{"report_id":"209ff4de-74d3-4978-b68e-c6d472232496","version":6,"status":"done","tags":[],"date":"2024-12-25T03:46:42Z","url":{"schema":"http","addr":"filesfly.cc/kgxfws0x3k6u/1783748.zip","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"filesfly.cc/kgxfws0x3k6u/1783748.zip","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"title":"Download 1783748 zip"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"","expires_at":"2027-03-05T03:46:42Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"use.fontawesome.com","ip":{"addr":"172.67.142.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2012-10-18","domain_rank":942,"first_seen":"2017-01-30T04:43:25Z","last_seen":"2024-12-25T02:42:06.044845Z","alert_count":0,"request_count":1,"received_data":406970,"sent_data":441,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2024-12-25T01:37:07.227084Z","alert_count":0,"request_count":3,"received_data":75585,"sent_data":1574,"comment":"","tags":null,"fingerprints":null},{"fqdn":"aus5.mozilla.org","ip":{"addr":"35.244.181.201","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"1998-01-24","domain_rank":2548,"first_seen":"2015-10-27T07:06:24Z","last_seen":"2024-12-25T02:07:38.845772Z","alert_count":0,"request_count":1,"received_data":6510,"sent_data":512,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":8877,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2024-12-25T01:34:47.792051Z","alert_count":0,"request_count":1,"received_data":15316,"sent_data":457,"comment":"","tags":null,"fingerprints":null},{"fqdn":"filesfly.cc","ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2023-02-01","domain_rank":0,"first_seen":"2023-02-02T10:52:39Z","last_seen":"2024-12-23T11:50:42.756148Z","alert_count":35,"request_count":35,"received_data":288097,"sent_data":17065,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"filesfly.cc/ds1/js/bootstrap.min.js","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"04c84852e9937b142ac73c285b895b85","sha1":"8fb8a9319055253d085edfc3bb72d20f614ec709","sha256":"36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64","sha512":"e27be06bc898dcf893f06cc49cafcbb6ba6e3a69106a89a500f6993e57600b3636392784811237a1a783967dbe05d57a0769c78f8074a0c3a59b16b655b1d350","ssdeep":"768:72rGy27UwlNqMl95qNmCFejhqs8snmi+CSFXfgx8Gf3Zq7Q:yg73zhq0GvgJ3ZKQ","tlshash":"eff28606b23031a147efb1e1525b020e7239696ee906907c78b99af53db9c48717bf3d","size":37051,"data":"","first_seen":"2023-03-07T01:03:32Z","last_seen":"2026-05-20T05:37:07.703855Z","times_seen":6130,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/ds1/js/main.js?v=3","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6215261089af2e7a51a6d8fd4c5b1c4b","sha1":"13368dc1cf83c9490ec30da50880215456c1fdb9","sha256":"d970b5c6138015be569be57ee8233f16aa8d06b634ab4469243d9e518ae7b973","sha512":"9f5ec7d8ed5d430c024a1dbae3161b362fe0c8684d6e8243fb2403d8edd11c3106f951d2238f3a2ae90b426a3b994386c7388924573908aaa4a818f68986dbc6","ssdeep":"","tlshash":"1d11222a703835b295037de5aafb82452a1e360c4261c310bd0c8eca1f4d6288f97b6d","size":820,"data":"","first_seen":"2023-03-08T16:24:12Z","last_seen":"2026-05-09T07:58:42.853085Z","times_seen":102,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"use.fontawesome.com/releases/v5.6.3/js/all.js","fqdn":"use.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"172.67.142.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"7b6ab1d5b8de4d3b0e2d8084ad292818","sha1":"93d2d51538bc25efe45ed6a909114b2e75b9c54e","sha256":"80f7935587fcf36206dc79d2b46332eca6ff6cc40a12ce09fe66efd02336d97e","sha512":"b841c94b9f60a6ec7203dd6768b33d6d1ce7f5800edb1fcc491c232b0100d0e25695faa8d28c93ffb2b24379b326671d293043387db93c7a02a453bb0c189b9c","ssdeep":"6144:ijomRljxE0jUKDV6+zhxc4Cp2Dnio/NULootRtKzW/aXQawefAJ0GStZbJa8wDK5:iljivH4CNtRwVXQatFEu","tlshash":"d235e568d760a3fc9dc683b5c6312474798f91ae71e09328d2b8c6b0b2675dcd6c9cc9","size":1113926,"data":"","first_seen":"2023-03-07T01:03:32Z","last_seen":"2026-05-20T00:58:57.279979Z","times_seen":960,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/ds1/js/jquery.paging.js","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d7a2c1c7af2a004a6d68e1e55b1cfb46","sha1":"7fd6daa7076c30381880519ad06ef5639b19ee28","sha256":"c8ecfe747c979fbd87624913200a9237343679923b495885bced089b80fc84f6","sha512":"36693be0b502594cd29b55690eef5a26768a54c05d453cc80abc248db4672b84e9e0130ffc07b18d3ad6b0e1a8666982b861098796db02f7bc5986e74a804ee5","ssdeep":"384:HkTHopqVdI1Zx/wnH9pvJs/8BhmuqBNaz+r7xyCX:HkTHopq7wZx/wnH9JJsEzmuqBNaz+r7r","tlshash":"5b925348e9ea1432622361ba7eef1059ae7ce0379104dd4db84c41a81f55f34b3b9ba9","size":19365,"data":"","first_seen":"2023-03-07T01:23:22Z","last_seen":"2026-05-20T00:42:20.099726Z","times_seen":4226,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/kgxfws0x3k6u/1783748.zip","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"a10faca4ada9bbdcb1b350c8d4fdbceb","sha1":"acb8f3cfe394c96d40e8bc0a300ab889811849b9","sha256":"cd39142e37a1c495b80ad9e423875277b29731e29a0538ce4c256e4b36eb9910","sha512":"4c76ad96764ca259262c498279cf2c38d583e35d13bfcc596a6607c6bfc1fde5f5ab034f929f533403156ba64502eb6fc554998df3373e35c7e71824e106cc76","ssdeep":"","tlshash":"7dd0a93bb0f453080837b0b94a6b82428c72b02baa86ee08392c79c00f1ea848426b04","size":286,"data":"","first_seen":"2023-03-08T05:15:30Z","last_seen":"2026-05-16T05:44:21.62288Z","times_seen":430,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/ds1/js/jquery.cookie.js","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"87ec184596af8855bb7cca6554af2c1f","sha1":"15f1ef7fcb2df1ca1e4674a56f0a13bb088343b6","sha256":"64a7a0e3612b87d5088ceb8daf269c7cd96acfd33b2c380ebaaa43fe3d69553a","sha512":"28ef9487f82b2a6903c8560967d707a2d2de99ccbc49a04d49f1c7720cae34877533c9dfc96b3ee131a6cc3cce1eb9f4187cd7975318a8f531bd8a5bee533fc1","ssdeep":"","tlshash":"6731fc88388c2d2445fb1be035ff05a8b63ddfb2109a1098c561a7e03d74c42eaa7e69","size":1801,"data":"","first_seen":"2023-03-07T12:01:42Z","last_seen":"2026-05-20T00:15:46.404392Z","times_seen":584,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/ds1/js/paging.js?0","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"114fe6dcd2944b3177a6379943ea185e","sha1":"4b27b2d70966a74f56ec3337f5e28106612dc696","sha256":"3ae7654118ffbd2ae15e631ce033658bac67f13f8cb2d324785c811907802e62","sha512":"b32c76633589b1523918cc7ce745a2658bf4db2768a247799e4c4a64186a788bc6af8f2ba961bfab1e372bfedbc0e0364c7432217f9a01235df31c3ec3b0f384","ssdeep":"","tlshash":"3c41fe5e3542e03023176ba75b7642806e2a79098071cb09bf0cd0d70f8bd14b2866bd","size":1877,"data":"","first_seen":"2023-06-18T07:15:50Z","last_seen":"2025-10-18T01:55:21.35768Z","times_seen":97,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/ds1/js/bootstrap-confirm.js","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"13e84d62c5ce28fec7dd109f4239faed","sha1":"a359b9ea089025e48dc4d37f1109adc24b880f4a","sha256":"1aa447152804b042de3b66ecb4d77a851f8ec762a2501bfbdde2204efe06babc","sha512":"44de8ada72adbd4e0042245051a9784e7f8db161689e9ed745474b0e8e67596b3a2d680a655df6da73f3dbfb048e8fbeb2a79d0eba4fcdf79225ba842c8a7577","ssdeep":"","tlshash":"937165f8253e3b174a6617b5b08395a271a73c52f423f1b268553ca8c0def08fa5bd90","size":3213,"data":"","first_seen":"2023-03-26T03:58:18Z","last_seen":"2025-10-18T01:55:21.332257Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/ds1/js/clipboard.min.js","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"29d75d3fe915e080f2de2751ea56e22c","sha1":"f408de541f27d0bd356fada7f68508a8864d6290","sha256":"6303b8cc9e7f9ab6de66e994c5ee85547685fe3747157c00430029c217b46843","sha512":"7fbd942df55a6cf6d750b2e768f0d369e995adaac2cc420165046f5c5c34a9493c201af93581e9aa6c42f3f99e90fb1ca18fa21f66cca01ab83338bd2c22c929","ssdeep":"192:c5Hh4LyP153pPJ7rVWLBTwuLJ/eXbA5gpEHa4Lyc2mltIjk1QGo:ckA3JVVWLBT9LJ/eXbA5Tj2mzg/","tlshash":"0222855cb280b1b19ae760a9813f424fb371a469709a90d4b239e8f1bd78dcd5467f3c","size":10660,"data":"","first_seen":"2023-04-09T17:46:05Z","last_seen":"2026-05-09T07:58:42.868397Z","times_seen":169,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/ds1/js/jquery-1.9.1.min.js","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","size":92629,"data":"","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-05-20T05:57:19.955572Z","times_seen":66376,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/kgxfws0x3k6u/1783748.zip","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"35345a715e8cf2e855c5312dc84a3f69","sha1":"e8b4cf4fe3222954e37a37a57ed25e078ff0ac1a","sha256":"782138467c4912d5a7efd55f53a8b00d0410fca43e11e1264b3700129e599d3d","sha512":"bf678249a4953b908d38068ae765fba1e441eb7059813ba860d51ab9a1867f523107549102ce0e272659e207b12f85ff4d238a2341320f2af877d0bc94db0c19","ssdeep":"","tlshash":"0c014c3d30f6b4a5983331366a7b9404363250135569da0cfc7ea9a00fe505aef53a6e","size":835,"data":"","first_seen":"2023-03-08T16:24:12Z","last_seen":"2026-05-09T07:58:42.902367Z","times_seen":104,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/ds1/js/dialogs.js","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8f19d2b941fc4a8614a7a6f233e49a29","sha1":"7980862eb90fb9e0c2b02ac70ebdfc9dc0db005a","sha256":"1975797185c3c769419f07fbe680ac651209b7b3de90bf686f2da0409cc123c2","sha512":"0ad66186263a7fdbcd4db29e3364446bb26a10363144115d2744e264d2fa63aaad0373c6c4664b576b40794dcefb8c7ff0ad464aebcd1df43e9a01c88583332c","ssdeep":"","tlshash":"1f419b8fb42979304b533f75e5e71081b031328858619926fe8ce2d70727b2aa791bfd","size":1869,"data":"","first_seen":"2023-03-26T03:58:18Z","last_seen":"2026-02-04T06:40:02.228491Z","times_seen":82,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/ds1/js/feather.min.js","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"26c35da1f95aabbac8a3cc1388f86381","sha1":"1587358c4cf4cb3d915349b0744903347ec476d9","sha256":"34eff09d3a94fa86b4f3e5af9cf391515e8e2caa3ebb6d7fe6ed13e5778ff8e0","sha512":"cd7222e5fc92829c47b77cfa920d6feae434d584aa5964c777919c86053495d1cb3defa59a76f984f072c53fff7889b6af9d1290b2c706c2d4f11c875e287173","ssdeep":"768:mN19Xq52epoJVg+Os+HNsojRuhcEdDXisLqxriT9aJ0s/vz55tr/4SRBxK:mNA+OXRTK","tlshash":"92532c367d4dba9fd00743e61a1f6166235f22fff98c4214e05d02b0c9276d6ee67a28","size":65329,"data":"","first_seen":"2023-03-08T16:24:12Z","last_seen":"2026-05-09T07:58:42.833807Z","times_seen":106,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"filesfly.cc/ds1/js/jquery-1.9.1.min.js","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.242Z","timestamp":1735098377242,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /ds1/js/jquery-1.9.1.min.js HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 32729\r\nlast-modified: Fri, 03 Feb 2023 10:28:37 GMT\r\netag: \"169d5-5f3c924eed274-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 5949\r\naccept-ranges: bytes\r\npriority: u=2,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=crV82zvoMENkPKE4OT%2FmN%2Bje8%2FCdUKBpRmTfD0x0TQL2ZfKqmMuEa0Woe5hxjr6v5W%2FG3GxIpPinyHy1JgEaYp66F9Aeh0XTZnQONl2MvADCAm%2F%2BHbK%2FD69gQdb2ew%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8f75d7d98b0f56be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=4335\u0026min_rtt=1492\u0026rtt_var=2590\u0026sent=24\u0026recv=9\u0026lost=0\u0026retrans=0\u0026sent_bytes=16125\u0026recv_bytes=2063\u0026delivery_rate=398097\u0026cwnd=12000\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=444\u0026x=1\", cfExtPri, cfHdrFlush;dur=2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32729,"size_decoded":92629,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32089)","md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-05-20T05:57:19.955572Z","times_seen":66376,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/ds1/css/bootstrap.min.css?v=12","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.245Z","timestamp":1735098377245,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /ds1/css/bootstrap.min.css?v=12 HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: text/css\r\ncontent-length: 19597\r\nlast-modified: Tue, 21 Mar 2023 00:33:22 GMT\r\netag: \"1d9ec-5f75e30e302ea-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 5949\r\naccept-ranges: bytes\r\npriority: u=2,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=fjn4OEB7ei5UQADf99w84WqeB4k0bUYGARj4Zt9vYPVeGDTIFN18PzAlElYzAKfkQgaFjGDWXTH9nmaYUA7zAreqf1wMCIA%2F8MKH%2Fm1Ssjsm60VAAiXguwumI4yK8w%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8f75d7d98b1156be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=4335\u0026min_rtt=1492\u0026rtt_var=2590\u0026sent=14\u0026recv=9\u0026lost=0\u0026retrans=0\u0026sent_bytes=4125\u0026recv_bytes=2063\u0026delivery_rate=398097\u0026cwnd=12000\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=444\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19597,"size_decoded":121324,"mime_type":"text/css","magic":"ASCII text, with very long lines (65367), with CRLF line terminators","md5":"af38cc1f2c4694f23f716a7acbdae761","sha1":"e24059cbfac6277b602872644e0f1c00f5bfd38a","sha256":"5a4ffbbe02a84f7d6281485f1391881b2ebdea342789b3de948e67bba817eba2","sha512":"3366bf746e1d3cbdf15446224b5dd0fc4f9624fa16fd5d67fb7b72ce24703f47ba464a6ba355b8e60efb19e0e89088e128c19252d66aadba9230272cd7fe0dcb","ssdeep":"768:Xy3Gxw/Vc/QWlJxtQOIuiHlq5mzI4X8OAduFKbv2ctg2BE8JP7ecQVvH1Fx:Jw/a1fIuiHlq5mN8lDbNhPbU","tlshash":"a4c3c7a0f21031ea7333c55a75d0ed872219a153e6664fb7f22f25d88f845ca16b3f1a","first_seen":"2023-04-09T17:46:05Z","last_seen":"2025-10-18T01:55:21.3687Z","times_seen":98,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/ds1/css/ie10-viewport-bug-workaround.css","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.247Z","timestamp":1735098377247,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /ds1/css/ie10-viewport-bug-workaround.css HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: text/css\r\ncontent-length: 285\r\nlast-modified: Fri, 03 Feb 2023 10:28:33 GMT\r\netag: \"1be-5f3c924b2425a-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 5949\r\naccept-ranges: bytes\r\npriority: u=2,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=Gd4xX3iCPmlNOfsKAvCQZ%2B%2FZTzjfWe9voeL%2FgTDeDf8ZAQGNOdR8SENtmWIhRXr97IdhXGLEserWToTiXh4pePkT3wKUU43WPdJK9EI2ed%2BKyzC%2FZvsOoFEPqrZGUg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8f75d7d98b1556be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=4347\u0026min_rtt=1492\u0026rtt_var=1967\u0026sent=45\u0026recv=12\u0026lost=0\u0026retrans=0\u0026sent_bytes=40151\u0026recv_bytes=2938\u0026delivery_rate=27988\u0026cwnd=24000\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=446\u0026x=1\", cfExtPri, cfHdrFlush;dur=5\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":285,"size_decoded":446,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"3b9060cf62bfb4ddc5cf5e1e5204a579","sha1":"bb8c9bd6dc1947ebc51c510ba729b8f48cd5d2aa","sha256":"5c83d64fd31a699a81efd8430a7100f1aeb83024f88b252273c9f5de31309e13","sha512":"a1fe9190764a8e2abac6fc7e389d5fb6b5c6669ead738d657a008803ed738889564712ba0eecd2fdaf376d8f76540e3e961fa8367df5330fd5e5bd024d32e69d","ssdeep":"","tlshash":"27f05583d200605a0b33036bea0ba18ad6bd04443fc764c23e4c03504f2a4c30036fc8","first_seen":"2023-05-05T12:28:22Z","last_seen":"2026-05-19T05:01:51.247804Z","times_seen":144,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/kgxfws0x3k6u/1783748.zip","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-12-25T03:46:16.441Z","timestamp":1735098376441,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /kgxfws0x3k6u/1783748.zip HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:16 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nexpires: Tue, 24 Dec 2024 03:46:16 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\ncf-cache-status: BYPASS\r\nset-cookie: lang=english; domain=.filesfly.cc; path=/\naff=83158; domain=.filesfly.cc; path=/; expires=Wed, 08-Jan-2025 03:46:16 GMT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=mgpWJXNe0ildaTtBvrQsArNkxQHknm9RVfe8ICwFZR7n5ECdL0gaDW%2BRQTiiu91874V78Fj6TjMt4qyECvfetAroLcjHGMV8Ul55SP4v6qnfR7o4oEEDEtSh%2FMOcOA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8f75d7d4df43568d-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=6352\u0026min_rtt=422\u0026rtt_var=11875\u0026sent=7\u0026recv=11\u0026lost=0\u0026retrans=0\u0026sent_bytes=3199\u0026recv_bytes=1132\u0026delivery_rate=8775757\u0026cwnd=254\u0026unsent_bytes=0\u0026cid=be09dcc8a4e120c0\u0026ts=315\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13836,"size_decoded":25635,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1648)","md5":"b2fb2cd5566b570a5e3e41dcb6dc31c9","sha1":"413ffbf88e9a8667728f2cc5f62d9af66156c829","sha256":"8015a99cc37cb4662e33ffddc522b6a2a075356d3aef03ac942147268b3ce6ec","sha512":"8eb27e54f89b1ed41f0a0526d047dc6b6d95cc990975234902f9330beb3f1d8bb7abc6012f6d006530c2f93cdc486d27c5a988fec794975d4125b6cc073c09ae","ssdeep":"192:kogvJNIYmewIoWRqN7r2hhQt88q5479VowJWSCLyes44a1WP2Ad7oadM/AbwY2Yz:3Ym6oWRqN32hhQt8f5/X2P0/Ab/24","tlshash":"f8b25f7313ca2c33310145e774257a6eac8b193fe0256f06b2ff15d6afc059b192a66e","first_seen":"2024-12-25T03:46:43.723882Z","last_seen":"2024-12-25T03:46:43.723882Z","times_seen":1,"resource_available":false,"data":null}},"time_used":335,"timings":{"blocked":15,"dns":1,"connect":1,"send":0,"wait":299,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/ds1/js/jquery.paging.js","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.257Z","timestamp":1735098377257,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /ds1/js/jquery.paging.js HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 4311\r\nlast-modified: Fri, 03 Feb 2023 10:28:38 GMT\r\netag: \"4ba5-5f3c9250056e2-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 5949\r\naccept-ranges: bytes\r\npriority: u=2,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=CzTLirtMI6ZY3OCyJSVbrmuKyRJrYKfx7FQ5tDvRZmdCgsZplRfihx0vcufiBLbe%2BEMJ3%2BRjXlySdoejPwPwh6ymtTeKhnNfbQySOWsFoyXHVTEpNQF7fZj9Q8yEpQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8f75d7d99b1b56be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=3982\u0026min_rtt=1423\u0026rtt_var=2206\u0026sent=65\u0026recv=15\u0026lost=0\u0026retrans=0\u0026sent_bytes=61549\u0026recv_bytes=4352\u0026delivery_rate=3930975\u0026cwnd=48000\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=454\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4311,"size_decoded":19365,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"d7a2c1c7af2a004a6d68e1e55b1cfb46","sha1":"7fd6daa7076c30381880519ad06ef5639b19ee28","sha256":"c8ecfe747c979fbd87624913200a9237343679923b495885bced089b80fc84f6","sha512":"36693be0b502594cd29b55690eef5a26768a54c05d453cc80abc248db4672b84e9e0130ffc07b18d3ad6b0e1a8666982b861098796db02f7bc5986e74a804ee5","ssdeep":"384:HkTHopqVdI1Zx/wnH9pvJs/8BhmuqBNaz+r7xyCX:HkTHopq7wZx/wnH9JJsEzmuqBNaz+r7r","tlshash":"5b925348e9ea1432622361ba7eef1059ae7ce0379104dd4db84c41a81f55f34b3b9ba9","first_seen":"2023-03-07T01:23:22Z","last_seen":"2026-05-20T00:42:20.099726Z","times_seen":4226,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/ds1/js/jquery.cookie.js","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.258Z","timestamp":1735098377258,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /ds1/js/jquery.cookie.js HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 802\r\nlast-modified: Fri, 03 Feb 2023 10:28:37 GMT\r\netag: \"709-5f3c924f7b7d3-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 5949\r\naccept-ranges: bytes\r\npriority: u=2,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=6O0KatPh5QtwfNwxMc5Robx5O3ciQDQ1yvyFAZVXd4jsbb9qJGXSwy8AJLmg5XuCux5zo8%2FhBLEsH9eQlwCVqbaHWSKz54AtnK9WYsmA3HlNgeCEQ2LccQCsM7bLHA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8f75d7d99b1c56be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=3982\u0026min_rtt=1423\u0026rtt_var=2206\u0026sent=55\u0026recv=14\u0026lost=0\u0026retrans=0\u0026sent_bytes=50455\u0026recv_bytes=3288\u0026delivery_rate=3930975\u0026cwnd=48000\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=451\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":802,"size_decoded":1801,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1801), with no line terminators","md5":"87ec184596af8855bb7cca6554af2c1f","sha1":"15f1ef7fcb2df1ca1e4674a56f0a13bb088343b6","sha256":"64a7a0e3612b87d5088ceb8daf269c7cd96acfd33b2c380ebaaa43fe3d69553a","sha512":"28ef9487f82b2a6903c8560967d707a2d2de99ccbc49a04d49f1c7720cae34877533c9dfc96b3ee131a6cc3cce1eb9f4187cd7975318a8f531bd8a5bee533fc1","ssdeep":"","tlshash":"6f31dc98388c2d2545fb1be035ff05a8a23cdf7210aa1094c561a6e07d74c42eaa7e69","first_seen":"2023-03-07T12:01:42Z","last_seen":"2026-05-20T00:15:46.404392Z","times_seen":584,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/ds1/js/paging.js?0","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.260Z","timestamp":1735098377260,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /ds1/js/paging.js?0 HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 646\r\nlast-modified: Thu, 13 Apr 2023 14:38:40 GMT\r\netag: \"755-5f938ae453434-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 5949\r\naccept-ranges: bytes\r\npriority: u=2,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=1Y3bLXfj9G02Ju9%2FwIV6Cg3sK3ApAKtHVgpGEo8ORcroWfp3PRdv3WOmVlWDLLymF6pT1pLIBInXUbLB7rMJ6dO3XUcfZovKsb%2B4jR5PHM8j9BYNM8czlgmVnqCrwg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8f75d7d99b1d56be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=3982\u0026min_rtt=1423\u0026rtt_var=2206\u0026sent=63\u0026recv=14\u0026lost=0\u0026retrans=0\u0026sent_bytes=59305\u0026recv_bytes=3288\u0026delivery_rate=3930975\u0026cwnd=48000\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=452\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":646,"size_decoded":1877,"mime_type":"application/javascript","magic":"HTML document, ASCII text","md5":"114fe6dcd2944b3177a6379943ea185e","sha1":"4b27b2d70966a74f56ec3337f5e28106612dc696","sha256":"3ae7654118ffbd2ae15e631ce033658bac67f13f8cb2d324785c811907802e62","sha512":"b32c76633589b1523918cc7ce745a2658bf4db2768a247799e4c4a64186a788bc6af8f2ba961bfab1e372bfedbc0e0364c7432217f9a01235df31c3ec3b0f384","ssdeep":"","tlshash":"a041cd6d39e3d0006347717b5f1f92406e36b81b44889e48bf9c91d18f8de2876e6abd","first_seen":"2023-06-18T07:15:50Z","last_seen":"2025-10-18T01:55:21.35768Z","times_seen":97,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/ds1/img/logo.png","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.263Z","timestamp":1735098377263,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /ds1/img/logo.png HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: image/png\r\ncontent-length: 6431\r\nlast-modified: Fri, 03 Mar 2023 10:46:07 GMT\r\netag: \"191f-5f5fca7187c26\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 5949\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=AIRxx%2BwRHy8TZvv8oFEg8fUFICbrKbmuA7OLsug5%2FfpdTfEWsVKEM6ly3QP2%2B9SFFxEXCyIgx9INfjITqWaUwULi%2B94HDZPtMBZ1CA5DKd8rNt7KFAfNftIp%2FxGcpw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8f75d7d99b2056be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=3982\u0026min_rtt=1423\u0026rtt_var=2206\u0026sent=83\u0026recv=15\u0026lost=0\u0026retrans=0\u0026sent_bytes=79352\u0026recv_bytes=4352\u0026delivery_rate=3930975\u0026cwnd=48000\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=456\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6431,"size_decoded":6431,"mime_type":"image/png","magic":"PNG image data, 193 x 115, 8-bit/color RGBA, non-interlaced","md5":"5274be685e8eecdc1f8484d7d58eea01","sha1":"5adb0e29d2943316d45a40e9fbc84d0bad573778","sha256":"def08eed715e3838f3cb65616fb4435ccfb4d041fab854f64714f941faf07fd1","sha512":"110c3f5bae46aa2ef4080c0053dea4d4e27dee5bbd2bf718eabeef0a614d26eab66c1a8b5dfde0f0f7dc71724d8c27b4b7ba6843bfca02d525c29c1caf406b16","ssdeep":"192:vh6psjhSAwUOGY0OUCmXmwrOrF6N+U/LLKLa0:vhQukAwRCn5tOr4N+UyLa0","tlshash":"04d1aef01afd032c1cb6047702e14922a28a8b970432856cfdba5d51b263ede2f02201","first_seen":"2023-06-18T07:15:50Z","last_seen":"2025-10-18T01:55:21.345187Z","times_seen":97,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/ds1/js/bootstrap-confirm.js","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.269Z","timestamp":1735098377269,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /ds1/js/bootstrap-confirm.js HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 1126\r\nlast-modified: Fri, 03 Feb 2023 10:28:36 GMT\r\netag: \"c8d-5f3c924dd78fe-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 529\r\naccept-ranges: bytes\r\npriority: u=3,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=Nq8oCIPp7aE4NtyMX2kEgy9ExsjqHT0TF%2BL9JDIVzShz0DJ3I0SZ0x72t0dh0FTdNnyjbCwYpfgIHyYOxOYdsnIACHA0Vm9pLsFwPOTYTO5spOXqkQP%2BWUnOsRlQDQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8f75d7d99b2156be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=3982\u0026min_rtt=1423\u0026rtt_var=2206\u0026sent=90\u0026recv=15\u0026lost=0\u0026retrans=0\u0026sent_bytes=86695\u0026recv_bytes=4352\u0026delivery_rate=3930975\u0026cwnd=48000\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=458\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1126,"size_decoded":3213,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"13e84d62c5ce28fec7dd109f4239faed","sha1":"a359b9ea089025e48dc4d37f1109adc24b880f4a","sha256":"1aa447152804b042de3b66ecb4d77a851f8ec762a2501bfbdde2204efe06babc","sha512":"44de8ada72adbd4e0042245051a9784e7f8db161689e9ed745474b0e8e67596b3a2d680a655df6da73f3dbfb048e8fbeb2a79d0eba4fcdf79225ba842c8a7577","ssdeep":"","tlshash":"2d6150d5767f3a4606eb17b6f1bbd952f628c422c022b232787034f40ed6f64b39a491","first_seen":"2023-03-26T03:58:18Z","last_seen":"2025-10-18T01:55:21.332257Z","times_seen":60,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/ds1/js/dialogs.js","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.270Z","timestamp":1735098377270,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /ds1/js/dialogs.js HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 640\r\nlast-modified: Fri, 03 Feb 2023 10:28:36 GMT\r\netag: \"74d-5f3c924e8f287-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 529\r\naccept-ranges: bytes\r\npriority: u=3,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=D4fLjfcalA3eeLPXm3HyeBvSOBFvPMXmtA%2FVoPmOkITb%2Fwr69eBod6aUkzPfB2apaaY2BUOGLwoQJiF5YWjviuoulQvMGU35L8%2BKNzhpjeunFEWHWlTf7J3EJdQoEQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8f75d7d99b2256be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=3982\u0026min_rtt=1423\u0026rtt_var=2206\u0026sent=92\u0026recv=15\u0026lost=0\u0026retrans=0\u0026sent_bytes=88177\u0026recv_bytes=4352\u0026delivery_rate=3930975\u0026cwnd=48000\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=459\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":640,"size_decoded":1869,"mime_type":"application/javascript","magic":"ASCII text","md5":"8f19d2b941fc4a8614a7a6f233e49a29","sha1":"7980862eb90fb9e0c2b02ac70ebdfc9dc0db005a","sha256":"1975797185c3c769419f07fbe680ac651209b7b3de90bf686f2da0409cc123c2","sha512":"0ad66186263a7fdbcd4db29e3364446bb26a10363144115d2744e264d2fa63aaad0373c6c4664b576b40794dcefb8c7ff0ad464aebcd1df43e9a01c88583332c","ssdeep":"","tlshash":"2f318d9eb8fa2a2446633535e29f1042b03144875d49bd52fe8c93d40f29a2da6f1bf9","first_seen":"2023-03-26T03:58:18Z","last_seen":"2026-02-04T06:40:02.228491Z","times_seen":82,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/images/PtnIEWP.png","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.272Z","timestamp":1735098377272,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /images/PtnIEWP.png HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: image/png\r\ncontent-length: 8165\r\nlast-modified: Wed, 24 Jan 2024 07:42:47 GMT\r\netag: \"1fe5-60fac3586c9ac\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 529\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=sVaRzOtRqJC5YJL%2BbJjwFrTP0FKNy9UC4yf7V2vqELvxTA30jIztk8iGNL0vk35ZuhlMcfBgmym6NjWdtCB%2BJJRauGnjwgXk9ytP04BhiMDDp%2FUpIX9s1awFGrL5EA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8f75d7d99b2356be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=3982\u0026min_rtt=1423\u0026rtt_var=2206\u0026sent=92\u0026recv=15\u0026lost=0\u0026retrans=0\u0026sent_bytes=88177\u0026recv_bytes=4352\u0026delivery_rate=3930975\u0026cwnd=48000\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=460\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8165,"size_decoded":8165,"mime_type":"image/png","magic":"PNG image data, 180 x 52, 8-bit/color RGBA, non-interlaced","md5":"04e59a886e24f049e1149efbde47b0b6","sha1":"0f1cb50c40c35c3b6f6184a94c3dc4fb427d91d4","sha256":"14e9e94f9bcc8f15c92d86a98c712c2daf9d3e28ddc96255ac320dccf0f43dee","sha512":"80e2856eeadb23c38f9b4a02746da1e0ee8f23d441212e006eaf47610ef2b09fe1076b2865ae2d1ac04a648dcabeb50beebbb894121e541e7c9bb06c0e6822bc","ssdeep":"192:Fi4ARrxCQk8CNaLjspE8zp3+4PTIB86N6iIx1spWnVej7U:Q4A3Ew613+4cDgLa2AI","tlshash":"1bf1b00bd51054c0733219e4a019bccafa616e476a2f74cd9ac5768816e813cf5bf293","first_seen":"2024-08-19T23:25:54.501482Z","last_seen":"2025-10-18T01:55:21.375262Z","times_seen":57,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/images/paysys/btceth.png","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.273Z","timestamp":1735098377273,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /images/paysys/btceth.png HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: image/png\r\ncontent-length: 4443\r\nlast-modified: Tue, 23 Jan 2024 18:40:05 GMT\r\netag: \"115b-60fa146601abc\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 529\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=DH0fuBKZvmdOg8RYspBHq99%2BxUkco3aQKzZJ1omFuMU1KsHgBfAgxSmY8%2BDudQL%2BtO6bahTlgBnzLwq9crLkJO93y1Xc92PTw%2BgnNVLv%2BD1YAQag42ZXfodr2KhWzw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8f75d7d99b2456be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=3982\u0026min_rtt=1423\u0026rtt_var=2206\u0026sent=92\u0026recv=15\u0026lost=0\u0026retrans=0\u0026sent_bytes=88177\u0026recv_bytes=4352\u0026delivery_rate=3930975\u0026cwnd=48000\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=460\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4443,"size_decoded":4443,"mime_type":"image/png","magic":"PNG image data, 160 x 40, 8-bit/color RGBA, non-interlaced","md5":"32e8ab42c5f8cf7eb629476f6db5404e","sha1":"354b4f27cfd747412a60eb0fdb2c8f3f5cce02b2","sha256":"3ea8357f0810fab9a229a1d572f6a6081eea4a61eb1e08c57897221dff4e144e","sha512":"9a6c5d634ce893337fd67afa676cd0ab096a1c6ed18fa15f45246db64a6d787c813b9433e85feea8f021ba35b6fa6020afd95f7e8945c434e8c9f9385c5c6bb0","ssdeep":"96:5SNdbaq/nEbH+5PwFuvcsi5RY711/PuJbFt8IQ4DwBn:5SNZNEbH+lwFuvARYRdu8I0x","tlshash":"d8918ff853b49481fb7c20fed1580a157cafa4087e998907cdba747fd454b62105cacc","first_seen":"2024-08-19T23:25:54.499436Z","last_seen":"2025-10-18T01:55:21.360034Z","times_seen":57,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/images/paypal.png","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.274Z","timestamp":1735098377274,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /images/paypal.png HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: image/png\r\ncontent-length: 4521\r\nlast-modified: Tue, 23 Jan 2024 18:43:00 GMT\r\netag: \"11a9-60fa150d31475\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 529\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=VvJasLNYVPkXNdgDl1qXUtvSL9aptSMmgLZFUaDKpdpK%2FXOtXq8nczEMPtsVVuczg%2BaME9Sa6IcXdYnjsB%2BBFCeMl5Yst42%2B9Uz0dYlYt5ds4Ryx5Z5O4brLFZtOWg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8f75d7d9bb2e56be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=3735\u0026min_rtt=1423\u0026rtt_var=2149\u0026sent=109\u0026recv=17\u0026lost=0\u0026retrans=0\u0026sent_bytes=104467\u0026recv_bytes=4703\u0026delivery_rate=1759716\u0026cwnd=59700\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=471\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4521,"size_decoded":4521,"mime_type":"image/png","magic":"PNG image data, 160 x 46, 8-bit/color RGBA, non-interlaced","md5":"fcef3a0a534d973a12ef0b8042f7394c","sha1":"d30d46d9e2d6e423f60507a10bb284669cb7d969","sha256":"00f35282e245eb922201ac01bae96e5071dade46249855e777481d7f564e609d","sha512":"ceb25126c004a21c2b40c439fa6e24c4f263be27a78e3d9b1b5475ef895e615f9db114ede0a11d001a4280cb5a12ac95a0319bcbc81d93d1497f3678aa16ed2e","ssdeep":"96:gSthpXIwqN4GNAT6jqENR4yhuGlsYhnOIrg8Bxpx:gS5XIb4EnjqEHlhuGdNx","tlshash":"d0919dca8087edef9f433e58a892660384cf1d3b8d41f2c86671e81c85b017665be633","first_seen":"2024-08-19T23:25:54.500686Z","last_seen":"2025-10-18T01:55:21.352636Z","times_seen":57,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/images//Cwqq1f2.png","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.279Z","timestamp":1735098377279,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /images//Cwqq1f2.png HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: image/png\r\ncontent-length: 5721\r\nlast-modified: Tue, 23 Jan 2024 18:42:18 GMT\r\netag: \"1659-60fa14e54d3ca\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 529\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=5Ij7R2Qd0%2FgT6If6cfhWP%2FDAhCGaVr2eD2eGCP9Vaa7sNWNUp9aADNaMpTJ%2B3%2Bimfv5SB9EuPCvaUm%2B4O5HYbohZfC2HvSpV1jXtWsMvfxKu2tfiIkA67JG4NADHnQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8f75d7d9db3d56be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=5381\u0026min_rtt=1423\u0026rtt_var=4414\u0026sent=115\u0026recv=22\u0026lost=0\u0026retrans=0\u0026sent_bytes=109868\u0026recv_bytes=7630\u0026delivery_rate=2529816\u0026cwnd=59700\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=492\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5721,"size_decoded":5721,"mime_type":"image/png","magic":"PNG image data, 180 x 55, 8-bit/color RGBA, non-interlaced","md5":"21b9b91f161e1af0bd7be06236f0341f","sha1":"3a3af54e2fb9c1315ab76ddf83d9b6bdca6000d2","sha256":"320c1d8f714c859828310704b06693bec127bdcf188409bb1847b13b013dcc49","sha512":"24704c19e5c69e4985c48915f8a267c1df6ee953d3ebfec85315c35399cf132db59b2db6607926c604b23f24173e6f272ba2cd5ed5740cbca57e1d399adf12ae","ssdeep":"96:GStJ3HHyPlrAeBZq0OpCTxx5Wh/2vsR4s8U2rbBDT7kC7bNHXIR3idHfnUdvEyob:GStJXMdBqATxx5Wh2vn9ttv7k+xHXg3Q","tlshash":"73c18d3809db5dd2b385ddb4f4b41615a1b83bab7119730518606dbd976f28c4f09283","first_seen":"2024-08-19T23:25:54.500059Z","last_seen":"2025-10-18T01:55:21.377372Z","times_seen":57,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/images/UKyU65F.png","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.301Z","timestamp":1735098377301,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /images/UKyU65F.png HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: image/png\r\ncontent-length: 5554\r\nlast-modified: Tue, 23 Jan 2024 19:02:05 GMT\r\netag: \"15b2-60fa1951ab6ed\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 529\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=9fka5JbFXZuTlFEjsL1mWlqCn2OitIYFrONWaUkpnkamanmoh92CXOBeWVbNwUlU4%2FeuTKg3JZZbWP0uI3BRpJGQPz%2BWzxlolgzwhNRw4iQ51%2FT%2Bsgj6QS71b0cySA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8f75d7d9db3f56be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=5381\u0026min_rtt=1423\u0026rtt_var=4414\u0026sent=121\u0026recv=22\u0026lost=0\u0026retrans=0\u0026sent_bytes=116472\u0026recv_bytes=7630\u0026delivery_rate=2529816\u0026cwnd=59700\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=492\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5554,"size_decoded":5554,"mime_type":"image/png","magic":"PNG image data, 181 x 48, 8-bit/color RGBA, non-interlaced","md5":"0e03511430d4287132a7cefa7cc467b4","sha1":"665e045866078804dc499407b2c30d2be845c9f0","sha256":"951dd7777b38a624a4651af640bef783e939215f5a3e89b14972609bc2f460ef","sha512":"9ff1ac25ff62c33fea1a642a9f4a90b690a68323d96c2e9783fbf406c98785476c3e8242c96b445ac29913fecbd1b33c9025beeae633224259369fd3ca243ba4","ssdeep":"96:I6krL7bhHBqqbYLHQMuyf4DkAANAjjrIqGy7Q0M891aOPbwNhyA24hrUZN9J:gfbFBhsTQ6f6nANAstkaOPEi4hiN/","tlshash":"96b1bfffad933394d6e72c884c52e2343c525638c04adfac90666e6b234ad0881e1f63","first_seen":"2024-08-19T23:25:54.502959Z","last_seen":"2025-10-18T01:55:21.304623Z","times_seen":57,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/images/QPVrOwJ.png","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.299Z","timestamp":1735098377299,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /images/QPVrOwJ.png HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: image/png\r\ncontent-length: 5050\r\nlast-modified: Tue, 23 Jan 2024 19:01:13 GMT\r\netag: \"13ba-60fa191fcf99f\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 529\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=9YvOjSc1rf7d7DInrIm4oPoQTaEY1huH5krPkYhaX1%2FhHIIT4GdNSs78uIL%2Fc2LHAVbJCIQDUQVbaEq7Iwg%2FFlADwqdQTw9XSbAmlqqpxHNbRu1RZ8o%2Fi9hKS6m%2FTQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8f75d7d9db3e56be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=5381\u0026min_rtt=1423\u0026rtt_var=4414\u0026sent=127\u0026recv=22\u0026lost=0\u0026retrans=0\u0026sent_bytes=122914\u0026recv_bytes=7630\u0026delivery_rate=2529816\u0026cwnd=59700\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=493\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5050,"size_decoded":5050,"mime_type":"image/png","magic":"PNG image data, 142 x 33, 8-bit/color RGBA, non-interlaced","md5":"655526ec81e5600914e901c33c701e9e","sha1":"60c5db710069dbde9768345cc364e3ee678a7976","sha256":"297f8e61f60350d74edd29a3000c5ffe64405a54136295fa8d072dd9b8a70f86","sha512":"4ee07a9dc7ee9750f27438e1476538611480ec8e4d3370236ca3514758704db815b919f86daa3f78ff18d188edc0d554a550fb84f2f9343fcdb25010e0139115","ssdeep":"96:TQSQ1DM0cFtp3q7mshw7HRwgOJHVJDBB2cdNKWOc48qcAXNMu+YREj:TQSQ1f2p3lYw7XO5llK4nJxu+Y+j","tlshash":"6da18d829fc8f12a4a279fc19243489141d702dd98eba28539a14da822de5c4da636d3","first_seen":"2024-08-19T23:25:54.502132Z","last_seen":"2025-10-18T01:55:21.325797Z","times_seen":57,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/images/Cwqq1f2.png","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.278Z","timestamp":1735098377278,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /images/Cwqq1f2.png HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: image/png\r\ncontent-length: 5721\r\nlast-modified: Tue, 23 Jan 2024 18:42:18 GMT\r\netag: \"1659-60fa14e54d3ca\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 529\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=laD0ClSrKO1Cui2KAu80XZIZ%2Fgzuft4yHbySfyEN9vLw73%2FKcyN6mRg56Vy5M4fUGhoIzhzsARuvuMpx2e6u05fvzRFNFGDYHrCfc4IUvBvWVdwmCxasoCsILb03JQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8f75d7d9db3c56be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=5381\u0026min_rtt=1423\u0026rtt_var=4414\u0026sent=133\u0026recv=24\u0026lost=0\u0026retrans=0\u0026sent_bytes=128849\u0026recv_bytes=9766\u0026delivery_rate=2529816\u0026cwnd=59700\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=495\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5721,"size_decoded":5721,"mime_type":"image/png","magic":"PNG image data, 180 x 55, 8-bit/color RGBA, non-interlaced","md5":"21b9b91f161e1af0bd7be06236f0341f","sha1":"3a3af54e2fb9c1315ab76ddf83d9b6bdca6000d2","sha256":"320c1d8f714c859828310704b06693bec127bdcf188409bb1847b13b013dcc49","sha512":"24704c19e5c69e4985c48915f8a267c1df6ee953d3ebfec85315c35399cf132db59b2db6607926c604b23f24173e6f272ba2cd5ed5740cbca57e1d399adf12ae","ssdeep":"96:GStJ3HHyPlrAeBZq0OpCTxx5Wh/2vsR4s8U2rbBDT7kC7bNHXIR3idHfnUdvEyob:GStJXMdBqATxx5Wh2vn9ttv7k+xHXg3Q","tlshash":"73c18d3809db5dd2b385ddb4f4b41615a1b83bab7119730518606dbd976f28c4f09283","first_seen":"2024-08-19T23:25:54.500059Z","last_seen":"2025-10-18T01:55:21.377372Z","times_seen":57,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/images/cmRccbz.png","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.304Z","timestamp":1735098377304,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /images/cmRccbz.png HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: image/png\r\ncontent-length: 2879\r\nlast-modified: Tue, 23 Jan 2024 18:42:00 GMT\r\netag: \"b3f-60fa14d3ddcd5\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 529\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=T309aCF9pXcvnq4beHllEgQ1xvNAj5ZPZYbqgVLMZkgyzs0dbPZSfpnB7d3tKR1sQ3emriFl7GFxQGzo56%2FHnMPS4pyN6b1bwel9E5aAYm0B4ShA%2FXfWgthXCGartg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8f75d7d9db4256be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=5381\u0026min_rtt=1423\u0026rtt_var=4414\u0026sent=133\u0026recv=24\u0026lost=0\u0026retrans=0\u0026sent_bytes=128849\u0026recv_bytes=9766\u0026delivery_rate=2529816\u0026cwnd=59700\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=495\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2879,"size_decoded":2879,"mime_type":"image/png","magic":"PNG image data, 170 x 30, 8-bit/color RGBA, non-interlaced","md5":"d950b67aeece85936307a7d927f38f85","sha1":"8cdb4be5f991f7adf9e794dfbd7078145598e057","sha256":"3b51408bdbc9803485ea3dc1567dae9967c341e5ee3fe1d93f670f1083955891","sha512":"780c0ebbb2ef51548471883407c7530a00e7218270f637fb933a27ee3568e096a6975b775f95a73658ea91acd3ef1b6dc3d75092c8ae30b6a5a633564e73a160","ssdeep":"","tlshash":"1d516df71507438ac2acb97d03bc4741eda9d11263abb78b71c26dd0f6408125a82fc3","first_seen":"2024-08-19T23:25:54.504837Z","last_seen":"2025-10-18T01:55:21.347588Z","times_seen":57,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/images//PtnIEWP.png","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.307Z","timestamp":1735098377307,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /images//PtnIEWP.png HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: image/png\r\ncontent-length: 8165\r\nlast-modified: Wed, 24 Jan 2024 07:42:47 GMT\r\netag: \"1fe5-60fac3586c9ac\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 529\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=XKua7zRpgAJaFg0g1rbjQtGAWjdUz1%2B4c5rTTWDQ0lFme3UnuGCQNelqh1pkTFM28bpmAPhS4filI9rOrkpa%2BMRZUwy%2FH5y6ghZ%2B5z7lteN4NpkWpbOwcGM%2Ft1PIwA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8f75d7d9db4556be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=5381\u0026min_rtt=1423\u0026rtt_var=4414\u0026sent=133\u0026recv=24\u0026lost=0\u0026retrans=0\u0026sent_bytes=128849\u0026recv_bytes=9766\u0026delivery_rate=2529816\u0026cwnd=59700\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=495\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8165,"size_decoded":8165,"mime_type":"image/png","magic":"PNG image data, 180 x 52, 8-bit/color RGBA, non-interlaced","md5":"04e59a886e24f049e1149efbde47b0b6","sha1":"0f1cb50c40c35c3b6f6184a94c3dc4fb427d91d4","sha256":"14e9e94f9bcc8f15c92d86a98c712c2daf9d3e28ddc96255ac320dccf0f43dee","sha512":"80e2856eeadb23c38f9b4a02746da1e0ee8f23d441212e006eaf47610ef2b09fe1076b2865ae2d1ac04a648dcabeb50beebbb894121e541e7c9bb06c0e6822bc","ssdeep":"192:Fi4ARrxCQk8CNaLjspE8zp3+4PTIB86N6iIx1spWnVej7U:Q4A3Ew613+4cDgLa2AI","tlshash":"1bf1b00bd51054c0733219e4a019bccafa616e476a2f74cd9ac5768816e813cf5bf293","first_seen":"2024-08-19T23:25:54.501482Z","last_seen":"2025-10-18T01:55:21.375262Z","times_seen":57,"resource_available":false,"data":null}},"time_used":58,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":50,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/images//QPVrOwJ.png","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.314Z","timestamp":1735098377314,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /images//QPVrOwJ.png HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: image/png\r\ncontent-length: 5050\r\nlast-modified: Tue, 23 Jan 2024 19:01:13 GMT\r\netag: \"13ba-60fa191fcf99f\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 529\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=1Q9nLyMEfJEb1uNB9cO%2F5pfJd7TH54xhAP%2FhYOP3zEhVyx3Gi8NCOPmeUu0CGhb1V0IwgggcAudxFeSImWmsCYM8hxP11Af5XBwXsEkmHacJexlh1eoQ5%2FH%2FojcO%2Fg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8f75d7d9db4656be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=5381\u0026min_rtt=1423\u0026rtt_var=4414\u0026sent=133\u0026recv=24\u0026lost=0\u0026retrans=0\u0026sent_bytes=128849\u0026recv_bytes=9766\u0026delivery_rate=2529816\u0026cwnd=59700\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=495\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5050,"size_decoded":5050,"mime_type":"image/png","magic":"PNG image data, 142 x 33, 8-bit/color RGBA, non-interlaced","md5":"655526ec81e5600914e901c33c701e9e","sha1":"60c5db710069dbde9768345cc364e3ee678a7976","sha256":"297f8e61f60350d74edd29a3000c5ffe64405a54136295fa8d072dd9b8a70f86","sha512":"4ee07a9dc7ee9750f27438e1476538611480ec8e4d3370236ca3514758704db815b919f86daa3f78ff18d188edc0d554a550fb84f2f9343fcdb25010e0139115","ssdeep":"96:TQSQ1DM0cFtp3q7mshw7HRwgOJHVJDBB2cdNKWOc48qcAXNMu+YREj:TQSQ1f2p3lYw7XO5llK4nJxu+Y+j","tlshash":"6da18d829fc8f12a4a279fc19243489141d702dd98eba28539a14da822de5c4da636d3","first_seen":"2024-08-19T23:25:54.502132Z","last_seen":"2025-10-18T01:55:21.325797Z","times_seen":57,"resource_available":false,"data":null}},"time_used":58,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/images//cmRccbz.png","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.329Z","timestamp":1735098377329,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /images//cmRccbz.png HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: image/png\r\ncontent-length: 2879\r\nlast-modified: Tue, 23 Jan 2024 18:42:00 GMT\r\netag: \"b3f-60fa14d3ddcd5\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 529\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=P8v6ZrhAR%2BSl5YrQ6yIVrMXl9wq8JCAnTabL4ubbsuQjBGFY0HNEE5IrGED8XB2Iuk8HlrWYz2DR9MfiB0bgTshtIWB4u4Wz1vhzE5MPjsqeDpyaDbDJssgVCELvwA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8f75d7d9eb4e56be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=5381\u0026min_rtt=1423\u0026rtt_var=4414\u0026sent=159\u0026recv=24\u0026lost=0\u0026retrans=0\u0026sent_bytes=157186\u0026recv_bytes=9766\u0026delivery_rate=2529816\u0026cwnd=59700\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=500\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2879,"size_decoded":2879,"mime_type":"image/png","magic":"PNG image data, 170 x 30, 8-bit/color RGBA, non-interlaced","md5":"d950b67aeece85936307a7d927f38f85","sha1":"8cdb4be5f991f7adf9e794dfbd7078145598e057","sha256":"3b51408bdbc9803485ea3dc1567dae9967c341e5ee3fe1d93f670f1083955891","sha512":"780c0ebbb2ef51548471883407c7530a00e7218270f637fb933a27ee3568e096a6975b775f95a73658ea91acd3ef1b6dc3d75092c8ae30b6a5a633564e73a160","ssdeep":"","tlshash":"1d516df71507438ac2acb97d03bc4741eda9d11263abb78b71c26dd0f6408125a82fc3","first_seen":"2024-08-19T23:25:54.504837Z","last_seen":"2025-10-18T01:55:21.347588Z","times_seen":57,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/images//UKyU65F.png","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.316Z","timestamp":1735098377316,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /images//UKyU65F.png HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: image/png\r\ncontent-length: 5554\r\nlast-modified: Tue, 23 Jan 2024 19:02:05 GMT\r\netag: \"15b2-60fa1951ab6ed\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 529\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=FrEXZnwScHhYDqHYpqxdsqHavAnKXaqgXeyojkPFW8HAW%2FT%2BPjp9nZeo44GPhBXU8KtiXGsbV8hmHTl5p0no0cGPlTWP%2FO1J%2B83k1ZHbUbiQUnayLPb2QcCLAqSTWg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8f75d7d9eb4b56be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=5381\u0026min_rtt=1423\u0026rtt_var=4414\u0026sent=163\u0026recv=24\u0026lost=0\u0026retrans=0\u0026sent_bytes=160893\u0026recv_bytes=9766\u0026delivery_rate=2529816\u0026cwnd=59700\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=500\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5554,"size_decoded":5554,"mime_type":"image/png","magic":"PNG image data, 181 x 48, 8-bit/color RGBA, non-interlaced","md5":"0e03511430d4287132a7cefa7cc467b4","sha1":"665e045866078804dc499407b2c30d2be845c9f0","sha256":"951dd7777b38a624a4651af640bef783e939215f5a3e89b14972609bc2f460ef","sha512":"9ff1ac25ff62c33fea1a642a9f4a90b690a68323d96c2e9783fbf406c98785476c3e8242c96b445ac29913fecbd1b33c9025beeae633224259369fd3ca243ba4","ssdeep":"96:I6krL7bhHBqqbYLHQMuyf4DkAANAjjrIqGy7Q0M891aOPbwNhyA24hrUZN9J:gfbFBhsTQ6f6nANAstkaOPEi4hiN/","tlshash":"96b1bfffad933394d6e72c884c52e2343c525638c04adfac90666e6b234ad0881e1f63","first_seen":"2024-08-19T23:25:54.502959Z","last_seen":"2025-10-18T01:55:21.304623Z","times_seen":57,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/ds1/js/main.js?v=3","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.345Z","timestamp":1735098377345,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /ds1/js/main.js?v=3 HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 338\r\nlast-modified: Fri, 03 Feb 2023 10:28:38 GMT\r\netag: \"334-5f3c92506001f-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 5949\r\naccept-ranges: bytes\r\npriority: u=3,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=P1zP48tkyUgJ1EjolPR2pzFU4HwWIC8%2FMfuRxiVusv%2BWHfCtWWMkbfwYGYGIccEKYuzZpGutFcy1m3mER3MCi3txKSburCl76cwdX1oVxjkZgeIaUpXyaPKr%2Bj%2Bq3Q%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8f75d7d9eb5456be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=5381\u0026min_rtt=1423\u0026rtt_var=4414\u0026sent=169\u0026recv=24\u0026lost=0\u0026retrans=0\u0026sent_bytes=167336\u0026recv_bytes=9766\u0026delivery_rate=2529816\u0026cwnd=59700\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=501\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":338,"size_decoded":820,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"6215261089af2e7a51a6d8fd4c5b1c4b","sha1":"13368dc1cf83c9490ec30da50880215456c1fdb9","sha256":"d970b5c6138015be569be57ee8233f16aa8d06b634ab4469243d9e518ae7b973","sha512":"9f5ec7d8ed5d430c024a1dbae3161b362fe0c8684d6e8243fb2403d8edd11c3106f951d2238f3a2ae90b426a3b994386c7388924573908aaa4a818f68986dbc6","ssdeep":"","tlshash":"68019c29f8f93452a03370ad9eff42452b19040b5288cb157d8c8bc81f995785b97f4c","first_seen":"2023-03-08T16:24:12Z","last_seen":"2026-05-09T07:58:42.853085Z","times_seen":102,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/ds1/js/clipboard.min.js","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.342Z","timestamp":1735098377342,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /ds1/js/clipboard.min.js HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 3281\r\nlast-modified: Fri, 03 Feb 2023 10:28:36 GMT\r\netag: \"29a5-5f3c924e339aa-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 5949\r\naccept-ranges: bytes\r\npriority: u=3,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=4%2FxLugwU7ra0GFRdl%2FQSMKEK3vfTqn8L7ArCSK2jLfKsXQJAEoSzHw1eilkivh2Dh5MFR7fB6qewDx3oH20SPZw46DFL6zA1AtyN2webS%2FSyM8zdKcgTE6xnwzmUwg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8f75d7d9eb5156be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=5381\u0026min_rtt=1423\u0026rtt_var=4414\u0026sent=171\u0026recv=24\u0026lost=0\u0026retrans=0\u0026sent_bytes=169595\u0026recv_bytes=9766\u0026delivery_rate=2529816\u0026cwnd=59700\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=501\u0026x=1\", cfExtPri, cfHdrFlush;dur=28\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3281,"size_decoded":10661,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10553)","md5":"663a6b278b0dbd648f3fe0700d3ce4f2","sha1":"14561a800d543a44a5d538c82ec5f41bd6103b83","sha256":"67c123eb92c5add45ce587c51234b10e51ab61fec36fa0b28180792b27f212e2","sha512":"c2cfcaf3f3d4b305e01ccb1f43c6de4d9d2e82aafd444195f3dee369876d8c2add36778239b8c685a66c84e06942afb51b7bdc8d82a57cdfc42d42c9e39a5f98","ssdeep":"192:cjHh4LyP153pPJ7rVWLBTwuLJ/eXbA5gpEHa4Lyc2mltIjk1QGo:cuA3JVVWLBT9LJ/eXbA5Tj2mzg/","tlshash":"e522855cb280b1b19ae760a9813f424fb371a469709a90d4b239e8f1bd78dcd5467f3c","first_seen":"2023-03-07T21:43:32Z","last_seen":"2025-02-14T14:59:43.229622Z","times_seen":89,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/images/l8Y1Evx.png","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.305Z","timestamp":1735098377305,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /images/l8Y1Evx.png HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: image/png\r\ncontent-length: 6555\r\nlast-modified: Tue, 23 Jan 2024 19:01:37 GMT\r\netag: \"199b-60fa1936cd6ac\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 529\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=aN9m%2FXihdqo8q97Cav9x846sAlAii8sDDkYPKaSqABmQ6CctCfIu1L6EItnA86iSRFhz%2F3owsMh1%2FXWXW8gkUR7CIEzcADGqutGs%2BdaQwQWHkTgAGmKdtE0QqtOyUQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8f75d7d9db4356be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=5381\u0026min_rtt=1423\u0026rtt_var=4414\u0026sent=171\u0026recv=24\u0026lost=0\u0026retrans=0\u0026sent_bytes=169595\u0026recv_bytes=9766\u0026delivery_rate=2529816\u0026cwnd=59700\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=507\u0026x=1\", cfExtPri, cfHdrFlush;dur=22\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6555,"size_decoded":6555,"mime_type":"image/png","magic":"PNG image data, 182 x 45, 8-bit/color RGBA, non-interlaced","md5":"e3d58d6cf5f1c0f018b798cb8c014b1b","sha1":"0612b7c41c4b1586d4dbc5c0f55f91f97e8ed629","sha256":"a295f987053691badde3930d0d1abed6319e38fd0b02056801cfe979c6db3160","sha512":"4061fec6ce3cb35d7ed41d51cb771c95df5e68eef07771b33c1f3e5592c6e94db6bb164155a90a07238481767c89ab7cf4745cfd4356b227b04af1ea3f468974","ssdeep":"192:0Uqva+9+Xfd9Ori/QuXImNOgOFD7q/qhB2kUb22:0UqvIXffFQuXOLD2/qhByq2","tlshash":"1bd18d8f0ccf83a9c781a0bb724216782e5e8728fb17190c6d1667a8053d3a2d4cc33b","first_seen":"2024-08-19T23:25:54.503954Z","last_seen":"2025-10-18T01:55:21.322436Z","times_seen":57,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/ds1/js/bootstrap.min.js","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.341Z","timestamp":1735098377341,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /ds1/js/bootstrap.min.js HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 9811\r\nlast-modified: Fri, 03 Feb 2023 10:28:36 GMT\r\netag: \"90bb-5f3c924dedc77-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 5949\r\naccept-ranges: bytes\r\npriority: u=3,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=b1otEEEqsl%2B7W3AfGeDtcdu%2FPVo%2FknhMowAK9qvTT9Q86tMXRKklu7wqbehem3NwRLmynJ5tp5Y8ENODaw5hhHbI32aovXlH1nx4SCIU%2FYWiMw45fM0He4l4fjOVuA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8f75d7d9eb5056be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=5381\u0026min_rtt=1423\u0026rtt_var=4414\u0026sent=170\u0026recv=24\u0026lost=0\u0026retrans=0\u0026sent_bytes=168428\u0026recv_bytes=9766\u0026delivery_rate=2529816\u0026cwnd=59700\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=501\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9811,"size_decoded":37051,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32033), with CRLF line terminators","md5":"04c84852e9937b142ac73c285b895b85","sha1":"8fb8a9319055253d085edfc3bb72d20f614ec709","sha256":"36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64","sha512":"e27be06bc898dcf893f06cc49cafcbb6ba6e3a69106a89a500f6993e57600b3636392784811237a1a783967dbe05d57a0769c78f8074a0c3a59b16b655b1d350","ssdeep":"768:72rGy27UwlNqMl95qNmCFejhqs8snmi+CSFXfgx8Gf3Zq7Q:yg73zhq0GvgJ3ZKQ","tlshash":"eff28606b23031a147efb1e1525b020e7239696ee906907c78b99af53db9c48717bf3d","first_seen":"2023-03-07T01:03:32Z","last_seen":"2026-05-20T05:37:07.703855Z","times_seen":6130,"resource_available":true,"data":null}},"time_used":58,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/ds1/js/feather.min.js","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.343Z","timestamp":1735098377343,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /ds1/js/feather.min.js HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 17300\r\nlast-modified: Fri, 03 Feb 2023 10:28:36 GMT\r\netag: \"ff31-5f3c924ea8cb0-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 5948\r\naccept-ranges: bytes\r\npriority: u=3,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=13ifzql%2FMwk39bTIxPNgFhKjqsd0LB%2FRgR7pVc6P9AjaKp8DZNwqDQSuQTNQWCT8D5UOXWigdbEck%2F1TUZFVmpHKETuWHSZtachn6fcWmxe6xTpMiVRe8WOKdEZLtA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8f75d7d9eb5356be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=5381\u0026min_rtt=1423\u0026rtt_var=4414\u0026sent=170\u0026recv=24\u0026lost=0\u0026retrans=0\u0026sent_bytes=168428\u0026recv_bytes=9766\u0026delivery_rate=2529816\u0026cwnd=59700\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=501\u0026x=1\", cfExtPri, cfHdrFlush;dur=28\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17300,"size_decoded":65329,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (62085)","md5":"26c35da1f95aabbac8a3cc1388f86381","sha1":"1587358c4cf4cb3d915349b0744903347ec476d9","sha256":"34eff09d3a94fa86b4f3e5af9cf391515e8e2caa3ebb6d7fe6ed13e5778ff8e0","sha512":"cd7222e5fc92829c47b77cfa920d6feae434d584aa5964c777919c86053495d1cb3defa59a76f984f072c53fff7889b6af9d1290b2c706c2d4f11c875e287173","ssdeep":"768:mN19Xq52epoJVg+Os+HNsojRuhcEdDXisLqxriT9aJ0s/vz55tr/4SRBxK:mNA+OXRTK","tlshash":"92532c367d4dba9fd00743e61a1f6166235f22fff98c4214e05d02b0c9276d6ee67a28","first_seen":"2023-03-08T16:24:12Z","last_seen":"2026-05-09T07:58:42.833807Z","times_seen":106,"resource_available":true,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/images//l8Y1Evx.png","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.336Z","timestamp":1735098377336,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /images//l8Y1Evx.png HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: image/png\r\ncontent-length: 6555\r\nlast-modified: Tue, 23 Jan 2024 19:01:37 GMT\r\netag: \"199b-60fa1936cd6ac\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 529\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=7KgsWVHjxOFJkY8Fod5nQ9lhVZsVIGkY823AMck2sPFLaIAq668IKygvXWS%2F6OSe4W7WcqyVbwrhVS%2BXUjwXkB%2F8cS4HY81z5Xkbv3pukKfUUn341ZkCBs08pd8etQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8f75d7d9eb4f56be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=5381\u0026min_rtt=1423\u0026rtt_var=4414\u0026sent=171\u0026recv=24\u0026lost=0\u0026retrans=0\u0026sent_bytes=169595\u0026recv_bytes=9766\u0026delivery_rate=2529816\u0026cwnd=59700\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=502\u0026x=1\", cfExtPri, cfHdrFlush;dur=27\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6555,"size_decoded":6555,"mime_type":"image/png","magic":"PNG image data, 182 x 45, 8-bit/color RGBA, non-interlaced","md5":"e3d58d6cf5f1c0f018b798cb8c014b1b","sha1":"0612b7c41c4b1586d4dbc5c0f55f91f97e8ed629","sha256":"a295f987053691badde3930d0d1abed6319e38fd0b02056801cfe979c6db3160","sha512":"4061fec6ce3cb35d7ed41d51cb771c95df5e68eef07771b33c1f3e5592c6e94db6bb164155a90a07238481767c89ab7cf4745cfd4356b227b04af1ea3f468974","ssdeep":"192:0Uqva+9+Xfd9Ori/QuXImNOgOFD7q/qhB2kUb22:0UqvIXffFQuXOLD2/qhByq2","tlshash":"1bd18d8f0ccf83a9c781a0bb724216782e5e8728fb17190c6d1667a8053d3a2d4cc33b","first_seen":"2024-08-19T23:25:54.503954Z","last_seen":"2025-10-18T01:55:21.322436Z","times_seen":57,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":54,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"use.fontawesome.com/releases/v5.6.3/js/all.js","fqdn":"use.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"172.67.142.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.250Z","timestamp":1735098377250,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"use.fontawesome.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 Nov 2024 23:24:31 GMT","end":"Thu, 06 Feb 2025 00:24:26 GMT"},"fingerprint":{"sha1":"05:31:F4:38:90:E5:B9:DA:3F:69:54:FA:D4:B6:58:60:69:5D:E8:A0","sha256":"59:DF:F8:3A:7E:E4:82:86:E0:01:5E:5A:36:37:54:0E:BE:5C:5F:7A:7C:37:AE:9F:DA:12:71:84:63:56:EC:A1"}}},"request":{"raw":"GET /releases/v5.6.3/js/all.js HTTP/1.1\r\nHost: use.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://filesfly.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: application/javascript\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31556926\r\netag: W/\"7b6ab1d5b8de4d3b0e2d8084ad292818\"\r\nlast-modified: Fri, 22 Sep 2023 01:45:44 GMT\r\nvary: Origin, Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 314081\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=AXxqvzcR9X7T%2BJUNgOeWx8kTDdcSFdmDnEAFc%2BtxlVnWeNj7OKEn3eckZaDMDnexda%2FIyyvb8bZkDA%2FJiUbMFxiDCRY00%2Bp4xF0gbs%2B1Jhblip593tLoQylnK2b0gN5tomWZA%2BMg\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8f75d7da399eb505-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=521\u0026min_rtt=449\u0026rtt_var=126\u0026sent=7\u0026recv=11\u0026lost=0\u0026retrans=0\u0026sent_bytes=3276\u0026recv_bytes=1220\u0026delivery_rate=6483582\u0026cwnd=254\u0026unsent_bytes=0\u0026cid=f0e2d73e7ed11265\u0026ts=132\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":405989,"size_decoded":1113926,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"7b6ab1d5b8de4d3b0e2d8084ad292818","sha1":"93d2d51538bc25efe45ed6a909114b2e75b9c54e","sha256":"80f7935587fcf36206dc79d2b46332eca6ff6cc40a12ce09fe66efd02336d97e","sha512":"b841c94b9f60a6ec7203dd6768b33d6d1ce7f5800edb1fcc491c232b0100d0e25695faa8d28c93ffb2b24379b326671d293043387db93c7a02a453bb0c189b9c","ssdeep":"6144:ijomRljxE0jUKDV6+zhxc4Cp2Dnio/NULootRtKzW/aXQawefAJ0GStZbJa8wDK5:iljivH4CNtRwVXQatFEu","tlshash":"d235e568d760a3fc9dc683b5c6312474798f91ae71e09328d2b8c6b0b2675dcd6c9cc9","first_seen":"2023-03-07T01:03:32Z","last_seen":"2026-05-20T00:58:57.279979Z","times_seen":960,"resource_available":true,"data":null}},"time_used":210,"timings":{"blocked":72,"dns":1,"connect":1,"send":0,"wait":25,"receive":0,"ssl":107},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD-w.ttf","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.608Z","timestamp":1735098377608,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Dec 2024 08:36:58 GMT","end":"Mon, 24 Feb 2025 08:36:57 GMT"},"fingerprint":{"sha1":"40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF","sha256":"0C:0D:EC:55:A6:58:72:97:20:B5:7E:DB:CB:E9:4D:9D:F8:CA:76:37:D0:6A:16:15:D3:64:D6:47:3C:D1:A9:30"}}},"request":{"raw":"GET /s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD-w.ttf HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://filesfly.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 24405\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 21 Dec 2024 05:52:09 GMT\r\nexpires: Sun, 21 Dec 2025 05:52:09 GMT\r\ncache-control: public, max-age=31536000\r\nage: 338048\r\nlast-modified: Tue, 23 Jul 2019 03:46:43 GMT\r\ncontent-type: font/ttf\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24405,"size_decoded":47036,"mime_type":"font/ttf","magic":"TrueType Font data, 17 tables, 1st \"GDEF\", 8 names, Microsoft, language 0x409, Copyright 2011 The Montserrat Project Authors (https://github.com/JulietaUla/Montserrat)Montserr","md5":"acb878a397bf674d7baa32a3267e5a3c","sha1":"3b0d325c652fe6508abae0aadbd04e6176dcb125","sha256":"56205168d373cb37b1870db837e74e2675593b7f930d00b2ff85c83bf886b484","sha512":"24e9c8fef68d57f81265a8cd1090cba4d1958aef179c8387c6f4f341ad92245d9ee0860b881b45274ee720a45a2dad188aa93813af89cde31fc8c9100bcc96ab","ssdeep":"768:8LvtLXEf0XqS1Aata4gTKC+y+SEA9G9EPj//ctqw5/8AxiR5rIJIyY56pX63/zFn:8LvBXEUAv4pCd3E59U4tfwRLB3Jn","tlshash":"12232847f656a601d41b0d389ef1e3b2ab66f4250f5a130bb1c92e79e8ef1d20d85387","first_seen":"2023-05-08T01:42:23Z","last_seen":"2026-05-14T18:38:41.453732Z","times_seen":141,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":86,"dns":1,"connect":8,"send":0,"wait":9,"receive":7,"ssl":72},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/images//ZmWjKgV.jpg","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.660Z","timestamp":1735098377660,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /images//ZmWjKgV.jpg HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlast-modified: Wed, 28 Oct 2020 10:37:59 GMT\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 5\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=Hnp9LRxkK7lQk0Ekp7Uqzt4S5M5dsUinoCIfZO9P95QSHL3WOdDVJj0JoSHKsyYG%2FywMzAm8Ezp3dq%2F9ylEE9zucdgOrmMhNU1te%2FSDVU%2FGLSbYsBgWsjX2D2%2F%2FqEA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8f75d7dc6c4856be-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=5644\u0026min_rtt=1423\u0026rtt_var=4299\u0026sent=219\u0026recv=31\u0026lost=0\u0026retrans=0\u0026sent_bytes=218874\u0026recv_bytes=10882\u0026delivery_rate=186100\u0026cwnd=80700\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=900\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":790,"size_decoded":1058,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"467578f8986c91f1d67c3045c298ba86","sha1":"a57c51f8317ed8ca7a00a29a0b73050b95cd3cf6","sha256":"a96a07b625bb698afcde83b16dbf9f7fc88e60d1a464ae123c9e1aff6abdbe24","sha512":"2be420490e50fafe6e434568dd28ec721346f19ddb1b37b241c2cff83a71b5591334b5dea9438874c3eb93453441d53d1cf3e38b8f8dfd82baed0b9873b85308","ssdeep":"","tlshash":"8c114cb81d03cccb3f474151512fe0a896700f2e64984becb2d18b7d6c85718a0c86ec","first_seen":"2023-07-15T07:03:12Z","last_seen":"2026-05-02T04:58:23.498001Z","times_seen":94,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459Wlhzg.ttf","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.600Z","timestamp":1735098377600,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Dec 2024 08:36:58 GMT","end":"Mon, 24 Feb 2025 08:36:57 GMT"},"fingerprint":{"sha1":"40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF","sha256":"0C:0D:EC:55:A6:58:72:97:20:B5:7E:DB:CB:E9:4D:9D:F8:CA:76:37:D0:6A:16:15:D3:64:D6:47:3C:D1:A9:30"}}},"request":{"raw":"GET /s/montserrat/v14/JTUSjIg1_i6t8kCHKm459Wlhzg.ttf HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://filesfly.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 24251\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 21 Dec 2024 04:38:18 GMT\r\nexpires: Sun, 21 Dec 2025 04:38:18 GMT\r\ncache-control: public, max-age=31536000\r\nage: 342479\r\nlast-modified: Tue, 23 Jul 2019 03:46:21 GMT\r\ncontent-type: font/ttf\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24251,"size_decoded":46392,"mime_type":"font/ttf","magic":"TrueType Font data, 17 tables, 1st \"GDEF\", 8 names, Microsoft, language 0x409, Copyright 2011 The Montserrat Project Authors (https://github.com/JulietaUla/Montserrat)Montserr","md5":"6a9e85ac9247f5848db957b873c62e0c","sha1":"1f3ed7fd6d8b0db9e94bc15a6dc56728f23d4fda","sha256":"07ae7cf9c7f3bfc4bc63842bb07e5846837c0071f8d96042de9d0f4a3cc997b6","sha512":"5f6200cbeff380c5617929f0e6d826150233379ff8476f37e20c6090550d870304c7a595c65edca73898e11a5a26f80a3dce14d18bddc1ef849767292b5f9fc4","ssdeep":"768:IVktcX0TwlJcLS0WH2U2OEP7juwUf8iR5r5ayY5NMHlxpTVnDhqKq:qxXJJZ0w2URE/ub/RygxVnMn","tlshash":"4f232947b716a316e94a0e345df6e372d766b4312f9b030fb0c92e65e8df1860e45386","first_seen":"2023-05-08T01:42:23Z","last_seen":"2026-05-18T11:28:43.938291Z","times_seen":354,"resource_available":false,"data":null}},"time_used":583,"timings":{"blocked":140,"dns":1,"connect":22,"send":0,"wait":8,"receive":294,"ssl":113},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD-w.ttf","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.605Z","timestamp":1735098377605,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Dec 2024 08:36:58 GMT","end":"Mon, 24 Feb 2025 08:36:57 GMT"},"fingerprint":{"sha1":"40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF","sha256":"0C:0D:EC:55:A6:58:72:97:20:B5:7E:DB:CB:E9:4D:9D:F8:CA:76:37:D0:6A:16:15:D3:64:D6:47:3C:D1:A9:30"}}},"request":{"raw":"GET /s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD-w.ttf HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://filesfly.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 24295\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 20 Dec 2024 18:20:50 GMT\r\nexpires: Sat, 20 Dec 2025 18:20:50 GMT\r\ncache-control: public, max-age=31536000\r\nage: 379527\r\nlast-modified: Tue, 23 Jul 2019 03:46:34 GMT\r\ncontent-type: font/ttf\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24295,"size_decoded":46240,"mime_type":"font/ttf","magic":"TrueType Font data, 17 tables, 1st \"GDEF\", 8 names, Microsoft, language 0x409, Copyright 2011 The Montserrat Project Authors (https://github.com/JulietaUla/Montserrat)Montserr","md5":"8b7179f87b4365d145bbe3033b4a3c66","sha1":"a282bab2ebc8e3a0636eefa018fe1c1e709b29d0","sha256":"a4b0943e5312a5e2b4204d46f33b6f227a7fec6bb36c3ea712f1d99c05c999c2","sha512":"6d58e694e979aa0eb1d3ba73601e605e5250c9cb0525344ceadc2697a9083842bb6f039c0ebf0ae2ad0a240bdff7b544ed54cf0384441f38343f26d2dcd055cc","ssdeep":"768:mRsX31+SgjZNS5OJ33AHqAQ5D8pbuVodiR5rlYV9lyY5MypA1N6+EKq:mqX3qgHqAQ5DEuV7Rmob9En","tlshash":"5b233a4bb316a701d98a09348db6e3b2d775f431af16430fa1896ea9f8df1c60d5138a","first_seen":"2023-05-08T01:42:23Z","last_seen":"2026-05-09T07:58:42.87428Z","times_seen":143,"resource_available":false,"data":null}},"time_used":584,"timings":{"blocked":141,"dns":1,"connect":22,"send":0,"wait":299,"receive":2,"ssl":112},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/kgxfws0x3k6u/favicon.ico","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:18.083Z","timestamp":1735098378083,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /kgxfws0x3k6u/favicon.ico HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:18 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nexpires: Tue, 24 Dec 2024 03:46:18 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=43200\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 25 Dec 2024 03:46:18 GMT\r\npriority: u=6,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=Z%2Bj99jg3gWYXQ3dOInKGsOT5xxB8BpsovibNUYUh53%2FChlCHI%2F4N63Y1rR93mLMzYlKWT49tv5H66%2BNTq5otwRZmDNAjBdg2QLEX7Iy6eJXU5t1tTfszYCF0I7rpPQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8f75d7defd2856be-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=4776\u0026min_rtt=1423\u0026rtt_var=3950\u0026sent=222\u0026recv=34\u0026lost=0\u0026retrans=0\u0026sent_bytes=219931\u0026recv_bytes=11288\u0026delivery_rate=1159\u0026cwnd=80700\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=1546\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3184,"size_decoded":7547,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"e7dcfb42b97ce318a622ffcb16c9597a","sha1":"cf1b98e18d10b3fb4c14172be66dc91857b7a853","sha256":"6e66496a159b44b5d5f4c457f989c6609df1dde5199dbd57e55a221f3ca51d71","sha512":"f03765675315ba78efb144d2aa5bc356be7c35d57b80a48ff9d5d01b1cf9f3326d472017e7b2479c6fd6fa2c2396a4fb8021d318bdebee4d148d07a21d42df4f","ssdeep":"48:DP58Gtp/ADw2X7c711P8Zr5i45zbJRjk3+St4Dme5r76G6ANA6YTc1P1ADP+gWem:1oDkw5PJRjI+S2me5rX6oE/AgCwY2Yz","tlshash":"2ff153732cf07016116265da79b6f21eae82504fe9459e09b4fd839a6fc6fc58c036ac","first_seen":"2024-10-27T13:44:43.88041Z","last_seen":"2025-05-15T17:42:19.09203Z","times_seen":32,"resource_available":false,"data":null}},"time_used":242,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":242,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml","fqdn":"aus5.mozilla.org","domain":"mozilla.org","tld":"org"},"ip":{"addr":"35.244.181.201","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-12-25T03:46:35.761606689Z","timestamp":1735098395761,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1\r\nHost: aus5.mozilla.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nPragma: no-cache\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Dec 2024 03:46:35 GMT\r\ncontent-type: text/xml; charset=utf-8\r\nvary: Accept-Encoding\r\nrule-id: unknown\r\nrule-data-version: unknown\r\ncontent-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/202402/aus.content-signature.mozilla.org-2025-02-11-12-01-55.chain; p384ecdsa=JLuMafLR35pb5mQB39s724LYw1dOKBrkWQ8b-VU4DPkRms2toj6ESgz_TSBoZm2Q4K3LpG-t8OWQbDWevx8SigZYgFXHwV39QBmvgsMVrbiqWLdQda4Mulgle5v_ONwU\r\nstrict-transport-security: max-age=31536000;\r\nx-content-type-options: nosniff\r\ncontent-security-policy: default-src 'none'; frame-ancestors 'none'\r\nx-proxy-cache-status: EXPIRED\r\ncontent-encoding: gzip\r\nvia: 1.1 google\r\ncache-control: public,max-age=90\r\nalt-svc: clear\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5763,"size_decoded":5763,"mime_type":"application/x-gzip","magic":"gzip compressed data, max speed, from Unix","md5":"f0604858d9eba7ec7421bedf039573d9","sha1":"5522cba480ea9023a301380f506567f32375e25d","sha256":"d82e8e09e53f2c2094d77eea2dae03268cd03e029961ffdb09544a101b81edb5","sha512":"e19f7fdede09d2cd151317ce0526506984ef415a29dc3e35b5f9e302fec4db34354dbb835d4a98a8a71e0788816cd90010fcc2dde69ef87c2a666e503cc90037","ssdeep":"96:4u+NgKxJcH7XpQO0AAzcYQPyZSGcFSHPpK+9XcdJgGPSHXq0CkcDeZoUno1N:49VJczpmA8cty3coHhK+9XcdRPSHXFC1","tlshash":"67c13bafef413ce62527e0d5d6b9874eca04e9bfeaa7049a11147c25c244b0274ef4ac","first_seen":"2024-12-23T14:30:56.509013Z","last_seen":"2025-01-12T14:51:03.425444Z","times_seen":1074,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/ds1/css/hsn_style.min.css?v=111","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.254Z","timestamp":1735098377254,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /ds1/css/hsn_style.min.css?v=111 HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: text/css\r\ncontent-length: 9842\r\nlast-modified: Fri, 03 Feb 2023 10:28:32 GMT\r\netag: \"cf7c-5f3c924ac5e85-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 5949\r\naccept-ranges: bytes\r\npriority: u=2,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=umkqe32Bax%2FmxfzVSaIewEam%2F3GsCXOU6PPjsW%2BJQh16iAYMfMBZHZuq3K11zME6gqPCBzdhB12eShKRDmZrMif6bQ%2FZHbmpfw6eHFxoJ%2FMXcqdqvLr7jvHu8%2FZZyQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8f75d7d98b1756be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=4347\u0026min_rtt=1492\u0026rtt_var=1967\u0026sent=45\u0026recv=12\u0026lost=0\u0026retrans=0\u0026sent_bytes=40151\u0026recv_bytes=2938\u0026delivery_rate=27988\u0026cwnd=24000\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=447\u0026x=1\", cfExtPri, cfHdrFlush;dur=4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":53116,"size_decoded":53116,"mime_type":"text/css","magic":"ASCII text, with very long lines (53116), with no line terminators","md5":"3e29ba9208e37480f7177ba73733fcbb","sha1":"6d12808922d6084f0ad43c971da4625001f5f91f","sha256":"248094c268fe6953056be3891a91cb54ac3f5a3364514c6406e36c24f63fdc07","sha512":"375b65961500c1122a42bf54678e4f78ec860ee95cf3516996bd32a89bf7222b821371130f46a10ce5ea15cbe09b578cbd38dc4f73232b08c6ae9fe84d9afcf2","ssdeep":"768:2Q8Q1mv2c6YZHGrDDbUsI8abF/xz0QYgt3EdNesHrft0MrKb7N:fd42DYZHQDS17EdNf0dnN","tlshash":"cf339612e6a07019b437d1b5b1d2698a35344413a2274fb6f13b79b5cb920ab27f7b0f","first_seen":"2023-04-09T17:46:05Z","last_seen":"2025-10-18T01:55:21.342764Z","times_seen":98,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/images/ZmWjKgV.jpg","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.654Z","timestamp":1735098377654,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /images/ZmWjKgV.jpg HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlast-modified: Wed, 28 Oct 2020 10:37:59 GMT\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 5\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=vXuPHJDUj%2BOB3G5ic%2F2CQHlGqHOxrpRAEQVt4keIjlYGmQTtez3B%2FZSAG8Ak8t%2B%2B3X6ATcStKZZOGBig5N0l8OJEzzyiHAIyF%2FnQMdhPsrY%2B4kLAKQNTI1oY6r%2BGTg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8f75d7dc4c4256be-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=6061\u0026min_rtt=1423\u0026rtt_var=4618\u0026sent=216\u0026recv=29\u0026lost=0\u0026retrans=0\u0026sent_bytes=216836\u0026recv_bytes=10525\u0026delivery_rate=4947173\u0026cwnd=80700\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=888\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1058,"size_decoded":1058,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (1086), with no line terminators","md5":"555d11d15d6c98682c92861a269f8a23","sha1":"f7e3a528dfc01eb9b890c84291be929697d92eb5","sha256":"d1ed016f7004e1c73d596c4cc25a9563af6d2af48b4e90878b12dd1576248b46","sha512":"96ca65ca88d47e230a480fa2fa205ce10531912a6c377230df38a0cdbf0974bcbaa78d0e4ce8f9228b9f5f0153f598d54e2657a6d1aa9330f61b9721d9eb0610","ssdeep":"","tlshash":"24114ab91d43ccdb3f0315a5126fe43852740f2e98488bccb2908b7d6c8931860ecaec","first_seen":"2023-04-09T17:46:05Z","last_seen":"2025-03-21T17:07:54.268831Z","times_seen":57,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/images//Yz5TgHJ.jpg","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.658Z","timestamp":1735098377658,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /images//Yz5TgHJ.jpg HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlast-modified: Wed, 28 Oct 2020 10:37:59 GMT\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 5\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=IVTzo9QK1pkLj944kpJSg0jRVubvcKHEglzK7OweqyjUokyMUdW%2F2ClT5CdCkJcbJRrjBj90vnlCMdvNu8WebroEzisYI1RfTRXJ8lUGHDIKPwNIzxFTGfM0VxJHNg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8f75d7dc5c4456be-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=6061\u0026min_rtt=1423\u0026rtt_var=4618\u0026sent=217\u0026recv=29\u0026lost=0\u0026retrans=0\u0026sent_bytes=217847\u0026recv_bytes=10525\u0026delivery_rate=4947173\u0026cwnd=80700\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=889\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1058,"size_decoded":1058,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (1086), with no line terminators","md5":"555d11d15d6c98682c92861a269f8a23","sha1":"f7e3a528dfc01eb9b890c84291be929697d92eb5","sha256":"d1ed016f7004e1c73d596c4cc25a9563af6d2af48b4e90878b12dd1576248b46","sha512":"96ca65ca88d47e230a480fa2fa205ce10531912a6c377230df38a0cdbf0974bcbaa78d0e4ce8f9228b9f5f0153f598d54e2657a6d1aa9330f61b9721d9eb0610","ssdeep":"","tlshash":"24114ab91d43ccdb3f0315a5126fe43852740f2e98488bccb2908b7d6c8931860ecaec","first_seen":"2023-04-09T17:46:05Z","last_seen":"2025-03-21T17:07:54.268831Z","times_seen":57,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700,900","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.262Z","timestamp":1735098377262,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Dec 2024 08:36:58 GMT","end":"Mon, 24 Feb 2025 08:36:57 GMT"},"fingerprint":{"sha1":"30:E5:7E:29:A5:A1:81:DB:C8:A8:49:80:67:40:12:AB:30:C0:34:8D","sha256":"7D:F5:AB:9A:97:34:D8:88:D9:F0:60:60:A2:9D:D1:4F:BF:36:29:43:AA:5D:4E:48:B3:17:0C:A5:B7:05:FF:BF"}}},"request":{"raw":"GET /css?family=Source+Sans+Pro:200,300,400,600,700,900 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 25 Dec 2024 03:46:17 GMT\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14630,"size_decoded":14630,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"842d185f6432a97f5d2f0c8cb4197282","sha1":"c8930bd6928cb5e5f0613b7e56b6e41a5a5d474b","sha256":"6a20bc1c4473f7e85bd5ecbfb3acdf04d08a454a979546e2e764f6a566b4dacd","sha512":"0536a268672a1dd50d8edc82dfd35f681d87740dd6855896f4405c1758a2a22943dab194c772ff4421f07cb6cdddf6980fa6138b42e3b4501c1cd5dbd5813e79","ssdeep":"192:i9yXOM3LVOEwa1RoH3gthvCj0lQB3JGGCo4Gst53vYfgRq5d833EBRLhEjJgN3K3:iyHI3zctK0JM6","tlshash":"cf62def2511ae40897a31cc623de3e7a9d8f60117185c16adffd5858eca6c3a43b4b2d","first_seen":"2024-10-27T13:44:43.883736Z","last_seen":"2025-09-01T23:41:40.923757Z","times_seen":131,"resource_available":false,"data":null}},"time_used":582,"timings":{"blocked":259,"dns":1,"connect":31,"send":0,"wait":23,"receive":0,"ssl":259},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/images//Yz5TgHJ.jpg","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.306Z","timestamp":1735098377306,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /images//Yz5TgHJ.jpg HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlast-modified: Wed, 28 Oct 2020 10:37:59 GMT\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 5\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=ENX3gejWhxsEBNGaTU6XTvYgnZ3upObhYBVq2EFAcmGJLLZAGVdZmRt5TW4BKtkSkyvBk5BiDjW0wTchJwLFkw1aVq2Aa6HRgusE0jRrBSHR%2F0O1gUB7Pgn7KNKgUg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8f75d7d9db4456be-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=5381\u0026min_rtt=1423\u0026rtt_var=4414\u0026sent=133\u0026recv=24\u0026lost=0\u0026retrans=0\u0026sent_bytes=128849\u0026recv_bytes=9766\u0026delivery_rate=2529816\u0026cwnd=59700\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=495\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1058,"size_decoded":1058,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (1086), with no line terminators","md5":"555d11d15d6c98682c92861a269f8a23","sha1":"f7e3a528dfc01eb9b890c84291be929697d92eb5","sha256":"d1ed016f7004e1c73d596c4cc25a9563af6d2af48b4e90878b12dd1576248b46","sha512":"96ca65ca88d47e230a480fa2fa205ce10531912a6c377230df38a0cdbf0974bcbaa78d0e4ce8f9228b9f5f0153f598d54e2657a6d1aa9330f61b9721d9eb0610","ssdeep":"","tlshash":"24114ab91d43ccdb3f0315a5126fe43852740f2e98488bccb2908b7d6c8931860ecaec","first_seen":"2023-04-09T17:46:05Z","last_seen":"2025-03-21T17:07:54.268831Z","times_seen":57,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filesfly.cc/images/ZmWjKgV.jpg","fqdn":"filesfly.cc","domain":"filesfly.cc","tld":"cc"},"ip":{"addr":"172.67.183.231","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filesfly.cc/kgxfws0x3k6u/1783748.zip","date":"2024-12-25T03:46:17.303Z","timestamp":1735098377303,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filesfly.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Nov 2024 09:48:46 GMT","end":"Mon, 10 Feb 2025 09:48:45 GMT"},"fingerprint":{"sha1":"89:4A:25:AF:25:ED:EC:6D:F8:81:67:C4:F9:79:6E:32:FD:41:F9:D7","sha256":"D4:31:7C:EB:4A:B4:32:13:4E:94:02:52:1B:E5:4D:66:80:18:36:B7:A9:13:8C:C5:C7:DE:54:C2:66:8F:78:F7"}}},"request":{"raw":"GET /images/ZmWjKgV.jpg HTTP/1.1\r\nHost: filesfly.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filesfly.cc/kgxfws0x3k6u/1783748.zip\r\nCookie: lang=english; aff=83158\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Wed, 25 Dec 2024 03:46:17 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlast-modified: Wed, 28 Oct 2020 10:37:59 GMT\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 5\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=QvOB%2FrDXpBfAcvy%2FW6Clsnrjljy%2FVRdBwdloGSoww0vCuFkg6q%2FIxKrzmHyeAR4jVgC20wWGlaSlgoH3DOo5Jdl6TEWBqLechmZJDM2bkkIVMovliODKeSz0DBBeqQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8f75d7d9db4056be-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=5381\u0026min_rtt=1423\u0026rtt_var=4414\u0026sent=133\u0026recv=24\u0026lost=0\u0026retrans=0\u0026sent_bytes=128849\u0026recv_bytes=9766\u0026delivery_rate=2529816\u0026cwnd=59700\u0026unsent_bytes=0\u0026cid=f70227532b45c0c0\u0026ts=495\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1058,"size_decoded":1058,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (1086), with no line terminators","md5":"555d11d15d6c98682c92861a269f8a23","sha1":"f7e3a528dfc01eb9b890c84291be929697d92eb5","sha256":"d1ed016f7004e1c73d596c4cc25a9563af6d2af48b4e90878b12dd1576248b46","sha512":"96ca65ca88d47e230a480fa2fa205ce10531912a6c377230df38a0cdbf0974bcbaa78d0e4ce8f9228b9f5f0153f598d54e2657a6d1aa9330f61b9721d9eb0610","ssdeep":"","tlshash":"24114ab91d43ccdb3f0315a5126fe43852740f2e98488bccb2908b7d6c8931860ecaec","first_seen":"2023-04-09T17:46:05Z","last_seen":"2025-03-21T17:07:54.268831Z","times_seen":57,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-24","alert":"Sinkholed","trigger":"filesfly.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}