	2012-11-09	2013-02-04	2025-05-07	1.6 kB	4.0 kB	172.67.177.214
v2.cutcaptcha.net	unknown	2020-07-20	2021-04-27	2025-02-28	5.0 kB	498 kB	88.198.62.113
vovhalrrqiowz.love	unknown	2025-05-09	2025-05-11	2025-05-11	437 B	82 kB	104.21.52.25
pubtrky.com	unknown	2023-11-21	2023-11-21	2025-05-04	489 B	560 B	104.21.8.108
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-05-07	534 B	36 kB	142.250.178.99
timberfrittermud.com	unknown	2025-01-13	2025-01-14	2025-05-11	452 B	573 B	192.243.61.225

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2025-05-11	medium	v2.cutcaptcha.net/captcha/SAs61IAI.js	Unique code from Jetriz, Swid & Jeniva of the Tetris framework

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-05-11	medium	timberfrittermud.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (32)

	URL	From	Size	First Seen	Last Seen
	www.filecrypt.cc/js/scriptaculous/builder.js	ScriptElement	4.7 kB	2023-03-07	2025-05-11
Pretty URL www.filecrypt.cc/js/scriptaculous/builder.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-11 15:22 Times Seen529 Hash c6321f204481f259724bd6455c0fdded af9964a44d31fe9773b46d6cd62612ec2137ea79 828884af31cfdef92040ee522a81d8f82c7998b72c3e7d35e1c442946b5d2b0a Loading...

	v2.cutcaptcha.net/captcha/SAs61IAI.html	ScriptElement	3.2 kB	2023-03-12	2025-05-11
Pretty URL v2.cutcaptcha.net/captcha/SAs61IAI.html IP 88.198.62.113 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 23:28 Last Seen2025-05-11 15:22 Times Seen193 Hash 4b0e75c7f455478d32f75916f1681744 789f1742164146e5c050d97213e15509ba36f7fe 6b6962e2efa264106f24ebddffed8162abc8ed9efee31970dd0389b4a44982dd Loading...

	v2.cutcaptcha.net/captcha/SAs61IAI.html	ScriptElement	12 kB	2023-03-12	2025-05-11
Pretty URL v2.cutcaptcha.net/captcha/SAs61IAI.html IP 88.198.62.113 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 23:28 Last Seen2025-05-11 15:22 Times Seen193 Hash d3801890300c0729fede94590d31677d 13b2939c69c986e6a7434cde13cc3513203f7c94 8678be2c8542c9b3cc14f9232da6fa96a3c65d8130b6aa9561fedc34237a6333 Loading...

	v2.cutcaptcha.net/captcha/SAs61IAI.html	Function	47 B	2023-04-11	2025-05-13
Pretty URL v2.cutcaptcha.net/captcha/SAs61IAI.html IP 88.198.62.113 ASN #24940 Hetzner Online GmbH Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 22:25 Last Seen2025-05-13 15:20 Times Seen5940 Hash 2512414f817df8312569d55032748f81 13467df6e962aa77bb36867ff1412e1ba9f8feb1 e193735f8d500f10e2cdc6a94f5a43fb0257c1e2f8afc10fa04f0e3761d258de Loading...

	v2.cutcaptcha.net/jquery.js?3	ScriptElement	144 kB	2023-03-12	2025-05-11
Pretty URL v2.cutcaptcha.net/jquery.js?3 IP 88.198.62.113 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:28 Last Seen2025-05-11 15:22 Times Seen193 Hash 886d2cdfb9bf7f4400485685f69e7326 b03aee15296a438820165d0206759e71ab719341 538bda74031cb13dcecaba43d2be8241aea63cd66ed80181bfcf12addb0de5ac Loading...

	www.filecrypt.cc/js/container.js?9823982	ScriptElement	7.0 kB	2023-03-09	2025-05-11
Pretty URL www.filecrypt.cc/js/container.js?9823982 IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 23:31 Last Seen2025-05-11 15:22 Times Seen322 Hash 6a17bab6786adc39007740e0af2df881 300ebf7832a4247bcb35e71c81b6af9637306c0e 818ce9cd6d2a19fdd46620f7a74973743e0d3f80f044e7ff0fa370d62c1900f9 Loading...

	v2.cutcaptcha.net/captcha/SAs61IAI.js	ScriptElement	31 kB	2025-05-11	2025-05-11
Pretty URL v2.cutcaptcha.net/captcha/SAs61IAI.js IP 88.198.62.113 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-11 15:22 Last Seen2025-05-11 15:22 Times Seen1 Hash bc3aaf3c7a5f999fa7779e56dfdd6121 82651ada63062e4916ecf054f98367e478660e66 63fc250caaee34db99e5587bd2e2e8aea1d686443cfdb6476243d8811b94f8d3 Loading...

	v2.cutcaptcha.net/captcha/SAs61IAI.html	ScriptElement	5.5 kB	2023-03-12	2025-05-11
Pretty URL v2.cutcaptcha.net/captcha/SAs61IAI.html IP 88.198.62.113 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 23:28 Last Seen2025-05-11 15:22 Times Seen193 Hash 824f7cfa2bb8628a1bbca2db302f1018 dcc3fc32be60295d99be0403285c484f18edba1d 573edc1b01b99f189c4c2ac532b1a112d36bcec3a2fbff97ac41a36702bc5bd5 Loading...

	vovhalrrqiowz.love/script/ut.js?cb=1746976935015	ScriptElement	81 kB	2025-04-30	2025-05-13
Pretty URL vovhalrrqiowz.love/script/ut.js?cb=1746976935015 IP 104.21.52.25 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-30 16:49 Last Seen2025-05-13 16:08 Times Seen89 Hash eaa11c5f044a59ec54c82e06a8beba81 afb33a13f1b0b1163ae1d5f98703c9eacd35bee3 b05b9df2027483a401c352424c15d0adff42dbe771c52b71333e5b4e68f1260c Loading...

	v2.cutcaptcha.net/captcha/SAs61IAI.html	ScriptElement	412 B	2023-03-12	2025-05-11
Pretty URL v2.cutcaptcha.net/captcha/SAs61IAI.html IP 88.198.62.113 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 23:28 Last Seen2025-05-11 15:22 Times Seen193 Hash 86546fbe281fa457612485677aafcffc 33b0ef328080360b10ce541713db3493a6c0ba19 0c1add751a047e3ff743b82b690781db47632054ad44c6c4165811fa021389e4 Loading...

	www.filecrypt.cc/js/prototype.js?13	ScriptElement	197 kB	2023-03-09	2025-05-11
Pretty URL www.filecrypt.cc/js/prototype.js?13 IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 23:31 Last Seen2025-05-11 15:22 Times Seen399 Hash 543d229c2bcdef172115436fad5f90fc ba049ed40a1de289ebeff02ecdd06d672698529d 03c8a691599b64d9271b7bd04de14b473745b9e115fa78bce6d5965577a6cded Loading...

	www.filecrypt.cc/Container/E4A20A0A72.html	ScriptElement	42 B	2023-03-12	2025-05-11
Pretty URL www.filecrypt.cc/Container/E4A20A0A72.html IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 14:06 Last Seen2025-05-11 15:22 Times Seen11 Hash 10d49e97f66740dd52bdac7995c591b6 8a397f4da3784990923a24b880d58348e0f79b5d c142e7524c01d123183c2ff19cba905ed24d1477ae195ad0bf9f9c8a699cf35b Loading...

	www.filecrypt.cc/js/scriptaculous/effects.js	ScriptElement	38 kB	2023-03-07	2025-05-11
Pretty URL www.filecrypt.cc/js/scriptaculous/effects.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-11 15:22 Times Seen555 Hash 0dea24894889a4c537e1a451a35f03ca f72e2ee2019cbaceff0b7fda89ebac9faa7c5b6d 055be203cf7225e94dec4a5f72ba1f469a499ac78c24d9366705c1099de812d0 Loading...

	www.filecrypt.cc/js/aclib.js	ScriptElement	182 kB	2025-05-11	2025-05-11
Pretty URL www.filecrypt.cc/js/aclib.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-11 15:22 Last Seen2025-05-11 15:22 Times Seen1 Hash 8d0e82acd3d304aa35726628fec50d66 acc7f7252e0807600e21e9f53b1edcba96e9a6c0 22cbe2e5a7e403d6517656515e865e9eba8258adb1e383522c5acfae4e767679 Loading...

	www.filecrypt.cc/js/scriptaculous/dragdrop.js	ScriptElement	31 kB	2023-03-09	2025-05-11
Pretty URL www.filecrypt.cc/js/scriptaculous/dragdrop.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 23:31 Last Seen2025-05-11 15:22 Times Seen397 Hash 2f96dcb27ba6d7f4b95230edcb7fcb56 157cf4f6566d41518f35656db74c8711b300e5ad 7a73cad846dc23360722dcbee514af620c6fa628780bd7db889196e2e284f655 Loading...

	v2.cutcaptcha.net/jquery-ui.js	ScriptElement	38 kB	2023-03-12	2025-05-11
Pretty URL v2.cutcaptcha.net/jquery-ui.js IP 88.198.62.113 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:28 Last Seen2025-05-11 15:22 Times Seen193 Hash de06b1dc664e1d48a06160314eb4ae9b 75158282ccaac74e3188b9766240ec487e421207 ae8fad4353e8319d7df7bd4a0760ca11ea4b935602c0c8a193d241b1bb925a18 Loading...

	www.filecrypt.cc/Container/E4A20A0A72.html	ScriptElement	119 B	2025-03-05	2025-05-11
Pretty URL www.filecrypt.cc/Container/E4A20A0A72.html IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-05 17:35 Last Seen2025-05-11 15:22 Times Seen16 Hash e0e60f35af7ffceda7f367a3d15e3b66 15ea41cc97f24aaa88da182edef1d94a6695c2ac 4aca9da1641188297c0bf3cf79518a9d8299976b837a4a93bc494ebea6199d09 Loading...

	v2.cutcaptcha.net/jquery.ui.touch-punch.min.js	ScriptElement	1.6 kB	2023-03-12	2025-05-11
Pretty URL v2.cutcaptcha.net/jquery.ui.touch-punch.min.js IP 88.198.62.113 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:28 Last Seen2025-05-11 15:22 Times Seen193 Hash 0876769443fc91d1d57eddf40f5da3a9 be1cc681fa761ab381af511f713a0f5a3089a7cd 955df53f74554bb21dba2d7a1cf71a19737e279acf2fe6d4b0f8b5d7e15705c4 Loading...

	www.filecrypt.cc/js/container/link.js?9823982	ScriptElement	1.7 kB	2023-03-09	2025-05-11
Pretty URL www.filecrypt.cc/js/container/link.js?9823982 IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 23:31 Last Seen2025-05-11 15:22 Times Seen339 Hash 354e19a1a46b6348c8b262fc4fd5704d c8eeb81c78ad1235359b25badaae4c703aba0387 9837057e8ecb4ebe6cfbdf059538841310d735d0a07aa837a23edc806d2c9c0e Loading...

	www.filecrypt.cc/Container/E4A20A0A72.html	Function	47 B	2023-04-11	2025-05-13
Pretty URL www.filecrypt.cc/Container/E4A20A0A72.html IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 22:25 Last Seen2025-05-13 15:20 Times Seen5940 Hash 2512414f817df8312569d55032748f81 13467df6e962aa77bb36867ff1412e1ba9f8feb1 e193735f8d500f10e2cdc6a94f5a43fb0257c1e2f8afc10fa04f0e3761d258de Loading...

	v2.cutcaptcha.net/captcha/SAs61IAI.html	ScriptElement	617 B	2023-03-12	2025-05-11
Pretty URL v2.cutcaptcha.net/captcha/SAs61IAI.html IP 88.198.62.113 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 23:28 Last Seen2025-05-11 15:22 Times Seen193 Hash 6a963b1956c1122bba50c18bdbe0b969 e3ec768ffc9a3c12abd29006b5c6636fba1a51f9 67e5069ea864142df5b96a541f7a0b04f966d08a8f55a2989d22c8c315e428ed Loading...

	www.filecrypt.cc/Container/E4A20A0A72.html	ScriptElement	339 B	2025-03-05	2025-05-11
Pretty URL www.filecrypt.cc/Container/E4A20A0A72.html IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-05 17:35 Last Seen2025-05-11 15:22 Times Seen16 Hash 244cbfef5f81a2782f9994ddd796b423 0f339c3f0bec34a91973c9cf88c2eecd16a6227e 2389cbc2d3cb32355c8bd01c8a86de527667427ef03bd142090c47591f8af344 Loading...

	v2.cutcaptcha.net/captcha/SAs61IAI.html	ScriptElement	96 kB	2023-06-09	2025-05-11
Pretty URL v2.cutcaptcha.net/captcha/SAs61IAI.html IP 88.198.62.113 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-09 11:44 Last Seen2025-05-11 15:22 Times Seen26 Hash faa51b5a6c7c330ec3698bd72a4982b9 eebee19df00ff0a18d8e1aca975cd1c0882fbcc0 f5494b55a7411f6767fba5d1cbd29eeee7037c45a60cec3f43848fc09075f4e3 Loading...

	www.filecrypt.cc/js/scriptaculous/scriptaculous.js?load=effects,builder,dragdrop,controls&v=2	ScriptElement	3.0 kB	2023-03-09	2025-05-11
Pretty URL www.filecrypt.cc/js/scriptaculous/scriptaculous.js?load=effects,builder,dragdrop,controls&v=2 IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 23:31 Last Seen2025-05-11 15:22 Times Seen397 Hash 945aadb4d8b5f2f7a58a4c7ac244925b 3e177b34daccb0e40b841fb9331474d687917ac2 78cbc6b573f99b4c9c92077e62e0550abde74981f021023425e5f957b95f0f9f Loading...

	www.filecrypt.cc/Container/E4A20A0A72.html	ScriptElement	152 B	2025-05-11	2025-05-11
Pretty URL www.filecrypt.cc/Container/E4A20A0A72.html IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-11 15:22 Last Seen2025-05-11 15:22 Times Seen1 Hash 328a7737f6a3bb1e856b12871fd2a0cd c12bc2dcedfd9f669bbef66d3b9395b39b066587 47f195df36ff8fc258cd66b251f34e936799d21e14352750bebd7277b4feb76e Loading...

	www.filecrypt.cc/Container/E4A20A0A72.html	ScriptElement	55 B	2025-03-05	2025-05-11
Pretty URL www.filecrypt.cc/Container/E4A20A0A72.html IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-05 17:35 Last Seen2025-05-11 15:22 Times Seen22 Hash ddac25b7725cca408961a4b7df6b4385 823d82a9ce648521ee7ed1db510d5c52d6302397 deab3cbcac35ac02f1544a2704e659e0c7e869f0fb48d547911ac1097bbb5adb Loading...

	www.filecrypt.cc/js/scriptaculous/controls.js	ScriptElement	35 kB	2023-03-07	2025-05-11
Pretty URL www.filecrypt.cc/js/scriptaculous/controls.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-11 15:22 Times Seen489 Hash 03b502fd8ae202eb164b348749392720 8a7d159d60afcfa936eb28f6dd84d8ab874133cf e202a06e4447b310dc039ed968aab2f0595ca77eb52ec246d24b0a80a536ac67 Loading...

		Size	First Seen	Last Seen
	#1 Write - a4246ee4221b093f82d6b7d4ab217d0a	99 B	2023-03-12 14:06	2025-05-11 15:22
Pretty Observations First Seen2023-03-12 14:06 Last Seen2025-05-11 15:22 Times Seen42 Hash a4246ee4221b093f82d6b7d4ab217d0a 9cd615c55d09f2beeb3e2298e9f8e994ef0e4dc5 64ebcc57784b8f106e024b0e4894dedb83c1a25f14802b02b2f848c1d0aeefef Loading...

	#2 Write - 245dd2134ee94029fbcd3147b428b7b3	99 B	2023-03-12 14:06	2025-05-11 15:22
Pretty Observations First Seen2023-03-12 14:06 Last Seen2025-05-11 15:22 Times Seen42 Hash 245dd2134ee94029fbcd3147b428b7b3 dd156063753e3e1df8ac6474eda1d2eda42b50b7 df4a266488a3c76ccfd5c0b54298847ce297241685a3d9ae0db5cd304b795474 Loading...

	#3 Write - f56052cb9ed2add750414f7ebf32b1fb	100 B	2023-03-12 14:06	2025-05-11 15:22
Pretty Observations First Seen2023-03-12 14:06 Last Seen2025-05-11 15:22 Times Seen42 Hash f56052cb9ed2add750414f7ebf32b1fb f9ee0660418cf53a006bbd7fa80eed9d982f8b73 823bde85fde001f84afc71b7e165d39dc0c4d7bf64736345742639026f5b7ef3 Loading...

	#4 Write - 62c1d6af87e32e8e4c8ba9ab4a3cd926	100 B	2023-03-12 14:06	2025-05-11 15:22
Pretty Observations First Seen2023-03-12 14:06 Last Seen2025-05-11 15:22 Times Seen42 Hash 62c1d6af87e32e8e4c8ba9ab4a3cd926 47ee757f5e79202b96a556847535be1e054ea201 2cdca1ce6313a005091bdb7e6d6c7d7774f3c03607f20b75c6cf5d398dea1fd5 Loading...

	#5 Write - 68cc834a7f1b85f43288d02a60accf11	118 B	2025-02-21 22:26	2025-05-11 15:22
Pretty Observations First Seen2025-02-21 22:26 Last Seen2025-05-11 15:22 Times Seen19 Hash 68cc834a7f1b85f43288d02a60accf11 0d6e88a855d2a355b2bb5b05a3bc067e09d6a7ef 6901f2340a35907418fa3daf36c85e008b3fbc2e6ef3187628e89a53409a092f Loading...

HTTP Transactions (34)

URL IP Response Size

www.filecrypt.cc/js/prototype.js?13

104.21.32.1

200 OK

197 kB

URL GET
www.filecrypt.cc/js/prototype.js?13
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.filecrypt.cc/Container/E4A20A0A72.html
Certificate
IssuerGoogle Trust Services
Subjectfilecrypt.cc
FingerprintC3:13:5D:1B:CA:84:0A:E8:DC:F2:9C:A6:89:69:15:7A:62:1C:F6:5A
ValidityWed, 07 May 2025 19:34:53 GMT - Tue, 05 Aug 2025 20:33:36 GMT

File type
JavaScript source, ASCII text
Size
197 kB (196930 bytes)
Hash
543d229c2bcdef172115436fad5f90fc
ba049ed40a1de289ebeff02ecdd06d672698529d
03c8a691599b64d9271b7bd04de14b473745b9e115fa78bce6d5965577a6cded

HTTP Headers

GET /js/prototype.js?13 HTTP/1.1
Host: www.filecrypt.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.filecrypt.cc/Container/E4A20A0A72.html
Cookie: PHPSESSID=l8lvqro8bdg9ng9hd20jqc5l00; lang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 11 May 2025 15:22:14 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pE5gznDw5Iv8ZUfnTOvEGGcOJD5Bd51yf5TljNa4cc1vZqhniarXtAUzW1XWtEeAt4WyaY9lfwz0TtOCPvpMqEFPgJDhMXzDmmUyaF6MPcKmDoUUsi1b3nX8K5lTl%2FgbpCbG"}],"group":"cf-nel","max_age":604800}
etag: W/"625558ec-30142"
last-modified: Tue, 12 Apr 2022 10:48:12 GMT
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 93e2abadfd1e3516-PRG
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27671&min_rtt=26420&rtt_var=8136&sent=21&recv=18&lost=0&retrans=0&sent_bytes=4007&recv_bytes=4004&delivery_rate=1086&cwnd=12000&unsent_bytes=0&cid=780b92b029af9e58&ts=287&x=16"

youradexchange.com/script/suurl5.php?r=9545986&cbur=0.8960370667831098&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=Filecrypt&cbpage=https%3A%2F%2Fwww.filecrypt.cc%2FContainer%2FE4A20A0A72.html&cbref=&cbdescription=&cbkeywords=&cbcdn=vovhalrrqiowz.love&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1746976935027&srs=e0e3155f3f09404996a853912ce13421&atv=60.0&abtg=1&adbv=3-cdn-js

172.67.177.214

200 OK

1.2 kB

URL GET
youradexchange.com/script/suurl5.php?r=9545986&cbur=0.8960370667831098&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=Filecrypt&cbpage=https%3A%2F%2Fwww.filecrypt.cc%2FContainer%2FE4A20A0A72.html&cbref=&cbdescription=&cbkeywords=&cbcdn=vovhalrrqiowz.love&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1746976935027&srs=e0e3155f3f09404996a853912ce13421&atv=60.0&abtg=1&adbv=3-cdn-js
IP
172.67.177.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.filecrypt.cc/Container/E4A20A0A72.html
Certificate
IssuerGoogle Trust Services
Subjectyouradexchange.com
Fingerprint15:B3:64:96:16:B0:F4:77:6F:50:C1:66:99:8E:A6:A8:90:64:AD:7E
ValidityThu, 03 Apr 2025 15:59:56 GMT - Wed, 02 Jul 2025 16:56:55 GMT

File type
JSON text data
Size
1.2 kB (1162 bytes)
Hash
8e27d00fdfff62ace76a8bf491690056
952a02753dea5e1f3564fdc59ce37f310452882e
8fdeded2cc2c645b9df6888add7772995735bc73251ba7394484cf7be9b3820d

HTTP Headers

GET /script/suurl5.php?r=9545986&cbur=0.8960370667831098&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=Filecrypt&cbpage=https%3A%2F%2Fwww.filecrypt.cc%2FContainer%2FE4A20A0A72.html&cbref=&cbdescription=&cbkeywords=&cbcdn=vovhalrrqiowz.love&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1746976935027&srs=e0e3155f3f09404996a853912ce13421&atv=60.0&abtg=1&adbv=3-cdn-js HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.filecrypt.cc/
Origin: https://www.filecrypt.cc
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 11 May 2025 15:22:15 GMT
content-type: application/json; charset=utf-8
server: cloudflare
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
vary: accept-encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=E6o%2FnLz7RslhQJ4S3ajI8J%2FtoG4yy759DCzMRcZs1tA6OInzQ0NGF2I%2Fsd1U8NixAxxN2mZwBD8c%2Fw0EVia3duvmYUrX7WGGd43LXElKOTCH%2B7cDjW3MoidEi%2FR3e4Uh3lk4EAk%3D"}]}
cf-ray: 93e2abb48d5cf99a-PRG
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

v2.cutcaptcha.net/captcha/SAs61IAI.json

88.198.62.113

200 OK

122 B

URL POST
v2.cutcaptcha.net/captcha/SAs61IAI.json
IP
88.198.62.113:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://v2.cutcaptcha.net/captcha/SAs61IAI.html
Certificate
IssuerLet's Encrypt
Subjectv2.cutcaptcha.net
Fingerprint3E:00:65:92:AF:75:19:3F:BF:40:53:C6:1C:BA:D8:32:B4:5E:42:D7
ValidityWed, 12 Feb 2025 06:00:35 GMT - Tue, 13 May 2025 06:00:34 GMT

File type
JSON text data
Size
122 B (122 bytes)
Hash
de5d84ea4516bd6094eb89978136e39a
044d9bb7d72e95c911c352093b35af9f1bf60ea5
d46dbf9fe73c01d58910a10ef92d7bdcc7c0ddf6d362597504ff19b85332b672

HTTP Headers

POST /captcha/SAs61IAI.json HTTP/1.1
Host: v2.cutcaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 68
Origin: https://v2.cutcaptcha.net
DNT: 1
Connection: keep-alive
Referer: https://v2.cutcaptcha.net/captcha/SAs61IAI.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 May 2025 15:22:15 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"7a-BE2bt9culckRw1IJOzWvnxv2DqU"
Access-Control-Allow-Origin: https://v2.cutcaptcha.net
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
Content-Encoding: gzip

www.filecrypt.cc/css/container.css?v=256gfxs

104.21.32.1

200 OK

38 kB

URL GET
www.filecrypt.cc/css/container.css?v=256gfxs
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.filecrypt.cc/Container/E4A20A0A72.html
Certificate
IssuerGoogle Trust Services
Subjectfilecrypt.cc
FingerprintC3:13:5D:1B:CA:84:0A:E8:DC:F2:9C:A6:89:69:15:7A:62:1C:F6:5A
ValidityWed, 07 May 2025 19:34:53 GMT - Tue, 05 Aug 2025 20:33:36 GMT

File type
ASCII text, with very long lines (5661)
Size
38 kB (37762 bytes)
Hash
c73fc85071d08ada02f561b46bab6227
83b639f77e07b84c0081f98615ad248113897fe1
fa2e0173bc54ea14720e9d7cc718e2a4925b221469a990b2cda96750e4195650

HTTP Headers

GET /css/container.css?v=256gfxs HTTP/1.1
Host: www.filecrypt.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.filecrypt.cc/Container/E4A20A0A72.html
Cookie: PHPSESSID=l8lvqro8bdg9ng9hd20jqc5l00; lang=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 11 May 2025 15:22:14 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0iCJefKYew47iM7VsM4%2BWX20q4QiBo4PZXozifw1%2FriQ6adc8Ypa4gXFI9Jf0xGM85vws8HgdBdj1K9sfLoNcSAgTgJfsFF7ZRut1amR%2BSQifbSYWpb2xsE3xJo65O%2B1FCiP"}],"group":"cf-nel","max_age":604800}
etag: W/"660e4d34-9382"
last-modified: Thu, 04 Apr 2024 06:48:20 GMT
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 93e2abadfd193516-PRG
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27671&min_rtt=26420&rtt_var=8136&sent=32&recv=18&lost=0&retrans=0&sent_bytes=16007&recv_bytes=4004&delivery_rate=1086&cwnd=12000&unsent_bytes=0&cid=780b92b029af9e58&ts=313&x=16"

www.filecrypt.cc/js/container.js?9823982

104.21.32.1

200 OK

7.0 kB

URL GET
www.filecrypt.cc/js/container.js?9823982
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.filecrypt.cc/Container/E4A20A0A72.html
Certificate
IssuerGoogle Trust Services
Subjectfilecrypt.cc
FingerprintC3:13:5D:1B:CA:84:0A:E8:DC:F2:9C:A6:89:69:15:7A:62:1C:F6:5A
ValidityWed, 07 May 2025 19:34:53 GMT - Tue, 05 Aug 2025 20:33:36 GMT

File type
JavaScript source, ASCII text
Size
7.0 kB (7004 bytes)
Hash
6a17bab6786adc39007740e0af2df881
300ebf7832a4247bcb35e71c81b6af9637306c0e
818ce9cd6d2a19fdd46620f7a74973743e0d3f80f044e7ff0fa370d62c1900f9

HTTP Headers

GET /js/container.js?9823982 HTTP/1.1
Host: www.filecrypt.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.filecrypt.cc/Container/E4A20A0A72.html
Cookie: PHPSESSID=l8lvqro8bdg9ng9hd20jqc5l00; lang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 11 May 2025 15:22:14 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3U%2FrL6JC60PmFbWgKglR3QO3aj8gIyaBXnlGMtm%2FI%2FvFEHiQoc80Euskp%2Fvo%2BI6mhcBYo7aotRz96QRp82C9YpMM523EZYF5oescILpqtY7N90Z7Bo2QS5nsQZ3Zxm%2FUILzW"}],"group":"cf-nel","max_age":604800}
etag: W/"636cd63e-1b5c"
last-modified: Thu, 10 Nov 2022 10:45:18 GMT
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 93e2abadfd223516-PRG
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27504&min_rtt=26336&rtt_var=6436&sent=43&recv=19&lost=0&retrans=0&sent_bytes=25675&recv_bytes=4047&delivery_rate=67026&cwnd=16800&unsent_bytes=0&cid=780b92b029af9e58&ts=314&x=16"

www.filecrypt.cc/js/scriptaculous/controls.js

104.21.32.1

200 OK

35 kB

URL GET
www.filecrypt.cc/js/scriptaculous/controls.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.filecrypt.cc/Container/E4A20A0A72.html
Certificate
IssuerGoogle Trust Services
Subjectfilecrypt.cc
FingerprintC3:13:5D:1B:CA:84:0A:E8:DC:F2:9C:A6:89:69:15:7A:62:1C:F6:5A
ValidityWed, 07 May 2025 19:34:53 GMT - Tue, 05 Aug 2025 20:33:36 GMT

File type
ASCII text
Size
35 kB (34787 bytes)
Hash
03b502fd8ae202eb164b348749392720
8a7d159d60afcfa936eb28f6dd84d8ab874133cf
e202a06e4447b310dc039ed968aab2f0595ca77eb52ec246d24b0a80a536ac67

HTTP Headers

GET /js/scriptaculous/controls.js HTTP/1.1
Host: www.filecrypt.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.filecrypt.cc/Container/E4A20A0A72.html
Cookie: PHPSESSID=l8lvqro8bdg9ng9hd20jqc5l00; lang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 11 May 2025 15:22:14 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6C3ounAuinevVOva0VCIeje22F3v5CwoRy%2F0WhMSTBHAhrNAZ8ifOn4EFALzxRUE1A0YYthc2PyXnbpe%2F%2BwJpw01NbLdmgVZIYU3jb6S15VJobnFbaDSRBNPqukRbrRdZKvZ"}],"group":"cf-nel","max_age":604800}
etag: W/"53db3978-87e3"
last-modified: Fri, 01 Aug 2014 06:53:44 GMT
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 93e2abaf4d7e3516-PRG
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26138&min_rtt=24572&rtt_var=1559&sent=163&recv=34&lost=0&retrans=0&sent_bytes=155307&recv_bytes=5859&delivery_rate=596178&cwnd=96000&unsent_bytes=0&cid=780b92b029af9e58&ts=494&x=16"

www.filecrypt.cc/fonts/os_700.woff2

104.21.32.1

200 OK

15 kB

URL GET
www.filecrypt.cc/fonts/os_700.woff2
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.filecrypt.cc/Container/E4A20A0A72.html
Certificate
IssuerGoogle Trust Services
Subjectfilecrypt.cc
FingerprintC3:13:5D:1B:CA:84:0A:E8:DC:F2:9C:A6:89:69:15:7A:62:1C:F6:5A
ValidityWed, 07 May 2025 19:34:53 GMT - Tue, 05 Aug 2025 20:33:36 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14720, version 1.0
Size
15 kB (14720 bytes)
Hash
d08c09f2f169f4a6edbcf8b8d1636cb4
5a6a45d6f98752b11ccb7c4f0f6fd7faf18ad1a7
482994b911cc3e869aa8ace6d9932d67b68de83ea2885207ce165ff04c38d7bc

HTTP Headers

GET /fonts/os_700.woff2 HTTP/1.1
Host: www.filecrypt.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.filecrypt.cc/css/font.css
Cookie: PHPSESSID=l8lvqro8bdg9ng9hd20jqc5l00; lang=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 11 May 2025 15:22:14 GMT
content-type: application/octet-stream
content-length: 14720
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K6M76pxMvCEENfmZgvRM2QQ9LFR2LfdtvZIfArHd3K31KjQAPbSmZaZ7PUSXIl%2Fn6J%2B%2B%2FYnSBcc9Lq49fWTDZe0X9o91sCYVO87UzSRKADls6mNS8IKRXh%2BZHGgnvDl2B3C2"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
etag: "5b2d00d8-3980"
last-modified: Fri, 22 Jun 2018 13:59:52 GMT
cf-cache-status: DYNAMIC
cf-ray: 93e2abb04dbe3516-PRG
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25630&min_rtt=24498&rtt_var=1125&sent=202&recv=44&lost=0&retrans=0&sent_bytes=192569&recv_bytes=6950&delivery_rate=398401&cwnd=96000&unsent_bytes=0&cid=780b92b029af9e58&ts=649&x=16"

v2.cutcaptcha.net/captcha/SAs61IAI/bcf08261-2e8c-4d2f-bbee-9d44dee65cf7/cut.png

88.198.62.113

200 OK

133 kB

URL GET
v2.cutcaptcha.net/captcha/SAs61IAI/bcf08261-2e8c-4d2f-bbee-9d44dee65cf7/cut.png
IP
88.198.62.113:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://v2.cutcaptcha.net/captcha/SAs61IAI.html
Certificate
IssuerLet's Encrypt
Subjectv2.cutcaptcha.net
Fingerprint3E:00:65:92:AF:75:19:3F:BF:40:53:C6:1C:BA:D8:32:B4:5E:42:D7
ValidityWed, 12 Feb 2025 06:00:35 GMT - Tue, 13 May 2025 06:00:34 GMT

File type
PNG image data, 488 x 332, 8-bit/color RGB, non-interlaced
Size
133 kB (133129 bytes)
Hash
1e32a881fd091233ebb8a1b89dcd3c3a
2fc22dbf46c0af21d522d20886a30ed73dd88574
a9d479fd3884c805a3239540add11074ce4306e3b453fc54165cd98fe1af0452

HTTP Headers

GET /captcha/SAs61IAI/bcf08261-2e8c-4d2f-bbee-9d44dee65cf7/cut.png HTTP/1.1
Host: v2.cutcaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v2.cutcaptcha.net/captcha/SAs61IAI.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 May 2025 15:22:15 GMT
Content-Type: image/png
Content-Length: 133129
Connection: keep-alive
ETag: W/"20809-L8Itv0bAryHVItIIhqMO1z3YhXQ"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

v2.cutcaptcha.net/captcha/SAs61IAI/bcf08261-2e8c-4d2f-bbee-9d44dee65cf7/part1.png

88.198.62.113

200 OK

5.2 kB

URL GET
v2.cutcaptcha.net/captcha/SAs61IAI/bcf08261-2e8c-4d2f-bbee-9d44dee65cf7/part1.png
IP
88.198.62.113:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://v2.cutcaptcha.net/captcha/SAs61IAI.html
Certificate
IssuerLet's Encrypt
Subjectv2.cutcaptcha.net
Fingerprint3E:00:65:92:AF:75:19:3F:BF:40:53:C6:1C:BA:D8:32:B4:5E:42:D7
ValidityWed, 12 Feb 2025 06:00:35 GMT - Tue, 13 May 2025 06:00:34 GMT

File type
PNG image data, 84 x 82, 8-bit/color RGBA, non-interlaced
Size
5.2 kB (5210 bytes)
Hash
e0856489911481aaa4e8cd953974b9b7
fa00e985b7847593e7694b35fe11935d760fa447
0f619b215de71a941f98fcbb5123a36652f363ae002dcd3d8a5efb8067dd6fbc

HTTP Headers

GET /captcha/SAs61IAI/bcf08261-2e8c-4d2f-bbee-9d44dee65cf7/part1.png HTTP/1.1
Host: v2.cutcaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v2.cutcaptcha.net/captcha/SAs61IAI.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 May 2025 15:22:15 GMT
Content-Type: image/png
Content-Length: 5210
Connection: keep-alive
ETag: W/"145a-+gDphbeEdZPnaUs1/hGTXXYPpEc"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

www.filecrypt.cc/js/container/link.js?9823982

104.21.32.1

200 OK

1.7 kB

URL GET
www.filecrypt.cc/js/container/link.js?9823982
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.filecrypt.cc/Container/E4A20A0A72.html
Certificate
IssuerGoogle Trust Services
Subjectfilecrypt.cc
FingerprintC3:13:5D:1B:CA:84:0A:E8:DC:F2:9C:A6:89:69:15:7A:62:1C:F6:5A
ValidityWed, 07 May 2025 19:34:53 GMT - Tue, 05 Aug 2025 20:33:36 GMT

File type
ASCII text
Size
1.7 kB (1662 bytes)
Hash
354e19a1a46b6348c8b262fc4fd5704d
c8eeb81c78ad1235359b25badaae4c703aba0387
9837057e8ecb4ebe6cfbdf059538841310d735d0a07aa837a23edc806d2c9c0e

HTTP Headers

GET /js/container/link.js?9823982 HTTP/1.1
Host: www.filecrypt.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.filecrypt.cc/Container/E4A20A0A72.html
Cookie: PHPSESSID=l8lvqro8bdg9ng9hd20jqc5l00; lang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 11 May 2025 15:22:14 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gd7FyHq4v0gouyVMaNTdWmOsR1R2HH7TsDtjdcyzWW2ovR6XJWqRHgqGXUHU2QrytJsOkH%2FPWCUti%2BBKA4RJm6tSi0AOXeO5K%2B16JYzvyf5qreDOsMJm50vsE%2F%2FY29DPlWk5"}],"group":"cf-nel","max_age":604800}
etag: W/"5dafe275-67e"
last-modified: Wed, 23 Oct 2019 05:17:41 GMT
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 93e2abadfd213516-PRG
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27671&min_rtt=26420&rtt_var=8136&sent=32&recv=18&lost=0&retrans=0&sent_bytes=16007&recv_bytes=4004&delivery_rate=1086&cwnd=12000&unsent_bytes=0&cid=780b92b029af9e58&ts=311&x=16"

v2.cutcaptcha.net/captcha/SAs61IAI.js

88.198.62.113

200 OK

31 kB

URL GET
v2.cutcaptcha.net/captcha/SAs61IAI.js
IP
88.198.62.113:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.filecrypt.cc/Container/E4A20A0A72.html
Certificate
IssuerLet's Encrypt
Subjectv2.cutcaptcha.net
Fingerprint3E:00:65:92:AF:75:19:3F:BF:40:53:C6:1C:BA:D8:32:B4:5E:42:D7
ValidityWed, 12 Feb 2025 06:00:35 GMT - Tue, 13 May 2025 06:00:34 GMT

File type
JavaScript source, ASCII text, with very long lines (31012), with no line terminators
Size
31 kB (31012 bytes)
Hash
bc3aaf3c7a5f999fa7779e56dfdd6121
82651ada63062e4916ecf054f98367e478660e66
63fc250caaee34db99e5587bd2e2e8aea1d686443cfdb6476243d8811b94f8d3

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Unique code from Jetriz, Swid & Jeniva of the Tetris framework

HTTP Headers

GET /captcha/SAs61IAI.js HTTP/1.1
Host: v2.cutcaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.filecrypt.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 May 2025 15:22:14 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"7924-gmUa2mMGLkkW7PBU+YNn5HhmDmY"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
Content-Encoding: gzip

www.filecrypt.cc/Container/E4A20A0A72.html

104.21.32.1

200 OK

3.9 kB

URL User Request GET
www.filecrypt.cc/Container/E4A20A0A72.html
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectfilecrypt.cc
FingerprintC3:13:5D:1B:CA:84:0A:E8:DC:F2:9C:A6:89:69:15:7A:62:1C:F6:5A
ValidityWed, 07 May 2025 19:34:53 GMT - Tue, 05 Aug 2025 20:33:36 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
3.9 kB (3870 bytes)
Hash
ea53331de8cba9afe3c39793fa3f102f
4a08656d896d704125ef39f42fb429ba7130eee7
5e9995961b5e2071fdd291eea8513825521aeccc8cac5cd2ac7da34cb79ba98e

HTTP Headers

GET /Container/E4A20A0A72.html HTTP/1.1
Host: www.filecrypt.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 11 May 2025 15:22:13 GMT
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2BXL2peKupkxxZ%2FNcF5KucwJBPsIFaMKdKEBqOWhv%2FVUKxlhqY8C3PEMu2zjPTq4t2sEVhTx5NkvVjt7D60wwCCktEiaX3qy1JDsrUesd%2FSBB1SKBnmK%2BUjjkmProgyJDpqak"}]}
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-cache-status: DYNAMIC
vary: accept-encoding
content-encoding: br
set-cookie: PHPSESSID=l8lvqro8bdg9ng9hd20jqc5l00; Path=/; Max-Age=21600; Expires=Sun, 11 May 2025 21:22:13 GMT
lang=en; Path=/; Max-Age=8640000; Expires=Tue, 19 Aug 2025 15:22:13 GMT
cf-ray: 93e2abaaffce56b7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.filecrypt.cc/favicon.ico

104.21.32.1

200 OK

1.2 kB

URL GET
www.filecrypt.cc/favicon.ico
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.filecrypt.cc/Container/E4A20A0A72.html
Certificate
IssuerGoogle Trust Services
Subjectfilecrypt.cc
FingerprintC3:13:5D:1B:CA:84:0A:E8:DC:F2:9C:A6:89:69:15:7A:62:1C:F6:5A
ValidityWed, 07 May 2025 19:34:53 GMT - Tue, 05 Aug 2025 20:33:36 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
58f2b1136696cfffdb7995c4c9ad82ad
455bcfe3c50dfbb02e65258228df5f6413b04a10
459e4e89c57133ab4adc9657c18d10dcf8f7a97e3f7479c46c86bd46f09745f7

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.filecrypt.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.filecrypt.cc/Container/E4A20A0A72.html
Cookie: PHPSESSID=l8lvqro8bdg9ng9hd20jqc5l00; lang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 11 May 2025 15:22:15 GMT
content-type: image/x-icon
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=39qEjK5Nuo%2FOroeV8pXLXiVgHgonwj%2Bpwj%2ByJaJDNDj3D1tTDRZTl62fwR3dwS9rYaiwOBSEjce72Oou2NcIlzmNP%2B1pPqybpU8wIZ%2FqPNZvItBfh8Lxd5ZdHYhg%2Fpw5z6yz"}],"group":"cf-nel","max_age":604800}
etag: W/"539c1743-47e"
last-modified: Sat, 14 Jun 2014 09:34:59 GMT
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 93e2abb59ee53516-PRG
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27753&min_rtt=24498&rtt_var=5420&sent=219&recv=49&lost=0&retrans=0&sent_bytes=210218&recv_bytes=7473&delivery_rate=261737&cwnd=96000&unsent_bytes=0&cid=780b92b029af9e58&ts=1504&x=16"

v2.cutcaptcha.net/jquery-ui.js

88.198.62.113

200 OK

38 kB

URL GET
v2.cutcaptcha.net/jquery-ui.js
IP
88.198.62.113:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://v2.cutcaptcha.net/captcha/SAs61IAI.html
Certificate
IssuerLet's Encrypt
Subjectv2.cutcaptcha.net
Fingerprint3E:00:65:92:AF:75:19:3F:BF:40:53:C6:1C:BA:D8:32:B4:5E:42:D7
ValidityWed, 12 Feb 2025 06:00:35 GMT - Tue, 13 May 2025 06:00:34 GMT

File type
JavaScript source, ASCII text, with very long lines (1654)
Size
38 kB (37511 bytes)
Hash
de06b1dc664e1d48a06160314eb4ae9b
75158282ccaac74e3188b9766240ec487e421207
ae8fad4353e8319d7df7bd4a0760ca11ea4b935602c0c8a193d241b1bb925a18

HTTP Headers

GET /jquery-ui.js HTTP/1.1
Host: v2.cutcaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v2.cutcaptcha.net/captcha/SAs61IAI.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 May 2025 15:22:15 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Last-Modified: Mon, 26 Apr 2021 13:21:00 GMT
ETag: W/"9287-1790e571ce5"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
Content-Encoding: gzip

youradexchange.com/script/interstitial.php?r=9799278&srs=e0e3155f3f09404996a853912ce13421&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&cbpage=https%3A%2F%2Fwww.filecrypt.cc%2FContainer%2FE4A20A0A72.html&atv=60.0&cbref=&pblcz=9545986&abtg=1&adbv=3-cdn-js

172.67.177.214

200 OK

1.4 kB

URL GET
youradexchange.com/script/interstitial.php?r=9799278&srs=e0e3155f3f09404996a853912ce13421&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&cbpage=https%3A%2F%2Fwww.filecrypt.cc%2FContainer%2FE4A20A0A72.html&atv=60.0&cbref=&pblcz=9545986&abtg=1&adbv=3-cdn-js
IP
172.67.177.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.filecrypt.cc/Container/E4A20A0A72.html
Certificate
IssuerGoogle Trust Services
Subjectyouradexchange.com
Fingerprint15:B3:64:96:16:B0:F4:77:6F:50:C1:66:99:8E:A6:A8:90:64:AD:7E
ValidityThu, 03 Apr 2025 15:59:56 GMT - Wed, 02 Jul 2025 16:56:55 GMT

File type
JSON text data
Size
1.4 kB (1388 bytes)
Hash
f1639b0a8eede77f342de373c48e8d05
42b031b6c90c7be22d03d3ecd9cd459dd9fcde19
bec53e52471f0c4cff8b335eb9c95e655db2ec0f3e37f461367c66828c123457

HTTP Headers

GET /script/interstitial.php?r=9799278&srs=e0e3155f3f09404996a853912ce13421&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&cbpage=https%3A%2F%2Fwww.filecrypt.cc%2FContainer%2FE4A20A0A72.html&atv=60.0&cbref=&pblcz=9545986&abtg=1&adbv=3-cdn-js HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.filecrypt.cc/
Origin: https://www.filecrypt.cc
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 11 May 2025 15:22:15 GMT
content-type: application/json; charset=utf-8
server: cloudflare
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
vary: accept-encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=p3qu4RrG3xzBhDdTqF6fkB4nPteqt60vZ3lFPJwjsSKftOwfYLLRF0ttAqlYnNEWeVyo3N%2F06DunGYifDD6iYp2bKNcX%2F0kTirWeWgLoSQRcUuh1rQWLZ%2Bid0OsbZkHUJIVeJK4%3D"}]}
cf-ray: 93e2abb65959f99a-PRG
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.filecrypt.cc/js/scriptaculous/dragdrop.js

104.21.32.1

200 OK

31 kB

URL GET
www.filecrypt.cc/js/scriptaculous/dragdrop.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.filecrypt.cc/Container/E4A20A0A72.html
Certificate
IssuerGoogle Trust Services
Subjectfilecrypt.cc
FingerprintC3:13:5D:1B:CA:84:0A:E8:DC:F2:9C:A6:89:69:15:7A:62:1C:F6:5A
ValidityWed, 07 May 2025 19:34:53 GMT - Tue, 05 Aug 2025 20:33:36 GMT

File type
JavaScript source, ASCII text
Size
31 kB (31241 bytes)
Hash
2f96dcb27ba6d7f4b95230edcb7fcb56
157cf4f6566d41518f35656db74c8711b300e5ad
7a73cad846dc23360722dcbee514af620c6fa628780bd7db889196e2e284f655

HTTP Headers

GET /js/scriptaculous/dragdrop.js HTTP/1.1
Host: www.filecrypt.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.filecrypt.cc/Container/E4A20A0A72.html
Cookie: PHPSESSID=l8lvqro8bdg9ng9hd20jqc5l00; lang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 11 May 2025 15:22:14 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6x8vleOdp7t0L5e8LJiErIdXBlphs123Cu431Bpq3Z8ksRhmj3f3z7%2Ff%2Bob99Ip0zYZsK1Bj89jzGFn7qyJE5WNSKNB%2BUqvumod2x7n8yAtpLFwlb%2FpLi1s0WMdrvOPTDhj4"}],"group":"cf-nel","max_age":604800}
etag: W/"53db3978-7a09"
last-modified: Fri, 01 Aug 2014 06:53:44 GMT
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 93e2abaf4d7d3516-PRG
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26138&min_rtt=24572&rtt_var=1559&sent=169&recv=34&lost=0&retrans=0&sent_bytes=162261&recv_bytes=5859&delivery_rate=596178&cwnd=96000&unsent_bytes=0&cid=780b92b029af9e58&ts=494&x=16"

www.filecrypt.cc/js/scriptaculous/effects.js

104.21.32.1

200 OK

38 kB

URL GET
www.filecrypt.cc/js/scriptaculous/effects.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.filecrypt.cc/Container/E4A20A0A72.html
Certificate
IssuerGoogle Trust Services
Subjectfilecrypt.cc
FingerprintC3:13:5D:1B:CA:84:0A:E8:DC:F2:9C:A6:89:69:15:7A:62:1C:F6:5A
ValidityWed, 07 May 2025 19:34:53 GMT - Tue, 05 Aug 2025 20:33:36 GMT

File type
JavaScript source, ASCII text
Size
38 kB (38471 bytes)
Hash
0dea24894889a4c537e1a451a35f03ca
f72e2ee2019cbaceff0b7fda89ebac9faa7c5b6d
055be203cf7225e94dec4a5f72ba1f469a499ac78c24d9366705c1099de812d0

HTTP Headers

GET /js/scriptaculous/effects.js HTTP/1.1
Host: www.filecrypt.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.filecrypt.cc/Container/E4A20A0A72.html
Cookie: PHPSESSID=l8lvqro8bdg9ng9hd20jqc5l00; lang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 11 May 2025 15:22:14 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N%2FzWs0C9hSQf%2FyXmMhlSDj7uVSLOH44FzEK6f6jHM8U1%2BWdz0lkMWt1RcmXgvfBtnvUIgpnikeeeVk3gmHwWcDkq%2Flt67KaT0OrQy147yMInxH5AD0X0p%2B2S6wOkM5GYT9W5"}],"group":"cf-nel","max_age":604800}
etag: W/"53db3979-9647"
last-modified: Fri, 01 Aug 2014 06:53:45 GMT
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 93e2abaf3d7a3516-PRG
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26138&min_rtt=24572&rtt_var=1559&sent=155&recv=34&lost=0&retrans=0&sent_bytes=147294&recv_bytes=5859&delivery_rate=596178&cwnd=96000&unsent_bytes=0&cid=780b92b029af9e58&ts=487&x=16"

www.filecrypt.cc/fonts/os_400.woff2

104.21.32.1

200 OK

14 kB

URL GET
www.filecrypt.cc/fonts/os_400.woff2
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.filecrypt.cc/Container/E4A20A0A72.html
Certificate
IssuerGoogle Trust Services
Subjectfilecrypt.cc
FingerprintC3:13:5D:1B:CA:84:0A:E8:DC:F2:9C:A6:89:69:15:7A:62:1C:F6:5A
ValidityWed, 07 May 2025 19:34:53 GMT - Tue, 05 Aug 2025 20:33:36 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14048, version 1.0
Size
14 kB (14048 bytes)
Hash
cffb686d7d2f4682df8342bd4d276e09
2c07a9656f1e38da408f20f1cf11581a15cbd7a2
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9

HTTP Headers

GET /fonts/os_400.woff2 HTTP/1.1
Host: www.filecrypt.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.filecrypt.cc/css/font.css
Cookie: PHPSESSID=l8lvqro8bdg9ng9hd20jqc5l00; lang=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 11 May 2025 15:22:14 GMT
content-type: application/octet-stream
content-length: 14048
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0lEcQgB5LwIMSt9K%2FXKUQx7qSALtumcugjcB5LpP9z4Nvx4mvKlW4f%2F7WhXy9VRsNaMCB4A2lPhvoQEGaaOO3NHH2u5e3Dv4YKq3O5PTtbCUkWKW9WVlE%2FLEJOF7caenmLtC"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
etag: "5b2d00d8-36e0"
last-modified: Fri, 22 Jun 2018 13:59:52 GMT
cf-cache-status: DYNAMIC
cf-ray: 93e2abb03db93516-PRG
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25630&min_rtt=24498&rtt_var=1125&sent=191&recv=44&lost=0&retrans=0&sent_bytes=179465&recv_bytes=6950&delivery_rate=398401&cwnd=96000&unsent_bytes=0&cid=780b92b029af9e58&ts=644&x=16"

vovhalrrqiowz.love/script/ut.js?cb=1746976935015

104.21.52.25

200 OK

81 kB

URL GET
vovhalrrqiowz.love/script/ut.js?cb=1746976935015
IP
104.21.52.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.filecrypt.cc/Container/E4A20A0A72.html
Certificate
IssuerGoogle Trust Services
Subjectvovhalrrqiowz.love
FingerprintE8:F7:F2:4F:E2:55:79:5F:86:66:D2:36:A7:9F:49:39:D0:A2:3D:07
ValidityFri, 09 May 2025 10:14:04 GMT - Thu, 07 Aug 2025 11:11:23 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65493), with no line terminators
Size
81 kB (81040 bytes)
Hash
eaa11c5f044a59ec54c82e06a8beba81
afb33a13f1b0b1163ae1d5f98703c9eacd35bee3
b05b9df2027483a401c352424c15d0adff42dbe771c52b71333e5b4e68f1260c

HTTP Headers

GET /script/ut.js?cb=1746976935015 HTTP/1.1
Host: vovhalrrqiowz.love
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.filecrypt.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 11 May 2025 15:22:15 GMT
content-type: text/javascript
x-guploader-uploadid: AAO2VwqACAg5W6X3AZITxzpRDveSDG4p34zjGn2NhIRwTrDTELT4PzHiYY3jt7zV6LjxPiUG1fHtcYY
x-goog-generation: 1746014128527462
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 81040
x-goog-hash: crc32c=I1uWZQ==, md5=6qEcXwRKWexUyC4GqL66gQ==
x-goog-storage-class: MULTI_REGIONAL
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=nuI0VdyeLcpUyOWw8NnHxWsPyVLQRKrDCuPHbIZw7UM1Ds4hoxMrd%2FewEbrwSq88QCUxCnsE4HduP8MZoxG4DAZgm21EbaNe1flZBflmN5gHK52UmiCdXJ7Gf8z1OckkwrN5Zdw%3D"}]}
access-control-allow-origin: *
server: cloudflare
expires: Sun, 11 May 2025 15:43:42 GMT
cache-control: public, max-age=14400
age: 1306
last-modified: Wed, 30 Apr 2025 11:55:28 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-cache-status: HIT
etag: W/"eaa11c5f044a59ec54c82e06a8beba81"
content-encoding: br
cf-ray: 93e2abb47ba8f986-PRG
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

pubtrky.com/ut/hb.php?cb=0.4954151358113854&v=1

104.21.8.108

204 No Content

0 B

URL POST
pubtrky.com/ut/hb.php?cb=0.4954151358113854&v=1
IP
104.21.8.108:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.filecrypt.cc/Container/E4A20A0A72.html
Certificate
IssuerGoogle Trust Services
Subjectpubtrky.com
FingerprintD1:DF:C8:94:03:32:97:45:6F:1A:E3:AD:EE:EC:22:B8:E7:5C:6F:27
ValidityMon, 05 May 2025 10:34:21 GMT - Sun, 03 Aug 2025 11:31:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /ut/hb.php?cb=0.4954151358113854&v=1 HTTP/1.1
Host: pubtrky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 842
Origin: https://www.filecrypt.cc
DNT: 1
Connection: keep-alive
Referer: https://www.filecrypt.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Sun, 11 May 2025 15:22:15 GMT
server: cloudflare
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=TspPg8500aj47c1a%2F4Qiu%2B6BfPQjw25Jed5LFVsRB3HpsY3sdZdAuLO87S2R%2BOn3kwetN5X0jQ58UwLL1aMAdsLEDU0yRbP1nujwQqXHovtr7%2FemLpxMq4E3Jyu0Og%3D%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 93e2abb5d90bf994-PRG
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

v2.cutcaptcha.net/jquery.js?3

88.198.62.113

200 OK

144 kB

URL GET
v2.cutcaptcha.net/jquery.js?3
IP
88.198.62.113:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://v2.cutcaptcha.net/captcha/SAs61IAI.html
Certificate
IssuerLet's Encrypt
Subjectv2.cutcaptcha.net
Fingerprint3E:00:65:92:AF:75:19:3F:BF:40:53:C6:1C:BA:D8:32:B4:5E:42:D7
ValidityWed, 12 Feb 2025 06:00:35 GMT - Tue, 13 May 2025 06:00:34 GMT

File type
JavaScript source, ASCII text, with very long lines (1065)
Size
144 kB (143712 bytes)
Hash
886d2cdfb9bf7f4400485685f69e7326
b03aee15296a438820165d0206759e71ab719341
538bda74031cb13dcecaba43d2be8241aea63cd66ed80181bfcf12addb0de5ac

HTTP Headers

GET /jquery.js?3 HTTP/1.1
Host: v2.cutcaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v2.cutcaptcha.net/captcha/SAs61IAI.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 May 2025 15:22:15 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Last-Modified: Mon, 26 Apr 2021 13:21:00 GMT
ETag: W/"23160-1790e571ce5"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
Content-Encoding: gzip

www.filecrypt.cc/js/scriptaculous/scriptaculous.js?load=effects,builder,dragdrop,controls&v=2

104.21.32.1

200 OK

3.0 kB

URL GET
www.filecrypt.cc/js/scriptaculous/scriptaculous.js?load=effects,builder,dragdrop,controls&v=2
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.filecrypt.cc/Container/E4A20A0A72.html
Certificate
IssuerGoogle Trust Services
Subjectfilecrypt.cc
FingerprintC3:13:5D:1B:CA:84:0A:E8:DC:F2:9C:A6:89:69:15:7A:62:1C:F6:5A
ValidityWed, 07 May 2025 19:34:53 GMT - Tue, 05 Aug 2025 20:33:36 GMT

File type
JavaScript source, ASCII text
Size
3.0 kB (2975 bytes)
Hash
945aadb4d8b5f2f7a58a4c7ac244925b
3e177b34daccb0e40b841fb9331474d687917ac2
78cbc6b573f99b4c9c92077e62e0550abde74981f021023425e5f957b95f0f9f

HTTP Headers

GET /js/scriptaculous/scriptaculous.js?load=effects,builder,dragdrop,controls&v=2 HTTP/1.1
Host: www.filecrypt.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.filecrypt.cc/Container/E4A20A0A72.html
Cookie: PHPSESSID=l8lvqro8bdg9ng9hd20jqc5l00; lang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 11 May 2025 15:22:14 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oyM%2BkoVLL%2BzhjXefVCvJDuKhrHyDZVANvqR%2BVTs%2BK6Sjv3Ox3l%2Bp%2BcqComqo3KDaJ2lLjpk1hfsIsNQKF20CF1APtQZdZUjM5fONKo0L5rQLvijPugm3LMfKSIVmkEnPmccf"}],"group":"cf-nel","max_age":604800}
etag: W/"5c251010-b9f"
last-modified: Thu, 27 Dec 2018 17:46:56 GMT
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 93e2abadfd203516-PRG
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27671&min_rtt=26420&rtt_var=8136&sent=32&recv=18&lost=0&retrans=0&sent_bytes=16007&recv_bytes=4004&delivery_rate=1086&cwnd=12000&unsent_bytes=0&cid=780b92b029af9e58&ts=312&x=16"

www.filecrypt.cc/css/custom/407d8.png

104.21.32.1

200 OK

13 kB

URL GET
www.filecrypt.cc/css/custom/407d8.png
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.filecrypt.cc/Container/E4A20A0A72.html
Certificate
IssuerGoogle Trust Services
Subjectfilecrypt.cc
FingerprintC3:13:5D:1B:CA:84:0A:E8:DC:F2:9C:A6:89:69:15:7A:62:1C:F6:5A
ValidityWed, 07 May 2025 19:34:53 GMT - Tue, 05 Aug 2025 20:33:36 GMT

File type
PNG image data, 243 x 80, 8-bit/color RGBA, non-interlaced
Size
13 kB (13376 bytes)
Hash
98c912913599d68c8db0b7b0f18e0b7a
0d66dfada73f65a3586b4919146ef54ef9b9fea7
4c22b640834719d1e2cd6eb3b6c1a261f96cf0572f26bf6588d5dcb466937e19

HTTP Headers

GET /css/custom/407d8.png HTTP/1.1
Host: www.filecrypt.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.filecrypt.cc/Container/E4A20A0A72.html
Cookie: PHPSESSID=l8lvqro8bdg9ng9hd20jqc5l00; lang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 11 May 2025 15:22:14 GMT
content-type: image/png
content-length: 13376
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eM1q9epMTYtNLNT7dBgCKNMwXBzd1MdVhfazQA36jyJnJR4KwaUoVWpDX8oL8e1qq5FONWKje0o7hWVCnp50hpE1krzQ%2B9rp%2F57xu2AQD7l56P%2BvUGc%2FaFRyo3bFA42Qk%2BBN"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
etag: "6026789c-3440"
last-modified: Fri, 12 Feb 2021 12:46:20 GMT
cf-cache-status: DYNAMIC
cf-ray: 93e2abadfd233516-PRG
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27671&min_rtt=26420&rtt_var=8136&sent=32&recv=18&lost=0&retrans=0&sent_bytes=16007&recv_bytes=4004&delivery_rate=1086&cwnd=12000&unsent_bytes=0&cid=780b92b029af9e58&ts=312&x=16"

www.filecrypt.cc/js/scriptaculous/builder.js

104.21.32.1

200 OK

4.7 kB

URL GET
www.filecrypt.cc/js/scriptaculous/builder.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.filecrypt.cc/Container/E4A20A0A72.html
Certificate
IssuerGoogle Trust Services
Subjectfilecrypt.cc
FingerprintC3:13:5D:1B:CA:84:0A:E8:DC:F2:9C:A6:89:69:15:7A:62:1C:F6:5A
ValidityWed, 07 May 2025 19:34:53 GMT - Tue, 05 Aug 2025 20:33:36 GMT

File type
ASCII text
Size
4.7 kB (4744 bytes)
Hash
c6321f204481f259724bd6455c0fdded
af9964a44d31fe9773b46d6cd62612ec2137ea79
828884af31cfdef92040ee522a81d8f82c7998b72c3e7d35e1c442946b5d2b0a

HTTP Headers

GET /js/scriptaculous/builder.js HTTP/1.1
Host: www.filecrypt.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.filecrypt.cc/Container/E4A20A0A72.html
Cookie: PHPSESSID=l8lvqro8bdg9ng9hd20jqc5l00; lang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 11 May 2025 15:22:14 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VqEI7%2Fp%2BcW%2FJw9CndblhwtKYZ3ltTB6K%2BSlDeH0mFTCPNVErxfGI4Azf82kJYP1SdczLDfC7ep3J9BfdRH7MKi%2F4EHhZ46jEoN%2BU0A%2BfsGjrYATpAcVb92P6kzseWj8laWjy"}],"group":"cf-nel","max_age":604800}
etag: W/"53db3977-1288"
last-modified: Fri, 01 Aug 2014 06:53:43 GMT
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 93e2abaf4d7b3516-PRG
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26138&min_rtt=24572&rtt_var=1559&sent=160&recv=34&lost=0&retrans=0&sent_bytes=152770&recv_bytes=5859&delivery_rate=596178&cwnd=96000&unsent_bytes=0&cid=780b92b029af9e58&ts=492&x=16"

fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

142.250.178.99

200 OK

35 kB

URL GET
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://v2.cutcaptcha.net/captcha/SAs61IAI.html
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint15:8B:D4:EA:7E:CB:34:1B:6F:2E:20:9E:39:44:7A:D6:D7:30:26:AB
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 34852, version 1.0
Size
35 kB (34852 bytes)
Hash
0e8eefb4549a2edf26c560cb9845952e
8d0b1718aacad934fd0043c87cbc54aa091396bf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

HTTP Headers

GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://v2.cutcaptcha.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 May 2025 18:18:45 GMT
expires: Fri, 08 May 2026 18:18:45 GMT
cache-control: public, max-age=31536000
age: 248610
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

v2.cutcaptcha.net/captcha/SAs61IAI/bcf08261-2e8c-4d2f-bbee-9d44dee65cf7/part0.png

88.198.62.113

200 OK

4.2 kB

URL GET
v2.cutcaptcha.net/captcha/SAs61IAI/bcf08261-2e8c-4d2f-bbee-9d44dee65cf7/part0.png
IP
88.198.62.113:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://v2.cutcaptcha.net/captcha/SAs61IAI.html
Certificate
IssuerLet's Encrypt
Subjectv2.cutcaptcha.net
Fingerprint3E:00:65:92:AF:75:19:3F:BF:40:53:C6:1C:BA:D8:32:B4:5E:42:D7
ValidityWed, 12 Feb 2025 06:00:35 GMT - Tue, 13 May 2025 06:00:34 GMT

File type
PNG image data, 84 x 82, 8-bit/color RGBA, non-interlaced
Size
4.2 kB (4237 bytes)
Hash
aac582186a6bce593575dee30a43927f
a6a8de2c2439d6837ac045d3c7f9a8bfc11aae17
a6e06d8d889f622477673e1a8163dca37eebe1d96cc6221a1caf0d829ccaa2d8

HTTP Headers

GET /captcha/SAs61IAI/bcf08261-2e8c-4d2f-bbee-9d44dee65cf7/part0.png HTTP/1.1
Host: v2.cutcaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v2.cutcaptcha.net/captcha/SAs61IAI.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 May 2025 15:22:15 GMT
Content-Type: image/png
Content-Length: 4237
Connection: keep-alive
ETag: W/"108d-pqjeLCQ51oN6wEXTx/mov8Earhc"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

www.filecrypt.cc/css/font.css

104.21.32.1

200 OK

1.5 kB

URL GET
www.filecrypt.cc/css/font.css
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.filecrypt.cc/Container/E4A20A0A72.html
Certificate
IssuerGoogle Trust Services
Subjectfilecrypt.cc
FingerprintC3:13:5D:1B:CA:84:0A:E8:DC:F2:9C:A6:89:69:15:7A:62:1C:F6:5A
ValidityWed, 07 May 2025 19:34:53 GMT - Tue, 05 Aug 2025 20:33:36 GMT

File type
ASCII text
Size
1.5 kB (1495 bytes)
Hash
4100ab71f995b23a4fde5fb29d05b776
2be682252b3d625698005ac3e5c587e0ae3ddc12
301cd261244182ebfb9d3cb0d975678a5cd31a86ed76c446483be4a5b3457ac7

HTTP Headers

GET /css/font.css HTTP/1.1
Host: www.filecrypt.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.filecrypt.cc/Container/E4A20A0A72.html
Cookie: PHPSESSID=l8lvqro8bdg9ng9hd20jqc5l00; lang=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 11 May 2025 15:22:14 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=te8ASvm6DR93MW07mTD0hwF7YZj8lYqaOknO%2B1JCN7Pz9sQLfuINrW5wv5KNQVXsK0f5U4TL9i%2BFMYm2Rprg5n9TY37yqH9RujzJsw6Nn2enE15SlqTUrSDy7DScarcU3TZG"}],"group":"cf-nel","max_age":604800}
etag: W/"5b407ade-5d7"
last-modified: Sat, 07 Jul 2018 08:33:34 GMT
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 93e2abadfd1b3516-PRG
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27671&min_rtt=26420&rtt_var=8136&sent=32&recv=18&lost=0&retrans=0&sent_bytes=16007&recv_bytes=4004&delivery_rate=1086&cwnd=12000&unsent_bytes=0&cid=780b92b029af9e58&ts=311&x=16"

timberfrittermud.com/83e4f6b162b351108cae913a51a6ece1/invoke.js

192.243.61.225

403 Forbidden

0 B

URL GET
timberfrittermud.com/83e4f6b162b351108cae913a51a6ece1/invoke.js
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.filecrypt.cc/Container/E4A20A0A72.html
Certificate
IssuerLet's Encrypt
Subjecttimberfrittermud.com
Fingerprint10:10:39:E1:24:50:38:58:C8:BF:3D:47:6A:5E:51:EB:22:7C:CD:BD
ValiditySat, 15 Mar 2025 00:32:54 GMT - Fri, 13 Jun 2025 00:32:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /83e4f6b162b351108cae913a51a6ece1/invoke.js HTTP/1.1
Host: timberfrittermud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.filecrypt.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.21.6
Date: Sun, 11 May 2025 15:22:14 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: timberfrittermud.com

fonts.googleapis.com/css?family=Ubuntu:400

142.250.74.10

200 OK

1.9 kB

URL GET
fonts.googleapis.com/css?family=Ubuntu:400
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://v2.cutcaptcha.net/captcha/SAs61IAI.html
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7A:29:E6:A8:BE:59:2C:AE:82:2D:CA:8E:15:89:41:BE:EC:D2:0D:EA
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
ASCII text
Size
1.9 kB (1851 bytes)
Hash
9b013634672ca3de4a82402d475fc97a
bc8a5855770176544ade2a8a873a0f6bbdaa4c1e
11971833d23c57bf72957d51aa36747133064f82ee0b49d9e1c89215acaadbc0

HTTP Headers

GET /css?family=Ubuntu:400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v2.cutcaptcha.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 May 2025 15:22:15 GMT
date: Sun, 11 May 2025 15:22:15 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

v2.cutcaptcha.net/jquery.ui.touch-punch.min.js

88.198.62.113

200 OK

1.6 kB

URL GET
v2.cutcaptcha.net/jquery.ui.touch-punch.min.js
IP
88.198.62.113:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://v2.cutcaptcha.net/captcha/SAs61IAI.html
Certificate
IssuerLet's Encrypt
Subjectv2.cutcaptcha.net
Fingerprint3E:00:65:92:AF:75:19:3F:BF:40:53:C6:1C:BA:D8:32:B4:5E:42:D7
ValidityWed, 12 Feb 2025 06:00:35 GMT - Tue, 13 May 2025 06:00:34 GMT

File type
Unicode text, UTF-8 text
Size
1.6 kB (1629 bytes)
Hash
0876769443fc91d1d57eddf40f5da3a9
be1cc681fa761ab381af511f713a0f5a3089a7cd
955df53f74554bb21dba2d7a1cf71a19737e279acf2fe6d4b0f8b5d7e15705c4

HTTP Headers

GET /jquery.ui.touch-punch.min.js HTTP/1.1
Host: v2.cutcaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v2.cutcaptcha.net/captcha/SAs61IAI.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 May 2025 15:22:15 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Last-Modified: Mon, 26 Apr 2021 13:21:00 GMT
ETag: W/"65d-1790e571ce5"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
Content-Encoding: gzip

www.filecrypt.cc/css/5years.css?v=256gfxs

104.21.32.1

200 OK

9.3 kB

URL GET
www.filecrypt.cc/css/5years.css?v=256gfxs
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.filecrypt.cc/Container/E4A20A0A72.html
Certificate
IssuerGoogle Trust Services
Subjectfilecrypt.cc
FingerprintC3:13:5D:1B:CA:84:0A:E8:DC:F2:9C:A6:89:69:15:7A:62:1C:F6:5A
ValidityWed, 07 May 2025 19:34:53 GMT - Tue, 05 Aug 2025 20:33:36 GMT

File type
ASCII text, with very long lines (1468), with CRLF line terminators
Size
9.3 kB (9253 bytes)
Hash
68119a678d23a436270b6186558c46c8
de00cdb42abc048f2d3012c040f35cbc387952bf
e146483fc7bf81c66cebca17d8a1f1f2bedd06e47172c1b1626cfbb89104ece2

HTTP Headers

GET /css/5years.css?v=256gfxs HTTP/1.1
Host: www.filecrypt.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.filecrypt.cc/Container/E4A20A0A72.html
Cookie: PHPSESSID=l8lvqro8bdg9ng9hd20jqc5l00; lang=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 11 May 2025 15:22:14 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U1r3LbTElLUYRRabiMLe6h50Qi0i%2FJ7sjiYXXmctHx0gzF2MkhChw1cNFT8KGICibNaKtpUxvOSGD9AYsd%2BhJHfSaRpSLGoknSGnXK%2BYJK2KXcsFQ%2BruTgaDDi2XBk3r9Feb"}],"group":"cf-nel","max_age":604800}
etag: W/"5f199e73-2425"
last-modified: Thu, 23 Jul 2020 14:28:03 GMT
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 93e2abadfd1a3516-PRG
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27504&min_rtt=26336&rtt_var=6436&sent=43&recv=19&lost=0&retrans=0&sent_bytes=25675&recv_bytes=4047&delivery_rate=67026&cwnd=16800&unsent_bytes=0&cid=780b92b029af9e58&ts=323&x=16"

v2.cutcaptcha.net/captcha/SAs61IAI.html

88.198.62.113

200 OK

133 kB

URL POST
v2.cutcaptcha.net/captcha/SAs61IAI.html
IP
88.198.62.113:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.filecrypt.cc/Container/E4A20A0A72.html
Certificate
IssuerLet's Encrypt
Subjectv2.cutcaptcha.net
Fingerprint3E:00:65:92:AF:75:19:3F:BF:40:53:C6:1C:BA:D8:32:B4:5E:42:D7
ValidityWed, 12 Feb 2025 06:00:35 GMT - Tue, 13 May 2025 06:00:34 GMT

File type
HTML document, ASCII text, with very long lines (30632)
Size
133 kB (133199 bytes)
Hash
6ca5f5686e4253809d749d7f8dce97ea
425e95b52e8bf3819576242378a1908c925394eb
744ab48a06d6d761fd1344a919f2c6a345e60bd1f6aab2f9d40f48c0990c727f

HTTP Headers

POST /captcha/SAs61IAI.html HTTP/1.1
Host: v2.cutcaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 172
Origin: https://www.filecrypt.cc
DNT: 1
Connection: keep-alive
Referer: https://www.filecrypt.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 May 2025 15:22:15 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"2084f-Ql6VtS6L84GVdiQjeKGQjJJTlOs"
Access-Control-Allow-Origin: https://www.filecrypt.cc
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
Content-Encoding: gzip

v2.cutcaptcha.net/captcha/SAs61IAI/bcf08261-2e8c-4d2f-bbee-9d44dee65cf7/part2.png

88.198.62.113

200 OK

3.4 kB

URL GET
v2.cutcaptcha.net/captcha/SAs61IAI/bcf08261-2e8c-4d2f-bbee-9d44dee65cf7/part2.png
IP
88.198.62.113:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://v2.cutcaptcha.net/captcha/SAs61IAI.html
Certificate
IssuerLet's Encrypt
Subjectv2.cutcaptcha.net
Fingerprint3E:00:65:92:AF:75:19:3F:BF:40:53:C6:1C:BA:D8:32:B4:5E:42:D7
ValidityWed, 12 Feb 2025 06:00:35 GMT - Tue, 13 May 2025 06:00:34 GMT

File type
PNG image data, 84 x 82, 8-bit/color RGBA, non-interlaced
Size
3.4 kB (3442 bytes)
Hash
5be64ab869727a60aae59d72400373ed
c71180c6b8022316fcfd934d5c5184d7cd2b512e
faef121355964681c6148b1c07662b405c95b46b68ee8ba52dc5f57b476cabcb

HTTP Headers

GET /captcha/SAs61IAI/bcf08261-2e8c-4d2f-bbee-9d44dee65cf7/part2.png HTTP/1.1
Host: v2.cutcaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v2.cutcaptcha.net/captcha/SAs61IAI.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 May 2025 15:22:15 GMT
Content-Type: image/png
Content-Length: 3442
Connection: keep-alive
ETag: W/"d72-xxGAxrgCIxb8/ZNNXFGE180rUS4"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

www.filecrypt.cc/js/aclib.js

104.21.32.1

200 OK

182 kB

URL GET
www.filecrypt.cc/js/aclib.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.filecrypt.cc/Container/E4A20A0A72.html
Certificate
IssuerGoogle Trust Services
Subjectfilecrypt.cc
FingerprintC3:13:5D:1B:CA:84:0A:E8:DC:F2:9C:A6:89:69:15:7A:62:1C:F6:5A
ValidityWed, 07 May 2025 19:34:53 GMT - Tue, 05 Aug 2025 20:33:36 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (46404), with NEL line terminators
Size
182 kB (181885 bytes)
Hash
8d0e82acd3d304aa35726628fec50d66
acc7f7252e0807600e21e9f53b1edcba96e9a6c0
22cbe2e5a7e403d6517656515e865e9eba8258adb1e383522c5acfae4e767679

HTTP Headers

GET /js/aclib.js HTTP/1.1
Host: www.filecrypt.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.filecrypt.cc/Container/E4A20A0A72.html
Cookie: PHPSESSID=l8lvqro8bdg9ng9hd20jqc5l00; lang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 11 May 2025 15:22:14 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HQe3OdUycuGxRx7gLTImMbW3IM7VcwR%2BuKWfDThl%2FcEgstKYgNkXQfXYCs8VexPvsn0znERW488yv5RMX90KvzfBHYTP03GdkK%2Brqec%2FM92sbk78el7e4kLWQl5jKc50lh3F"}],"group":"cf-nel","max_age":604800}
etag: W/"6820bb71-2c67d"
last-modified: Sun, 11 May 2025 15:00:01 GMT
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 93e2abae0d243516-PRG
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27504&min_rtt=26336&rtt_var=6436&sent=43&recv=19&lost=0&retrans=0&sent_bytes=25675&recv_bytes=4047&delivery_rate=67026&cwnd=16800&unsent_bytes=0&cid=780b92b029af9e58&ts=317&x=16"

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (32)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML