| | 192.99.9.229 | 302 Found | 0 B |
URL User Request GET HTTP/1.1IP192.99.9.229:443
CertificateIssuerLet's Encrypt Subjectu-on.eu Fingerprint41:84:41:B3:B9:ED:21:C1:06:F2:62:5C:94:1C:CF:66:60:5E:EC:CF ValidityTue, 26 Mar 2024 17:33:13 GMT - Mon, 24 Jun 2024 17:33:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /out.php?o=96005 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Fri, 10 May 2024 07:59:45 GMT
Server: Apache/2.4.55 (Ubuntu)
Location: http://filesfly.cc/4evvoy38cm9z
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
|
| | 188.114.97.1 | 301 Moved Permanently | 162 B |
URL User Request GET HTTP/1.1IP188.114.97.1:80
File typeHTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /4evvoy38cm9z HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 10 May 2024 07:59:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://filesfly.cc/4evvoy38cm9z
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NefTUmm01Iq%2BbFqA%2BCniGMj%2BgDfkLYKs1foTalt0upUhNMfTZQGfo7ce8NHzWLvhVfYPshHJAhXdnxnbGP11hXLgsK5sOoeosyfGXy%2B2I7SsOhijotJhbyPP89VUMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 88186447eecc0b65-OSL
alt-svc: h2=":443"; ma=60
|
|
| filesfly.cc/ds1/js/jquery-1.9.1.min.js | 188.114.97.1 | 200 OK | 33 kB |
URL GET HTTP/3filesfly.cc/ds1/js/jquery-1.9.1.min.js IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeJavaScript source, ASCII text, with very long lines (32089) Hash397754ba49e9e0cf4e7c190da78dda05 ae49e56999d82802727455f0ba83b63acd90a22b c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ds1/js/jquery-1.9.1.min.js HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:46 GMT
content-type: application/javascript
content-length: 32729
last-modified: Fri, 03 Feb 2023 10:28:37 GMT
etag: "169d5-5f3c924eed274-gzip"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 3962
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lNIr4Ig%2FNO7m2OpVCfRSSuHVx99uxb7a3HybXOB8FfBSi68EJYU8pDeFhvMkaxrgVoi6SMOdYRvpb5nb%2BIT%2BnlmLgXWOvqRffSVg52UgRGmh3qjyUpXuJJSyliTBFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8818644b8e5956ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/ds1/css/bootstrap.min.css?v=12 | 188.114.97.1 | 200 OK | 20 kB |
URL GET HTTP/3filesfly.cc/ds1/css/bootstrap.min.css?v=12 IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeASCII text, with very long lines (65367), with CRLF line terminators Hashaf38cc1f2c4694f23f716a7acbdae761 e24059cbfac6277b602872644e0f1c00f5bfd38a 5a4ffbbe02a84f7d6281485f1391881b2ebdea342789b3de948e67bba817eba2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ds1/css/bootstrap.min.css?v=12 HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:46 GMT
content-type: text/css
content-length: 19597
last-modified: Tue, 21 Mar 2023 00:33:22 GMT
etag: "1d9ec-5f75e30e302ea-gzip"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 4561
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yIpsuaUR4GacZVFMdNPc3jP%2FC6srx7m31RPXRHpCekgfJ%2B4D7t6scwZT%2FgfR21LIwAbVTwK7rVFSk0U9qTISdOqd4zdeQCpZJ6vDn4F9iY%2FN10qAmtVSFOiWVP1d6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8818644b8e5a56ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/ds1/css/ie10-viewport-bug-workaround.css | 188.114.97.1 | 200 OK | 285 B |
URL GET HTTP/3filesfly.cc/ds1/css/ie10-viewport-bug-workaround.css IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeASCII text, with CRLF line terminators Hash3b9060cf62bfb4ddc5cf5e1e5204a579 bb8c9bd6dc1947ebc51c510ba729b8f48cd5d2aa 5c83d64fd31a699a81efd8430a7100f1aeb83024f88b252273c9f5de31309e13
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ds1/css/ie10-viewport-bug-workaround.css HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:46 GMT
content-type: text/css
content-length: 285
last-modified: Fri, 03 Feb 2023 10:28:33 GMT
etag: "1be-5f3c924b2425a-gzip"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 4561
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wpkWcgDjIlJifdKSX8ha7sutYUMho2k2%2BRT4p2vsJuiI2NVUuQmJQpjN%2BtL3Z7hljnZbqMHL1rQTpI3KeZIqCcNsEzPGGRYN2fpflsKYibnFrsDdkL1zNxGi8tGFZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8818644b9e5e56ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/ds1/css/hsn_style.min.css?v=111 | 188.114.97.1 | 200 OK | 9.8 kB |
URL GET HTTP/3filesfly.cc/ds1/css/hsn_style.min.css?v=111 IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeASCII text, with very long lines (53116), with no line terminators Hash3e29ba9208e37480f7177ba73733fcbb 6d12808922d6084f0ad43c971da4625001f5f91f 248094c268fe6953056be3891a91cb54ac3f5a3364514c6406e36c24f63fdc07
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ds1/css/hsn_style.min.css?v=111 HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:46 GMT
content-type: text/css
content-length: 9842
last-modified: Fri, 03 Feb 2023 10:28:32 GMT
etag: "cf7c-5f3c924ac5e85-gzip"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 4561
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hpL7gNhQqNkeJ7Mhb2Zp4Rhz1M8CF6Ru3XU46ZK81c3Av7U%2Fdu9iy%2BA6qwr9K2OJQ7DmlmIv6VNLWOmQ59l%2FJw%2B%2Beg7TRAQBG3imdGCaAhwBhgjreFQG4y1YYTZ%2F3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8818644b9e6056ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/ds1/js/jquery.paging.js | 188.114.97.1 | 200 OK | 4.3 kB |
URL GET HTTP/3filesfly.cc/ds1/js/jquery.paging.js IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeJavaScript source, ASCII text Hashd7a2c1c7af2a004a6d68e1e55b1cfb46 7fd6daa7076c30381880519ad06ef5639b19ee28 c8ecfe747c979fbd87624913200a9237343679923b495885bced089b80fc84f6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ds1/js/jquery.paging.js HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:46 GMT
content-type: application/javascript
content-length: 4311
last-modified: Fri, 03 Feb 2023 10:28:38 GMT
etag: "4ba5-5f3c9250056e2-gzip"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 427
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GYvGJp6qHrQe%2Bz1g1WZMLD5R0Hcojdy%2F47q7MwUCJsFdotmTMcn8ZrK1xkVxdKMkP4%2Byibp1yTE%2FajI9cgh0TO1rnIROjFfbVgrs5FuheIb4SpYPKaCC9lD90%2Bd1uw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8818644b9e6f56ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/ds1/js/jquery.cookie.js | 188.114.97.1 | 200 OK | 802 B |
URL GET HTTP/3filesfly.cc/ds1/js/jquery.cookie.js IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeJavaScript source, ASCII text, with very long lines (1801), with no line terminators Hash87ec184596af8855bb7cca6554af2c1f 15f1ef7fcb2df1ca1e4674a56f0a13bb088343b6 64a7a0e3612b87d5088ceb8daf269c7cd96acfd33b2c380ebaaa43fe3d69553a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ds1/js/jquery.cookie.js HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:46 GMT
content-type: application/javascript
content-length: 802
last-modified: Fri, 03 Feb 2023 10:28:37 GMT
etag: "709-5f3c924f7b7d3-gzip"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 427
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wO9JFc7eyr8ccY45LwD6j1DEM3WaeUAWUnzt4%2BlFOQOBwvClguEgbqgn%2FYzFgyWjumL%2FyuuNOfC9jW1pRZlpStEtnmiI%2BZeB4Rg5KtJm91%2F9j3PiER7aLp1ta0OabA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8818644b9e7056ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/ds1/js/paging.js?0 | 188.114.97.1 | 200 OK | 646 B |
URL GET HTTP/3filesfly.cc/ds1/js/paging.js?0 IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeHTML document, ASCII text Hash114fe6dcd2944b3177a6379943ea185e 4b27b2d70966a74f56ec3337f5e28106612dc696 3ae7654118ffbd2ae15e631ce033658bac67f13f8cb2d324785c811907802e62
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ds1/js/paging.js?0 HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:46 GMT
content-type: application/javascript
content-length: 646
last-modified: Thu, 13 Apr 2023 14:38:40 GMT
etag: "755-5f938ae453434-gzip"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 4562
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7jnFEPySq338coWOTQYZOtz%2BV72WdO8In9WPcUtzNqTWK5oRUbF9F0TcunyIOI16uvTiFzqHlnHvego%2BTKqdmATEZ7iFvnYT05UY5Mwm2Xn%2FlaoWcIM1tsVwlouSig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8818644b9e7256ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/ds1/img/logo.png | 188.114.97.1 | 200 OK | 6.4 kB |
URL GET HTTP/3filesfly.cc/ds1/img/logo.png IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 193 x 115, 8-bit/color RGBA, non-interlaced Hash5274be685e8eecdc1f8484d7d58eea01 5adb0e29d2943316d45a40e9fbc84d0bad573778 def08eed715e3838f3cb65616fb4435ccfb4d041fab854f64714f941faf07fd1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ds1/img/logo.png HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:46 GMT
content-type: image/png
content-length: 6431
last-modified: Fri, 03 Mar 2023 10:46:07 GMT
etag: "191f-5f5fca7187c26"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 4561
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RuHFY%2Fy69R37MbZhrJZSGdSQyXVXi082yQMFjMUoxc4r%2FgFUy3wXlhcs6%2F8Pvr5vHGPi4t5OKBEilEszT2wbYW8UVbbUVs8KLw6Roz3O7rMKfxB9jG3r7i8dCut1LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818644bae7a56ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/ds1/js/bootstrap-confirm.js | 188.114.97.1 | 200 OK | 1.1 kB |
URL GET HTTP/3filesfly.cc/ds1/js/bootstrap-confirm.js IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hash13e84d62c5ce28fec7dd109f4239faed a359b9ea089025e48dc4d37f1109adc24b880f4a 1aa447152804b042de3b66ecb4d77a851f8ec762a2501bfbdde2204efe06babc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ds1/js/bootstrap-confirm.js HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:46 GMT
content-type: application/javascript
content-length: 1126
last-modified: Fri, 03 Feb 2023 10:28:36 GMT
etag: "c8d-5f3c924dd78fe-gzip"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 5692
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rHkZZp7GkZfSixduS5MFE750xxMB4siO0cI2xU1LBALpKPBOC5%2FIiBtJnrHL33o16ytvUwfl%2B5oZ%2B6AJVA57qlNHsPfWUc35ty7bRbrRFS3Ay28rJKNEdKmaBjGzUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8818644bae7d56ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/ds1/js/dialogs.js | 188.114.97.1 | 200 OK | 640 B |
URL GET HTTP/3filesfly.cc/ds1/js/dialogs.js IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
Hash8f19d2b941fc4a8614a7a6f233e49a29 7980862eb90fb9e0c2b02ac70ebdfc9dc0db005a 1975797185c3c769419f07fbe680ac651209b7b3de90bf686f2da0409cc123c2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ds1/js/dialogs.js HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:46 GMT
content-type: application/javascript
content-length: 640
last-modified: Fri, 03 Feb 2023 10:28:36 GMT
etag: "74d-5f3c924e8f287-gzip"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 2424
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pARsedF5zAOlVjy9F6CZmMIQ%2FwoKEAGaS3sfCbWJG%2FKndOdRkVaTRpvUtnLXgjL3BUxy727yCJU%2BMC5JGGlxuG7IF03crGVq1jQ5HV9U6bxYlmupuDqBnZx3yNeywg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8818644bbec556ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images/cmRccbz.png | 188.114.97.1 | 200 OK | 2.9 kB |
URL GET HTTP/3filesfly.cc/images/cmRccbz.png IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 170 x 30, 8-bit/color RGBA, non-interlaced Hashd950b67aeece85936307a7d927f38f85 8cdb4be5f991f7adf9e794dfbd7078145598e057 3b51408bdbc9803485ea3dc1567dae9967c341e5ee3fe1d93f670f1083955891
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/cmRccbz.png HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:46 GMT
content-type: image/png
content-length: 2879
last-modified: Tue, 23 Jan 2024 18:42:00 GMT
etag: "b3f-60fa14d3ddcd5"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 2440
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ula9PpaAbUqgGywYJWXXL%2Fl4XSsPOHVS%2BCCmB%2FDxf%2FTaZzeOj5KawxTspNtiEHn4Za1xLrBdQRLb%2Bl%2FxjYBqbnVJk1IXX8M3k7SgvNkOfog6TQRYXBNIocqKlU8kuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818644bbed956ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images/l8Y1Evx.png | 188.114.97.1 | 200 OK | 6.6 kB |
URL GET HTTP/3filesfly.cc/images/l8Y1Evx.png IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 182 x 45, 8-bit/color RGBA, non-interlaced Hashe3d58d6cf5f1c0f018b798cb8c014b1b 0612b7c41c4b1586d4dbc5c0f55f91f97e8ed629 a295f987053691badde3930d0d1abed6319e38fd0b02056801cfe979c6db3160
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/l8Y1Evx.png HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:46 GMT
content-type: image/png
content-length: 6555
last-modified: Tue, 23 Jan 2024 19:01:37 GMT
etag: "199b-60fa1936cd6ac"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 5692
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cFSzhN6nE73A5mw6xg5hy2FXRtRzPJBLn2815b8brhXlGEn97xCCr2NnHs6srAv16AXNWXht6HX%2B1C5h3fEoWVhIq%2FxUmtIwLn0RdyH2bOdyXLN8Jwd7KBGXxPIF9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818644bbedc56ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images/UKyU65F.png | 188.114.97.1 | 200 OK | 5.6 kB |
URL GET HTTP/3filesfly.cc/images/UKyU65F.png IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 181 x 48, 8-bit/color RGBA, non-interlaced Hash0e03511430d4287132a7cefa7cc467b4 665e045866078804dc499407b2c30d2be845c9f0 951dd7777b38a624a4651af640bef783e939215f5a3e89b14972609bc2f460ef
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/UKyU65F.png HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:46 GMT
content-type: image/png
content-length: 5554
last-modified: Tue, 23 Jan 2024 19:02:05 GMT
etag: "15b2-60fa1951ab6ed"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 5692
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2TXAiiNQtH33JPgn0InPT7j1MK9PAKoXrf8rUfw4U43WfkhsjOSyVoc1IWH7nv9icNDefqmGI%2F%2FcFqi8FYb4Uw3uT9tYc8qUqPW2qb2RKxrgBp3E1%2Bhn8ToaZHd8cA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818644bbed556ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images/paysys/btceth.png | 188.114.97.1 | 200 OK | 4.4 kB |
URL GET HTTP/3filesfly.cc/images/paysys/btceth.png IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 160 x 40, 8-bit/color RGBA, non-interlaced Hash32e8ab42c5f8cf7eb629476f6db5404e 354b4f27cfd747412a60eb0fdb2c8f3f5cce02b2 3ea8357f0810fab9a229a1d572f6a6081eea4a61eb1e08c57897221dff4e144e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/paysys/btceth.png HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:46 GMT
content-type: image/png
content-length: 4443
last-modified: Tue, 23 Jan 2024 18:40:05 GMT
etag: "115b-60fa146601abc"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 5692
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KmXMCq1Hi9OvMHj1jc%2Fwb5HkBeotrBiVwBw%2B7QeABMExOCIodiqmYzB9JZ%2BaumQr%2FAVdgkLoheqUvlZjshyyOVOvgzO%2B2kZtybQ3nSuRn3HPCE6RyWfKk6tifTF%2Fiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818644bbecc56ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images//Cwqq1f2.png | 188.114.97.1 | 200 OK | 5.7 kB |
URL GET HTTP/3filesfly.cc/images//Cwqq1f2.png IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 180 x 55, 8-bit/color RGBA, non-interlaced Hash21b9b91f161e1af0bd7be06236f0341f 3a3af54e2fb9c1315ab76ddf83d9b6bdca6000d2 320c1d8f714c859828310704b06693bec127bdcf188409bb1847b13b013dcc49
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//Cwqq1f2.png HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:46 GMT
content-type: image/png
content-length: 5721
last-modified: Tue, 23 Jan 2024 18:42:18 GMT
etag: "1659-60fa14e54d3ca"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 4482
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lRaP%2FZAueKfWiWX2xJBWh6eeObeOykBN5l732eIw7g8jnEYQgg5NiHXkkQBDAe5g%2FOGWzdt%2FGqX3PeB0i0okpaMJxmHKaN6XY2XTIFz8YGvBljjmIrS2%2BQtbuq8xUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818644bbed356ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images/PtnIEWP.png | 188.114.97.1 | 200 OK | 8.2 kB |
URL GET HTTP/3filesfly.cc/images/PtnIEWP.png IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 180 x 52, 8-bit/color RGBA, non-interlaced Hash04e59a886e24f049e1149efbde47b0b6 0f1cb50c40c35c3b6f6184a94c3dc4fb427d91d4 14e9e94f9bcc8f15c92d86a98c712c2daf9d3e28ddc96255ac320dccf0f43dee
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/PtnIEWP.png HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:46 GMT
content-type: image/png
content-length: 8165
last-modified: Wed, 24 Jan 2024 07:42:47 GMT
etag: "1fe5-60fac3586c9ac"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 5692
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LIkNNM2Z6NCmrmvp0x6UHqEnja%2FziTl6yX9CK1uUkTCUVDc2ccX4xP4rCc1ZesKAETpYBFbo0ra9A1RLs54lPwtg4ZsHV7o%2Bet1ncBy%2BSgkEpu%2Bk%2Fwrn0dBIENF7wg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818644bbecd56ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images/paypal.png | 188.114.97.1 | 200 OK | 4.5 kB |
URL GET HTTP/3filesfly.cc/images/paypal.png IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 160 x 46, 8-bit/color RGBA, non-interlaced Hashfcef3a0a534d973a12ef0b8042f7394c d30d46d9e2d6e423f60507a10bb284669cb7d969 00f35282e245eb922201ac01bae96e5071dade46249855e777481d7f564e609d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/paypal.png HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:46 GMT
content-type: image/png
content-length: 4521
last-modified: Tue, 23 Jan 2024 18:43:00 GMT
etag: "11a9-60fa150d31475"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 5692
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pQmTL1jCUc4DXg2I5jEZt9M%2BPmZ1ixEzgVkFZDkMxtAlO7L2%2Fu00GY7Crpe6KXcxcsCGQeOJXu390THikxXZ1J%2B0regvaVi91dV1bGC1UQlQTN6Bp4%2BZMoq5d4jcZw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818644bbecf56ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images/Cwqq1f2.png | 188.114.97.1 | 200 OK | 5.7 kB |
URL GET HTTP/3filesfly.cc/images/Cwqq1f2.png IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 180 x 55, 8-bit/color RGBA, non-interlaced Hash21b9b91f161e1af0bd7be06236f0341f 3a3af54e2fb9c1315ab76ddf83d9b6bdca6000d2 320c1d8f714c859828310704b06693bec127bdcf188409bb1847b13b013dcc49
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/Cwqq1f2.png HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:46 GMT
content-type: image/png
content-length: 5721
last-modified: Tue, 23 Jan 2024 18:42:18 GMT
etag: "1659-60fa14e54d3ca"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 4482
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hCkDqJfBx1%2B1euXxRFC3%2BiyW6VVcTYr0rKp05xRS9z5mnvotElZN64hfpo5PCFlZRCGV8N1N%2BHnTwZZNjR4fLxKJs3v5ftjJSzjs2ny17q9hg1wIcZkPjqLdtQinOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818644bbed056ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images/QPVrOwJ.png | 188.114.97.1 | 200 OK | 5.1 kB |
URL GET HTTP/3filesfly.cc/images/QPVrOwJ.png IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 142 x 33, 8-bit/color RGBA, non-interlaced Hash655526ec81e5600914e901c33c701e9e 60c5db710069dbde9768345cc364e3ee678a7976 297f8e61f60350d74edd29a3000c5ffe64405a54136295fa8d072dd9b8a70f86
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/QPVrOwJ.png HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:46 GMT
content-type: image/png
content-length: 5050
last-modified: Tue, 23 Jan 2024 19:01:13 GMT
etag: "13ba-60fa191fcf99f"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 5692
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OSqOJnW15ufarhPayQYy4Xpc6Y4Zao%2BkRpzf61rbQluf50Dp0D05Lz3XqooIV9dTegW0sF2yhrTueA%2FK8JBUPaKXyLyqNOhWNg02cm7ygAEJGOzm4I2zv6Egi2fjPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818644bbed456ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images//PtnIEWP.png | 188.114.97.1 | 200 OK | 8.2 kB |
URL GET HTTP/3filesfly.cc/images//PtnIEWP.png IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 180 x 52, 8-bit/color RGBA, non-interlaced Hash04e59a886e24f049e1149efbde47b0b6 0f1cb50c40c35c3b6f6184a94c3dc4fb427d91d4 14e9e94f9bcc8f15c92d86a98c712c2daf9d3e28ddc96255ac320dccf0f43dee
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//PtnIEWP.png HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:46 GMT
content-type: image/png
content-length: 8165
last-modified: Wed, 24 Jan 2024 07:42:47 GMT
etag: "1fe5-60fac3586c9ac"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 5692
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BK5oyZKeVg68krjY4qGhrB%2FjMMqloA1QH7b3ON2vlrmXcYA8XC3rZrExe0Pn4QUfPYpi8XWCIYYMDjC0P7WcXTWe689UyGJnRqGRLZ7Ida7BM7caCxgrFkPvzTjlZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818644bceed56ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images//QPVrOwJ.png | 188.114.97.1 | 200 OK | 5.1 kB |
URL GET HTTP/3filesfly.cc/images//QPVrOwJ.png IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 142 x 33, 8-bit/color RGBA, non-interlaced Hash655526ec81e5600914e901c33c701e9e 60c5db710069dbde9768345cc364e3ee678a7976 297f8e61f60350d74edd29a3000c5ffe64405a54136295fa8d072dd9b8a70f86
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//QPVrOwJ.png HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:46 GMT
content-type: image/png
content-length: 5050
last-modified: Tue, 23 Jan 2024 19:01:13 GMT
etag: "13ba-60fa191fcf99f"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 5692
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jxis0kgdNJPGqH1nO3m3RA%2BoOQfnnYhrclyTuuqkUhVGQXVXBopr6jD9EcXDhPkYu96h%2FnJv79jUlsd7Q5dJ0W68wT0Bro14E0vGC76pSQoxlaQJcTz7wZNL8sTngw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818644bceef56ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images//UKyU65F.png | 188.114.97.1 | 200 OK | 5.6 kB |
URL GET HTTP/3filesfly.cc/images//UKyU65F.png IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 181 x 48, 8-bit/color RGBA, non-interlaced Hash0e03511430d4287132a7cefa7cc467b4 665e045866078804dc499407b2c30d2be845c9f0 951dd7777b38a624a4651af640bef783e939215f5a3e89b14972609bc2f460ef
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//UKyU65F.png HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:46 GMT
content-type: image/png
content-length: 5554
last-modified: Tue, 23 Jan 2024 19:02:05 GMT
etag: "15b2-60fa1951ab6ed"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 5692
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pc4H8Etay5NACnhQIpzk0Bp%2F6Xpsgsg07PxvSTWwkkjACz3sLzW4%2BWn98Ifa6YmP%2BCCdki87hPkP3W%2BAXkqPn4fF%2BOTug4SYmY4zekzWe%2FosCJEIaX1N7wCx%2Bo0U%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818644bcef256ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images//cmRccbz.png | 188.114.97.1 | 200 OK | 2.9 kB |
URL GET HTTP/3filesfly.cc/images//cmRccbz.png IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 170 x 30, 8-bit/color RGBA, non-interlaced Hashd950b67aeece85936307a7d927f38f85 8cdb4be5f991f7adf9e794dfbd7078145598e057 3b51408bdbc9803485ea3dc1567dae9967c341e5ee3fe1d93f670f1083955891
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//cmRccbz.png HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:46 GMT
content-type: image/png
content-length: 2879
last-modified: Tue, 23 Jan 2024 18:42:00 GMT
etag: "b3f-60fa14d3ddcd5"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 2424
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ep0OgtK9FuJGCZGiHXmDbyGIebMECEQ5ZtyDlr%2BwvqQ0Nid2R%2BmnyChqXs%2Bn1bRoVRwQxIcimDdNvHldrn5hbYX4DocEpsmWIV06LqZz%2FsKxGuHA%2BHcvG28TSCcI1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818644bcef656ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images//l8Y1Evx.png | 188.114.97.1 | 200 OK | 6.6 kB |
URL GET HTTP/3filesfly.cc/images//l8Y1Evx.png IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 182 x 45, 8-bit/color RGBA, non-interlaced Hashe3d58d6cf5f1c0f018b798cb8c014b1b 0612b7c41c4b1586d4dbc5c0f55f91f97e8ed629 a295f987053691badde3930d0d1abed6319e38fd0b02056801cfe979c6db3160
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//l8Y1Evx.png HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:46 GMT
content-type: image/png
content-length: 6555
last-modified: Tue, 23 Jan 2024 19:01:37 GMT
etag: "199b-60fa1936cd6ac"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 5692
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GFRaZuU65gwCg6LMekcVhF7LCp%2Bw7%2FyT2Z%2F%2BIb5BXZZu2um9kliMLkjAiBm7BrkDZjJ7N3LGNzW%2FM7kzHqw3m%2FJWLuVDbEcmgCdZ1Z7wAXur1EXGUK8Wx0nu9B8Juw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818644bcef756ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/ds1/js/bootstrap.min.js | 188.114.97.1 | 200 OK | 9.8 kB |
URL GET HTTP/3filesfly.cc/ds1/js/bootstrap.min.js IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeJavaScript source, ASCII text, with very long lines (32033), with CRLF line terminators Hash04c84852e9937b142ac73c285b895b85 8fb8a9319055253d085edfc3bb72d20f614ec709 36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ds1/js/bootstrap.min.js HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:46 GMT
content-type: application/javascript
content-length: 9811
last-modified: Fri, 03 Feb 2023 10:28:36 GMT
etag: "90bb-5f3c924dedc77-gzip"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 3838
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w4nIuEkYktd%2BPKFO4YtRIt3pODjjTjcEP2QAo%2FH05e%2BqoUjDJIG8tcVpNbLYoPBy7OTvpZ4392RcMop4ZQeFDFiKafhKGEz%2BUkNQMluga1GMC0LUCkdGO%2Bt2qkFiKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8818644bff2956ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/ds1/js/clipboard.min.js | 188.114.97.1 | 200 OK | 3.3 kB |
URL GET HTTP/3filesfly.cc/ds1/js/clipboard.min.js IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (10553) Hash663a6b278b0dbd648f3fe0700d3ce4f2 14561a800d543a44a5d538c82ec5f41bd6103b83 67c123eb92c5add45ce587c51234b10e51ab61fec36fa0b28180792b27f212e2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ds1/js/clipboard.min.js HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:46 GMT
content-type: application/javascript
content-length: 3281
last-modified: Fri, 03 Feb 2023 10:28:36 GMT
etag: "29a5-5f3c924e339aa-gzip"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 3838
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=owFa4sUCb2LmIkoey4wPgHiKLPicA8yAejp3XgXwEtar2jqTjWxHlBlNCFr0W4jr92p1kf%2BnR1bTrQYa1lKSZP1NddjEw%2Fw8MFZq%2BL0gnxWrc0JbidrD0XxXiECSSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8818644bff2c56ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/ds1/js/feather.min.js | 188.114.97.1 | 200 OK | 17 kB |
URL GET HTTP/3filesfly.cc/ds1/js/feather.min.js IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (62085) Hash26c35da1f95aabbac8a3cc1388f86381 1587358c4cf4cb3d915349b0744903347ec476d9 34eff09d3a94fa86b4f3e5af9cf391515e8e2caa3ebb6d7fe6ed13e5778ff8e0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ds1/js/feather.min.js HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:46 GMT
content-type: application/javascript
content-length: 17300
last-modified: Fri, 03 Feb 2023 10:28:36 GMT
etag: "ff31-5f3c924ea8cb0-gzip"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 426
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ajZKZQOG4xgfjjyYNsA6NT001DWqIWreIu2YFhvXzR%2FaLTbf%2BfnGSCppBALVQAqSE%2FaQ%2FwSRvV0DxnfUIlvTCmJ21C9dXaFVSCt%2FFVZ8OmnDf60ZQE1MD0JAOk8erw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8818644bff2d56ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/ds1/js/main.js?v=3 | 188.114.97.1 | 200 OK | 338 B |
URL GET HTTP/3filesfly.cc/ds1/js/main.js?v=3 IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeJavaScript source, ASCII text Hash6215261089af2e7a51a6d8fd4c5b1c4b 13368dc1cf83c9490ec30da50880215456c1fdb9 d970b5c6138015be569be57ee8233f16aa8d06b634ab4469243d9e518ae7b973
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ds1/js/main.js?v=3 HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:46 GMT
content-type: application/javascript
content-length: 338
last-modified: Fri, 03 Feb 2023 10:28:38 GMT
etag: "334-5f3c92506001f-gzip"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 426
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LFh8y6aa3HBk9Xf6ZPAuNVGbTKHJpux2M%2F2EnDZPsPeQgv1dg1PKcOXCH0nCEsjaPCBFcUII8DMX61%2Bac5EAuIzPoG%2BWxB5pIlUsNGhK238jf8JTflkNhI6lowsS9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8818644bff2e56ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| use.fontawesome.com/releases/v5.6.3/js/all.js | 104.21.27.152 | 200 OK | 401 kB |
URL GET HTTP/2use.fontawesome.com/releases/v5.6.3/js/all.js IP104.21.27.152:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size401 kB (401109 bytes) Hash7b6ab1d5b8de4d3b0e2d8084ad292818 93d2d51538bc25efe45ed6a909114b2e75b9c54e 80f7935587fcf36206dc79d2b46332eca6ff6cc40a12ce09fe66efd02336d97e
GET /releases/v5.6.3/js/all.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://filesfly.cc
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:59:46 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31556926
etag: W/"7b6ab1d5b8de4d3b0e2d8084ad292818"
last-modified: Fri, 22 Sep 2023 01:45:44 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 834059
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VDKZex8%2BkK%2BjPLT9xMi7SZ%2FU3zgTI8eH71GXE0M%2FQb8wPuN0CW2lDOOVXVJjD2xPOz%2FBvG9BmnHo9wHk5N%2BvBNzUVcsX5kY6cqoDkH2cKC1n7xVnBtrZSY4LSYcIJqh5uvOW6amA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8818644d4e330b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| filesfly.cc/images/ZmWjKgV.jpg | 188.114.97.1 | 404 Not Found | 791 B |
URL GET HTTP/3filesfly.cc/images/ZmWjKgV.jpg IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeHTML document, ASCII text Hash467578f8986c91f1d67c3045c298ba86 a57c51f8317ed8ca7a00a29a0b73050b95cd3cf6 a96a07b625bb698afcde83b16dbf9f7fc88e60d1a464ae123c9e1aff6abdbe24
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/ZmWjKgV.jpg HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Fri, 10 May 2024 07:59:46 GMT
content-type: text/html; charset=utf-8
last-modified: Wed, 28 Oct 2020 10:37:59 GMT
cache-control: max-age=28800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lejYpcaYnh1QNzFOxtLvAyvdzlw94AaqqrmmbbQwvXb8VmDy2HDw1sS1maF6umdWHvu5EMhcogEbCl5Th18w39QyLhlAQsyBAaFySrmS1LDq1gh%2BbxtT7zX%2F0KrCNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818644e4ac356ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459Wlhzg.ttf | 216.58.207.227 | 200 OK | 24 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459Wlhzg.ttf IP216.58.207.227:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeTrueType Font data, 17 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 The Montserrat Project Authors (https://github.com/JulietaUla/Montserrat)Montserr Hash6a9e85ac9247f5848db957b873c62e0c 1f3ed7fd6d8b0db9e94bc15a6dc56728f23d4fda 07ae7cf9c7f3bfc4bc63842bb07e5846837c0071f8d96042de9d0f4a3cc997b6
GET /s/montserrat/v14/JTUSjIg1_i6t8kCHKm459Wlhzg.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://filesfly.cc
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24251
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 17:56:29 GMT
expires: Fri, 09 May 2025 17:56:29 GMT
cache-control: public, max-age=31536000
age: 50597
last-modified: Tue, 23 Jul 2019 03:46:21 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD-w.ttf | 216.58.207.227 | 200 OK | 24 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD-w.ttf IP216.58.207.227:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeTrueType Font data, 17 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 The Montserrat Project Authors (https://github.com/JulietaUla/Montserrat)Montserr Hash8b7179f87b4365d145bbe3033b4a3c66 a282bab2ebc8e3a0636eefa018fe1c1e709b29d0 a4b0943e5312a5e2b4204d46f33b6f227a7fec6bb36c3ea712f1d99c05c999c2
GET /s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD-w.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://filesfly.cc
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24295
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 02:21:58 GMT
expires: Sat, 10 May 2025 02:21:58 GMT
cache-control: public, max-age=31536000
age: 20269
last-modified: Tue, 23 Jul 2019 03:46:34 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD-w.ttf | 216.58.207.227 | 200 OK | 24 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD-w.ttf IP216.58.207.227:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeTrueType Font data, 17 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 The Montserrat Project Authors (https://github.com/JulietaUla/Montserrat)Montserr Hashacb878a397bf674d7baa32a3267e5a3c 3b0d325c652fe6508abae0aadbd04e6176dcb125 56205168d373cb37b1870db837e74e2675593b7f930d00b2ff85c83bf886b484
GET /s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD-w.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://filesfly.cc
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24405
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 13:08:39 GMT
expires: Fri, 09 May 2025 13:08:39 GMT
cache-control: public, max-age=31536000
age: 67868
last-modified: Tue, 23 Jul 2019 03:46:43 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| filesfly.cc/images//Yz5TgHJ.jpg | 188.114.97.1 | 404 Not Found | 1.1 kB |
URL GET HTTP/3filesfly.cc/images//Yz5TgHJ.jpg IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeHTML document, ASCII text, with very long lines (1086), with no line terminators Hash555d11d15d6c98682c92861a269f8a23 f7e3a528dfc01eb9b890c84291be929697d92eb5 d1ed016f7004e1c73d596c4cc25a9563af6d2af48b4e90878b12dd1576248b46
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//Yz5TgHJ.jpg HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 10 May 2024 07:59:46 GMT
content-type: text/html; charset=utf-8
last-modified: Wed, 28 Oct 2020 10:37:59 GMT
cache-control: max-age=28800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NHg3EUGoaiJDhXPHb9SsiNyVG4z%2FtbEiHlsjTcYIQdST97H59lIjtndH9Ilan2Djq0pxvzWCiweBDlAabb0Lnt%2F65wQG5YvIowIEFlcTtqbHlXH48Nmw8oTtnRF39w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818644e5ad256ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images//ZmWjKgV.jpg | 188.114.97.1 | 404 Not Found | 1.1 kB |
URL GET HTTP/3filesfly.cc/images//ZmWjKgV.jpg IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeHTML document, ASCII text, with very long lines (1086), with no line terminators Hash555d11d15d6c98682c92861a269f8a23 f7e3a528dfc01eb9b890c84291be929697d92eb5 d1ed016f7004e1c73d596c4cc25a9563af6d2af48b4e90878b12dd1576248b46
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//ZmWjKgV.jpg HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 10 May 2024 07:59:46 GMT
content-type: text/html; charset=utf-8
last-modified: Wed, 28 Oct 2020 10:37:59 GMT
cache-control: max-age=28800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FXnaaz9eqYrSAIb9Sj4hhQG1ttzOKi4FE2ScFuqdXOhMhaOGcrwnsqKVDyLujhQ5IIzef993lLZ2MnCd2cU5nV4rzQ1JemtWgcf3yHkdejxFiAxnBXWZmJNik7PlIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818644bcef456ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images//Yz5TgHJ.jpg | 188.114.97.1 | 404 Not Found | 1.1 kB |
URL GET HTTP/3filesfly.cc/images//Yz5TgHJ.jpg IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeHTML document, ASCII text, with very long lines (1086), with no line terminators Hash555d11d15d6c98682c92861a269f8a23 f7e3a528dfc01eb9b890c84291be929697d92eb5 d1ed016f7004e1c73d596c4cc25a9563af6d2af48b4e90878b12dd1576248b46
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//Yz5TgHJ.jpg HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 10 May 2024 07:59:46 GMT
content-type: text/html; charset=utf-8
last-modified: Wed, 28 Oct 2020 10:37:59 GMT
cache-control: max-age=28800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MUYUDVXQnvG7nt3VaUEAsqMJ9yC41DPVQ86OQOnQKXloWnVDPv%2B7bksHZkoUo%2FU4PEe0xKS1lei7XZMuY%2F1f9JkmhYC2Cn5HwSUez8I2TwecTM7T%2FnCGckk18N%2FvyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818644bbede56ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images//ZmWjKgV.jpg | 188.114.97.1 | 404 Not Found | 1.1 kB |
URL GET HTTP/3filesfly.cc/images//ZmWjKgV.jpg IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeHTML document, ASCII text, with very long lines (1086), with no line terminators Hash555d11d15d6c98682c92861a269f8a23 f7e3a528dfc01eb9b890c84291be929697d92eb5 d1ed016f7004e1c73d596c4cc25a9563af6d2af48b4e90878b12dd1576248b46
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//ZmWjKgV.jpg HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 10 May 2024 07:59:46 GMT
content-type: text/html; charset=utf-8
last-modified: Wed, 28 Oct 2020 10:37:59 GMT
cache-control: max-age=28800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DuEZD%2FqmJ9vCebtQBVox%2BoZz3Ml4EqmDkQu%2BDooLcy9Hb54W%2FM8fpc8w735NxClO4UI2lJxTII4n42ogyTmE5HdZqQVCDXmY5%2FghtQZ%2FOLuo%2BvQa%2BgfWzeoIBkEcOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818644e5ad756ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/favicon.ico | 188.114.97.1 | 200 OK | 501 B |
IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 16 x 16, 8-bit/color RGB, non-interlaced Hash6653f0c823d3c9f175bfb90ad3b0d3cc c874100b1b77c4b5dae9790cc73d2d34b81109b5 e8cbac8e5dae96061791f3c28a87b06321f1810dad780e94e13b37fdba26dbe5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:47 GMT
content-type: image/vnd.microsoft.icon
last-modified: Fri, 03 Mar 2023 14:17:38 GMT
etag: W/"1f5-5f5ff9b8d41cd"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 6031
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VCKU%2Fvjq1C0PdbzoR2S2yun7YUvz%2BRL8LtVoxjDsC9LtI1gvaVJ6wE%2BnEyZvlLLpYx5bmCSj78bad9OjJ5DWjAvaQM79jAwFoQ6WYiSdbz9aMnlAxwmM1X6bvzTa5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881864507eb756ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700,900 | 142.250.74.106 | 200 OK | 14 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700,900 IP142.250.74.106:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hash4f4fa61db125e4c00dc6f9f4d199e89b bdaf7a0e75f558159b5bac2ee6805dd4b275dd44 63d8cb5abb5a29a5284e6b2dd63078d2d89050b399dc0de659f7fbbde97b34ed
GET /css?family=Source+Sans+Pro:200,300,400,600,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 07:59:46 GMT
date: Fri, 10 May 2024 07:59:46 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|