Report - rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown

Report Overview

Visited public
2025-01-16 02:21:43
Tags
URL
rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown
Finishing URL
rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown
IP / ASN
185.66.143.46
#200514 KnownSRV Ltd.
Title
avabrooks Download - RapidFileAccess

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
rapidfileaccess.com	unknown	2025-01-09	2025-01-16	2025-01-16	7.2 kB	268 kB	185.66.143.46
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-01-15	468 B	3.1 kB	142.250.74.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-01-16	medium	rapidfileaccess.com	Sinkholed
2025-01-16	medium	rapidfileaccess.com	Sinkholed
2025-01-16	medium	rapidfileaccess.com	Sinkholed
2025-01-16	medium	rapidfileaccess.com	Sinkholed
2025-01-16	medium	rapidfileaccess.com	Sinkholed
2025-01-16	medium	rapidfileaccess.com	Sinkholed
2025-01-16	medium	rapidfileaccess.com	Sinkholed
2025-01-16	medium	rapidfileaccess.com	Sinkholed
2025-01-16	medium	rapidfileaccess.com	Sinkholed
2025-01-16	medium	rapidfileaccess.com	Sinkholed
2025-01-16	medium	rapidfileaccess.com	Sinkholed
2025-01-16	medium	rapidfileaccess.com	Sinkholed
2025-01-16	medium	rapidfileaccess.com	Sinkholed
2025-01-16	medium	rapidfileaccess.com	Sinkholed
2025-01-16	medium	rapidfileaccess.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (9)

	URL	From	Size	First Seen	Last Seen
	rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown	ScriptElement	537 B	2025-01-16	2025-03-27
Pretty URL rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown IP 185.66.143.46 ASN #200514 KnownSRV Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-16 02:21 Last Seen2025-03-27 11:40 Times Seen2 Hash c729cc18db7a83436f831e3d4cb24607 5c84e1e9c3462dc08754c413f9e5f0d039b86619 df6142d97343418171d533a2468391ea4befa8f873b07c2791a5e65e0aabd3ac Loading...

	rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown	ScriptElement	732 B	2025-01-16	2025-04-19
Pretty URL rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown IP 185.66.143.46 ASN #200514 KnownSRV Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-16 02:21 Last Seen2025-04-19 10:52 Times Seen23 Hash cc636ec8b67ecc1fbeb5dda997dfe362 fe1d98fb90d783380930cc5eaf48a1fdde715f7f 8bcf7b7f185a9d173c34a42559fada8751cd412115bc60c0dd67052b2ec10237 Loading...

	rapidfileaccess.com/js/scripts.js	ScriptElement	1.3 kB	2024-08-23	2025-04-21
Pretty URL rapidfileaccess.com/js/scripts.js IP 185.66.143.46 ASN #200514 KnownSRV Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-23 11:26 Last Seen2025-04-21 00:59 Times Seen47 Hash 2d58b7a6283705e2386eef9471cf4403 c0779af05704983ae1c60b137827405e50ae239f 43d6221539ba2bf66e19be89497cf77474698fba59a1935c972c40c701e401ef Loading...

	rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown	ScriptElement	660 B	2025-01-16	2025-04-19
Pretty URL rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown IP 185.66.143.46 ASN #200514 KnownSRV Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-16 02:21 Last Seen2025-04-19 10:52 Times Seen23 Hash d0c46a3232a172e589cb149f9b26cb01 cfc24e9827989283ed4161015d4fe1f22384cc7e 7e80ff0cafb1b4abb4509e45fffbc511b0d11f69726fc674d87733abbf0e36b4 Loading...

	rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown	ScriptElement	424 B	2025-01-16	2025-03-27
Pretty URL rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown IP 185.66.143.46 ASN #200514 KnownSRV Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-16 02:21 Last Seen2025-03-27 11:40 Times Seen2 Hash 96cfd7d4c7dfc58d10cd985875e67183 3f9509a8e4ae0a37066dbe6c5c3f8795300d6b61 bebcc353b5528f3d6c23200d28ff5a8627be3d31adfcb14e01c25136e071ec34 Loading...

	rapidfileaccess.com/js/rocket-loader.min.js	ScriptElement	12 kB	2023-03-07	2025-05-10
Pretty URL rapidfileaccess.com/js/rocket-loader.min.js IP 185.66.143.46 ASN #200514 KnownSRV Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-10 03:09 Times Seen31243 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	rapidfileaccess.com/js/jquery.min.js	ScriptElement	95 kB	2023-03-07	2025-05-10
Pretty URL rapidfileaccess.com/js/jquery.min.js IP 185.66.143.46 ASN #200514 KnownSRV Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 03:02 Times Seen8002 Hash b8d64d0bc142b3f670cc0611b0aebcae abcd2ba13348f178b17141b445bc99f1917d47af 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4 Loading...

	unknown	ScriptElement	338 B	2023-03-07	2025-04-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40 Last Seen2025-04-07 23:01 Times Seen24 Hash 038bb3f22fe74fcae2c0562c17433b9a 56c91d58be72d44175df379e9f60f6e32f47aa1e 1b8339543d7f57b121795345912001c2fd9d2bb45752126e328c667453ce8cde Loading...

	rapidfileaccess.com/js/bower.js	ScriptElement	171 kB	2023-03-07	2025-04-21
Pretty URL rapidfileaccess.com/js/bower.js IP 185.66.143.46 ASN #200514 KnownSRV Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40 Last Seen2025-04-21 00:59 Times Seen62 Hash 025b7218828c2c1be5597f502bb67d16 2e4dad2d365dd988612c8c93f2eab3950dcc6985 0fef544b133eeae68d6d5a63c86be04de8d59bad101c3489341224bc19a19100 Loading...

HTTP Transactions (16)

URL IP Response Size

rapidfileaccess.com/css/bower.css

185.66.143.46

200 OK

25 kB

URL GET HTTP/2
rapidfileaccess.com/css/bower.css
IP
185.66.143.46:443
ASN
#200514 KnownSRV Ltd.

Requested by
https://rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown
Certificate
IssuerLet's Encrypt
Subjectrapidfileaccess.com
Fingerprint48:E8:72:16:F9:B5:10:01:4D:B0:2C:D9:EA:02:89:BA:71:24:22:7C
ValidityThu, 09 Jan 2025 08:28:56 GMT - Wed, 09 Apr 2025 08:28:55 GMT

File type
ASCII text, with very long lines (65371)
Size
25 kB (24598 bytes)
Hash
2bb19883458c2da29baeccce990ed0f3
7835e4899e59305dcaaf4aa17b1baae590541669
f6726359a68eed49b3611a06f9386318a22156f6d119bb5559bc463cd88c11b6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/bower.css HTTP/1.1
Host: rapidfileaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 23 Jan 2025 02:21:18 GMT
content-type: text/css
last-modified: Thu, 09 Jan 2025 12:04:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 24598
date: Thu, 16 Jan 2025 02:21:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rapidfileaccess.com/img/file_logo.webp

185.66.143.46

200 OK

2.8 kB

URL GET HTTP/2
rapidfileaccess.com/img/file_logo.webp
IP
185.66.143.46:443
ASN
#200514 KnownSRV Ltd.

Requested by
https://rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown
Certificate
IssuerLet's Encrypt
Subjectrapidfileaccess.com
Fingerprint48:E8:72:16:F9:B5:10:01:4D:B0:2C:D9:EA:02:89:BA:71:24:22:7C
ValidityThu, 09 Jan 2025 08:28:56 GMT - Wed, 09 Apr 2025 08:28:55 GMT

File type
RIFF (little-endian) data, Web/P image
Size
2.8 kB (2804 bytes)
Hash
4972e0298f2440948ec16cf9bdc9e896
7c6f71c55d65e47e96a957bb873472a530f06787
46887e06c207980c58d3426978e350bbb78645b10ecac91dcf37d79d5e6c55be

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/file_logo.webp HTTP/1.1
Host: rapidfileaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 23 Jan 2025 02:21:18 GMT
content-type: image/webp
last-modified: Thu, 09 Jan 2025 12:04:13 GMT
accept-ranges: bytes
content-length: 2804
date: Thu, 16 Jan 2025 02:21:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rapidfileaccess.com/img/virus/avast.png

185.66.143.46

200 OK

14 kB

URL GET HTTP/2
rapidfileaccess.com/img/virus/avast.png
IP
185.66.143.46:443
ASN
#200514 KnownSRV Ltd.

Requested by
https://rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown
Certificate
IssuerLet's Encrypt
Subjectrapidfileaccess.com
Fingerprint48:E8:72:16:F9:B5:10:01:4D:B0:2C:D9:EA:02:89:BA:71:24:22:7C
ValidityThu, 09 Jan 2025 08:28:56 GMT - Wed, 09 Apr 2025 08:28:55 GMT

File type
PNG image data, 300 x 150, 8-bit/color RGBA, non-interlaced
Size
14 kB (13731 bytes)
Hash
32ac1242329f986c3e8d50c8406b7b1e
7d267f08c4c05fd3a0892daf6a098ac768738e36
ed94337ebb41e7c2ebd1e757ad311052f81dbaf12e58f5b4c758efaac8e7657a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/virus/avast.png HTTP/1.1
Host: rapidfileaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 23 Jan 2025 02:21:18 GMT
content-type: image/png
last-modified: Thu, 09 Jan 2025 12:04:13 GMT
accept-ranges: bytes
content-length: 13731
date: Thu, 16 Jan 2025 02:21:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rapidfileaccess.com/img/virus/bitdefender.png

185.66.143.46

200 OK

14 kB

URL GET HTTP/2
rapidfileaccess.com/img/virus/bitdefender.png
IP
185.66.143.46:443
ASN
#200514 KnownSRV Ltd.

Requested by
https://rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown
Certificate
IssuerLet's Encrypt
Subjectrapidfileaccess.com
Fingerprint48:E8:72:16:F9:B5:10:01:4D:B0:2C:D9:EA:02:89:BA:71:24:22:7C
ValidityThu, 09 Jan 2025 08:28:56 GMT - Wed, 09 Apr 2025 08:28:55 GMT

File type
PNG image data, 300 x 150, 8-bit/color RGBA, non-interlaced
Size
14 kB (14065 bytes)
Hash
1ab5ea800c08c6227a774ba1375d152c
67023abc4c85bb6b3852463b1d4ab1ad19a8b7fd
42e3aa54cfacaa5849859a70cb2d5f26e77df19f59e6c83e0077d072efb9a5b7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/virus/bitdefender.png HTTP/1.1
Host: rapidfileaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 23 Jan 2025 02:21:18 GMT
content-type: image/png
last-modified: Thu, 09 Jan 2025 12:04:13 GMT
accept-ranges: bytes
content-length: 14065
date: Thu, 16 Jan 2025 02:21:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown

185.66.143.46

200 OK

24 kB

URL
rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown
IP
185.66.143.46:0
ASN
#200514 KnownSRV Ltd.

Certificate
IssuerLet's Encrypt
Subjectrapidfileaccess.com
Fingerprint48:E8:72:16:F9:B5:10:01:4D:B0:2C:D9:EA:02:89:BA:71:24:22:7C
ValidityThu, 09 Jan 2025 08:28:56 GMT - Wed, 09 Apr 2025 08:28:55 GMT

File type
HTML document, ASCII text, with very long lines (7623), with CRLF line terminators
Size
24 kB (24220 bytes)
Hash
8bb2ed768a770b18efb2120b18268faf
ca44ae506ef73f22fd4257ee80d1b72350bb4b35
32835b80def6dfd23aed9092c1b1f8cac8af93f0c34ed8d12f6d32f907cfb44c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /download.php?id=9H4r7Ve&ref=unknown HTTP/1.1
Host: rapidfileaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-powered-by: PHP/8.2.26
content-type: text/html; charset=iso-utf8
content-encoding: br
vary: Accept-Encoding
date: Thu, 16 Jan 2025 02:21:18 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

rapidfileaccess.com/img/virus/kaspersky.png

185.66.143.46

200 OK

13 kB

URL GET HTTP/2
rapidfileaccess.com/img/virus/kaspersky.png
IP
185.66.143.46:443
ASN
#200514 KnownSRV Ltd.

Requested by
https://rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown
Certificate
IssuerLet's Encrypt
Subjectrapidfileaccess.com
Fingerprint48:E8:72:16:F9:B5:10:01:4D:B0:2C:D9:EA:02:89:BA:71:24:22:7C
ValidityThu, 09 Jan 2025 08:28:56 GMT - Wed, 09 Apr 2025 08:28:55 GMT

File type
PNG image data, 300 x 150, 8-bit/color RGBA, non-interlaced
Size
13 kB (13426 bytes)
Hash
2d73034a7e5cba36606a0bb1bffcf676
e5dc6f6f5519240595ec14bcd90904f6d428d61f
892c583ba92958d2c298f987e172206c1a5a3d25bd1d4e840b5bc29f5e728c96

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/virus/kaspersky.png HTTP/1.1
Host: rapidfileaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 23 Jan 2025 02:21:18 GMT
content-type: image/png
last-modified: Thu, 09 Jan 2025 12:04:13 GMT
accept-ranges: bytes
content-length: 13426
date: Thu, 16 Jan 2025 02:21:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rapidfileaccess.com/img/virus/macafee.png

185.66.143.46

200 OK

18 kB

URL GET HTTP/2
rapidfileaccess.com/img/virus/macafee.png
IP
185.66.143.46:443
ASN
#200514 KnownSRV Ltd.

Requested by
https://rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown
Certificate
IssuerLet's Encrypt
Subjectrapidfileaccess.com
Fingerprint48:E8:72:16:F9:B5:10:01:4D:B0:2C:D9:EA:02:89:BA:71:24:22:7C
ValidityThu, 09 Jan 2025 08:28:56 GMT - Wed, 09 Apr 2025 08:28:55 GMT

File type
PNG image data, 300 x 150, 8-bit/color RGBA, non-interlaced
Size
18 kB (17777 bytes)
Hash
177ae9550c0a16f3f0de68fda078a778
44ca071367056ad31ac153cf4f322454c82efd30
dc376d6e221d72ef957c74cb25be593ea06b576214a35c975a690b2e554e54e1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/virus/macafee.png HTTP/1.1
Host: rapidfileaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 23 Jan 2025 02:21:18 GMT
content-type: image/png
last-modified: Thu, 09 Jan 2025 12:04:13 GMT
accept-ranges: bytes
content-length: 17777
date: Thu, 16 Jan 2025 02:21:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rapidfileaccess.com/img/virus/panda.png

185.66.143.46

200 OK

13 kB

URL GET HTTP/2
rapidfileaccess.com/img/virus/panda.png
IP
185.66.143.46:443
ASN
#200514 KnownSRV Ltd.

Requested by
https://rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown
Certificate
IssuerLet's Encrypt
Subjectrapidfileaccess.com
Fingerprint48:E8:72:16:F9:B5:10:01:4D:B0:2C:D9:EA:02:89:BA:71:24:22:7C
ValidityThu, 09 Jan 2025 08:28:56 GMT - Wed, 09 Apr 2025 08:28:55 GMT

File type
PNG image data, 300 x 150, 8-bit/color RGBA, non-interlaced
Size
13 kB (13331 bytes)
Hash
891507bdce8da1f2f8380770ec9db34a
5ad5fd89f87c57e0a36906c6935927c4c83cadcf
d4d271c8d73e9e8d169894c74560e70415fee5618d7af4217931b29a1bd4da10

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/virus/panda.png HTTP/1.1
Host: rapidfileaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 23 Jan 2025 02:21:18 GMT
content-type: image/png
last-modified: Thu, 09 Jan 2025 12:04:13 GMT
accept-ranges: bytes
content-length: 13331
date: Thu, 16 Jan 2025 02:21:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rapidfileaccess.com/js/rocket-loader.min.js

185.66.143.46

200 OK

3.7 kB

URL GET HTTP/2
rapidfileaccess.com/js/rocket-loader.min.js
IP
185.66.143.46:443
ASN
#200514 KnownSRV Ltd.

Requested by
https://rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown
Certificate
IssuerLet's Encrypt
Subjectrapidfileaccess.com
Fingerprint48:E8:72:16:F9:B5:10:01:4D:B0:2C:D9:EA:02:89:BA:71:24:22:7C
ValidityThu, 09 Jan 2025 08:28:56 GMT - Wed, 09 Apr 2025 08:28:55 GMT

File type
JavaScript source, ASCII text, with very long lines (12331)
Size
3.7 kB (3678 bytes)
Hash
88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/rocket-loader.min.js HTTP/1.1
Host: rapidfileaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 23 Jan 2025 02:21:18 GMT
content-type: application/javascript
last-modified: Thu, 09 Jan 2025 12:04:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3678
date: Thu, 16 Jan 2025 02:21:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rapidfileaccess.com/background/bR2vbfO.png

185.66.143.46

200 OK

26 kB

URL
rapidfileaccess.com/background/bR2vbfO.png
IP
185.66.143.46:0
ASN
#200514 KnownSRV Ltd.

Certificate
IssuerLet's Encrypt
Subjectrapidfileaccess.com
Fingerprint48:E8:72:16:F9:B5:10:01:4D:B0:2C:D9:EA:02:89:BA:71:24:22:7C
ValidityThu, 09 Jan 2025 08:28:56 GMT - Wed, 09 Apr 2025 08:28:55 GMT

File type
PNG image data, 622 x 948, 2-bit colormap, non-interlaced
Size
26 kB (26402 bytes)
Hash
60e1910d77b2f40536da8a50793f5e8b
0bc07c9048d8294f54314269e04f140b020fca67
2fcda32a86bea80fe0e301f3faf1fc81a48f05447fbbdafce096449da26745a2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /background/bR2vbfO.png HTTP/1.1
Host: rapidfileaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 23 Jan 2025 02:21:19 GMT
content-type: image/png
last-modified: Thu, 09 Jan 2025 12:04:13 GMT
accept-ranges: bytes
content-length: 26402
date: Thu, 16 Jan 2025 02:21:19 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900|Bowlby+One+SC

142.250.74.10

200 OK

2.5 kB

URL
fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900|Bowlby+One+SC
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression
Size
2.5 kB (2456 bytes)
Hash
b8643455b9e326115034b89674183326
38ed23f10505e38a25b97e79bab7ff1be4c73066
ec65c15ba34783881974b2725e6d1b7cd170547dab6b17b27371f1203e940a7f

HTTP Headers

GET /css?family=Roboto:100,300,400,500,700,900|Bowlby+One+SC HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rapidfileaccess.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 16 Jan 2025 02:21:18 GMT
date: Thu, 16 Jan 2025 02:21:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

rapidfileaccess.com/js/scripts.js

185.66.143.46

200 OK

428 B

URL GET HTTP/2
rapidfileaccess.com/js/scripts.js
IP
185.66.143.46:443
ASN
#200514 KnownSRV Ltd.

Requested by
https://rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown
Certificate
IssuerLet's Encrypt
Subjectrapidfileaccess.com
Fingerprint48:E8:72:16:F9:B5:10:01:4D:B0:2C:D9:EA:02:89:BA:71:24:22:7C
ValidityThu, 09 Jan 2025 08:28:56 GMT - Wed, 09 Apr 2025 08:28:55 GMT

File type
JavaScript source, ASCII text
Size
428 B (428 bytes)
Hash
2d58b7a6283705e2386eef9471cf4403
c0779af05704983ae1c60b137827405e50ae239f
43d6221539ba2bf66e19be89497cf77474698fba59a1935c972c40c701e401ef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/scripts.js HTTP/1.1
Host: rapidfileaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 23 Jan 2025 02:21:19 GMT
content-type: application/javascript
last-modified: Thu, 09 Jan 2025 12:04:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 428
date: Thu, 16 Jan 2025 02:21:19 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rapidfileaccess.com/js/bower.js

185.66.143.46

200 OK

47 kB

URL
rapidfileaccess.com/js/bower.js
IP
185.66.143.46:0
ASN
#200514 KnownSRV Ltd.

Certificate
IssuerLet's Encrypt
Subjectrapidfileaccess.com
Fingerprint48:E8:72:16:F9:B5:10:01:4D:B0:2C:D9:EA:02:89:BA:71:24:22:7C
ValidityThu, 09 Jan 2025 08:28:56 GMT - Wed, 09 Apr 2025 08:28:55 GMT

File type
JavaScript source, ASCII text, with very long lines (32126)
Size
47 kB (47395 bytes)
Hash
025b7218828c2c1be5597f502bb67d16
2e4dad2d365dd988612c8c93f2eab3950dcc6985
0fef544b133eeae68d6d5a63c86be04de8d59bad101c3489341224bc19a19100

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/bower.js HTTP/1.1
Host: rapidfileaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 23 Jan 2025 02:21:19 GMT
content-type: application/javascript
last-modified: Thu, 09 Jan 2025 12:04:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 47395
date: Thu, 16 Jan 2025 02:21:19 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rapidfileaccess.com/js/jquery.min.js

185.66.143.46

200 OK

32 kB

URL GET HTTP/2
rapidfileaccess.com/js/jquery.min.js
IP
185.66.143.46:443
ASN
#200514 KnownSRV Ltd.

Requested by
https://rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown
Certificate
IssuerLet's Encrypt
Subjectrapidfileaccess.com
Fingerprint48:E8:72:16:F9:B5:10:01:4D:B0:2C:D9:EA:02:89:BA:71:24:22:7C
ValidityThu, 09 Jan 2025 08:28:56 GMT - Wed, 09 Apr 2025 08:28:55 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (32769)
Size
32 kB (32504 bytes)
Hash
b8d64d0bc142b3f670cc0611b0aebcae
abcd2ba13348f178b17141b445bc99f1917d47af
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: rapidfileaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 23 Jan 2025 02:21:19 GMT
content-type: application/javascript
last-modified: Thu, 09 Jan 2025 12:04:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 32504
date: Thu, 16 Jan 2025 02:21:19 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rapidfileaccess.com/img/icon.jpg

185.66.143.46

200 OK

8.9 kB

URL GET HTTP/2
rapidfileaccess.com/img/icon.jpg
IP
185.66.143.46:443
ASN
#200514 KnownSRV Ltd.

Requested by
https://rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown
Certificate
IssuerLet's Encrypt
Subjectrapidfileaccess.com
Fingerprint48:E8:72:16:F9:B5:10:01:4D:B0:2C:D9:EA:02:89:BA:71:24:22:7C
ValidityThu, 09 Jan 2025 08:28:56 GMT - Wed, 09 Apr 2025 08:28:55 GMT

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
Size
8.9 kB (8851 bytes)
Hash
a22f44db239bbeb0dcebd8bf12336a1e
93e18160c76f893ffdcac972149ae779e12d281a
bd486fd7e67fe1f7ef14f618ddf5745b1fbc0eb339a9f7bfa71c3549aa803cf0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/icon.jpg HTTP/1.1
Host: rapidfileaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 23 Jan 2025 02:21:19 GMT
content-type: image/jpeg
last-modified: Thu, 09 Jan 2025 12:04:13 GMT
accept-ranges: bytes
content-length: 8851
date: Thu, 16 Jan 2025 02:21:19 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rapidfileaccess.com/img/virus/eset.png

185.66.143.46

200 OK

20 kB

URL GET HTTP/2
rapidfileaccess.com/img/virus/eset.png
IP
185.66.143.46:443
ASN
#200514 KnownSRV Ltd.

Requested by
https://rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown
Certificate
IssuerLet's Encrypt
Subjectrapidfileaccess.com
Fingerprint48:E8:72:16:F9:B5:10:01:4D:B0:2C:D9:EA:02:89:BA:71:24:22:7C
ValidityThu, 09 Jan 2025 08:28:56 GMT - Wed, 09 Apr 2025 08:28:55 GMT

File type
PNG image data, 300 x 150, 8-bit/color RGBA, non-interlaced
Size
20 kB (20375 bytes)
Hash
a35447096549417ba1364c4ca4570ecf
928d7c5451d688dc274ad44034254d7135475104
2458c85dc999c45d28ec604053133f436cfa840410c0ba7bf6e38527bbbecd14

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/virus/eset.png HTTP/1.1
Host: rapidfileaccess.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rapidfileaccess.com/download.php?id=9H4r7Ve&ref=unknown
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 23 Jan 2025 02:21:18 GMT
content-type: image/png
last-modified: Thu, 09 Jan 2025 12:04:13 GMT
accept-ranges: bytes
content-length: 20375
date: Thu, 16 Jan 2025 02:21:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (16)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size