| filesfly.cc/ds1/js/jquery-1.9.1.min.js | 188.114.97.1 | 200 OK | 33 kB |
URL GET HTTP/3filesfly.cc/ds1/js/jquery-1.9.1.min.js IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeJavaScript source, ASCII text, with very long lines (32089) Hash397754ba49e9e0cf4e7c190da78dda05 ae49e56999d82802727455f0ba83b63acd90a22b c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ds1/js/jquery-1.9.1.min.js HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:58 GMT
content-type: application/javascript
content-length: 32729
last-modified: Fri, 03 Feb 2023 10:28:37 GMT
etag: "169d5-5f3c924eed274-gzip"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 3974
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A3rerHqC%2FVyfz8vLou7NM1v%2BwlZz28%2FPFlvB6%2Fogf%2B%2F9v9qpyEBwueLWgJ33V%2FQUKA1uZy4SW%2FJLAYHncLdZdksOAvggRHJ8kN%2BYoxm1qPNvq51sGH%2FaflH8Lg5UXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881864952c54b4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/ds1/css/bootstrap.min.css?v=12 | 188.114.97.1 | 200 OK | 20 kB |
URL GET HTTP/3filesfly.cc/ds1/css/bootstrap.min.css?v=12 IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeASCII text, with very long lines (65367), with CRLF line terminators Hashaf38cc1f2c4694f23f716a7acbdae761 e24059cbfac6277b602872644e0f1c00f5bfd38a 5a4ffbbe02a84f7d6281485f1391881b2ebdea342789b3de948e67bba817eba2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ds1/css/bootstrap.min.css?v=12 HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:58 GMT
content-type: text/css
content-length: 19597
last-modified: Tue, 21 Mar 2023 00:33:22 GMT
etag: "1d9ec-5f75e30e302ea-gzip"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 4573
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F2XTvsnd47M%2BH%2F3SJQvGwt4lqhLRbq5p9nEFaLP5eInOT5sqCxA3BQWY6CpwKzODpqgHZ26ZifsFK0lc5u1E%2F7hFkFwgj0%2FGPzOmgC8XZkZAa8jzPCpkApoK3h5oKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881864952c59b4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/ds1/css/ie10-viewport-bug-workaround.css | 188.114.97.1 | 200 OK | 285 B |
URL GET HTTP/3filesfly.cc/ds1/css/ie10-viewport-bug-workaround.css IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeASCII text, with CRLF line terminators Hash3b9060cf62bfb4ddc5cf5e1e5204a579 bb8c9bd6dc1947ebc51c510ba729b8f48cd5d2aa 5c83d64fd31a699a81efd8430a7100f1aeb83024f88b252273c9f5de31309e13
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ds1/css/ie10-viewport-bug-workaround.css HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:58 GMT
content-type: text/css
content-length: 285
last-modified: Fri, 03 Feb 2023 10:28:33 GMT
etag: "1be-5f3c924b2425a-gzip"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 4573
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5r1sTkOMYyxpRSsSoc1WYiB6n5xmCJoqBrO7Ec71GIv4imR8AS0IstCctvqqLFjwFwGQwjUS2Ft1q6OxcIfvPtJX8x4qp%2B%2B5rmTW1YJ1YHDmR9v8JHuqqaMMM1p4YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881864952c5ab4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/ds1/css/hsn_style.min.css?v=111 | 188.114.97.1 | 200 OK | 9.8 kB |
URL GET HTTP/3filesfly.cc/ds1/css/hsn_style.min.css?v=111 IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeASCII text, with very long lines (53116), with no line terminators Hash3e29ba9208e37480f7177ba73733fcbb 6d12808922d6084f0ad43c971da4625001f5f91f 248094c268fe6953056be3891a91cb54ac3f5a3364514c6406e36c24f63fdc07
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ds1/css/hsn_style.min.css?v=111 HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:58 GMT
content-type: text/css
content-length: 9842
last-modified: Fri, 03 Feb 2023 10:28:32 GMT
etag: "cf7c-5f3c924ac5e85-gzip"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 4573
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MzY8vS8q6ayPdJw0ZXm9pQhsUkPxQIOUv4HHO7pYifs8fIkTyTF0v1NgblqpwCapS%2FPnkA0TOp4Jn1elcfQJypek0tgX41SOuMCX7UiuHBPAoMYU6N6OQ9Fx%2FBvg6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881864952c64b4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/ds1/js/jquery.paging.js | 188.114.97.1 | 200 OK | 4.3 kB |
URL GET HTTP/3filesfly.cc/ds1/js/jquery.paging.js IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeJavaScript source, ASCII text Hashd7a2c1c7af2a004a6d68e1e55b1cfb46 7fd6daa7076c30381880519ad06ef5639b19ee28 c8ecfe747c979fbd87624913200a9237343679923b495885bced089b80fc84f6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ds1/js/jquery.paging.js HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:58 GMT
content-type: application/javascript
content-length: 4311
last-modified: Fri, 03 Feb 2023 10:28:38 GMT
etag: "4ba5-5f3c9250056e2-gzip"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 439
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5M%2B1OLzWDS8Y7yJ9a%2B12QjMoc%2BI%2F5AqTiHW9fvMmh35dGXXtywf30vBSFcwjDOuEffid%2FoFacY0iQJz6Caqd4Zfq5yg3xTOWjbm11Ee9ZLVTSH0Z3p9U%2BRjeP1JLCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881864952c70b4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/ds1/js/jquery.cookie.js | 188.114.97.1 | 200 OK | 802 B |
URL GET HTTP/3filesfly.cc/ds1/js/jquery.cookie.js IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeJavaScript source, ASCII text, with very long lines (1801), with no line terminators Hash87ec184596af8855bb7cca6554af2c1f 15f1ef7fcb2df1ca1e4674a56f0a13bb088343b6 64a7a0e3612b87d5088ceb8daf269c7cd96acfd33b2c380ebaaa43fe3d69553a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ds1/js/jquery.cookie.js HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:58 GMT
content-type: application/javascript
content-length: 802
last-modified: Fri, 03 Feb 2023 10:28:37 GMT
etag: "709-5f3c924f7b7d3-gzip"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 439
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MbkTcw0jRrYhd3KEgQ%2BecJdM2Gp%2B2tzuOgIVvu3%2FczZZX1vLt6ntPtjwAMOptprWlfEsxPMvOuJIwo11APyST9JJl6mb6%2BAkVophWlNsF3qPvsf%2B2fgj%2FlxmeI%2BGWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881864952c72b4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/ds1/js/paging.js?0 | 188.114.97.1 | 200 OK | 646 B |
URL GET HTTP/3filesfly.cc/ds1/js/paging.js?0 IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeHTML document, ASCII text Hash114fe6dcd2944b3177a6379943ea185e 4b27b2d70966a74f56ec3337f5e28106612dc696 3ae7654118ffbd2ae15e631ce033658bac67f13f8cb2d324785c811907802e62
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ds1/js/paging.js?0 HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:58 GMT
content-type: application/javascript
content-length: 646
last-modified: Thu, 13 Apr 2023 14:38:40 GMT
etag: "755-5f938ae453434-gzip"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 4574
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DJWDaMyzGYtrWN4MSrIOeex%2BvRq5UWcjSVJIaXu9kkx61k9Ne2uoei4Ny3%2FapcOdFpSyAeem5hAmYz0PwQ9jNcHWYRVEB6xLn7mB6khcYL4HpNBxfSiv3PDamKpwKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881864952c73b4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/ds1/js/bootstrap-confirm.js | 188.114.97.1 | 200 OK | 1.1 kB |
URL GET HTTP/3filesfly.cc/ds1/js/bootstrap-confirm.js IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hash13e84d62c5ce28fec7dd109f4239faed a359b9ea089025e48dc4d37f1109adc24b880f4a 1aa447152804b042de3b66ecb4d77a851f8ec762a2501bfbdde2204efe06babc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ds1/js/bootstrap-confirm.js HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:58 GMT
content-type: application/javascript
content-length: 1126
last-modified: Fri, 03 Feb 2023 10:28:36 GMT
etag: "c8d-5f3c924dd78fe-gzip"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 5704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y3W4RZS9hmkD0ryBdu5BIiPx1HpmweQqlqFi8lFGZCX2kbZijI1PlaeK3%2B73O4g%2FE4aCovWmvYS6L5dwWtCQ%2FK%2BZxTEC3Dfi42lMCLZKOHimKvFexURoegRvj1WiSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881864953c97b4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/ds1/img/logo.png | 188.114.97.1 | 200 OK | 6.4 kB |
URL GET HTTP/3filesfly.cc/ds1/img/logo.png IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 193 x 115, 8-bit/color RGBA, non-interlaced Hash5274be685e8eecdc1f8484d7d58eea01 5adb0e29d2943316d45a40e9fbc84d0bad573778 def08eed715e3838f3cb65616fb4435ccfb4d041fab854f64714f941faf07fd1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ds1/img/logo.png HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:58 GMT
content-type: image/png
content-length: 6431
last-modified: Fri, 03 Mar 2023 10:46:07 GMT
etag: "191f-5f5fca7187c26"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 4573
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ivoP1xxwLmfIFv%2BWW2WTb9tzJ4t9c3C9FJtfuXF8IE%2FH2aQ72M2mGF5jpSApTi2ZCXD0UYNuFONmx%2F8Ng%2Fipsi4ybRHXlgIW6ee3KSKv5ThIenSjwTz96Qu44%2Bo0eA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881864953c92b4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/ds1/js/dialogs.js | 188.114.97.1 | 200 OK | 640 B |
URL GET HTTP/3filesfly.cc/ds1/js/dialogs.js IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
Hash8f19d2b941fc4a8614a7a6f233e49a29 7980862eb90fb9e0c2b02ac70ebdfc9dc0db005a 1975797185c3c769419f07fbe680ac651209b7b3de90bf686f2da0409cc123c2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ds1/js/dialogs.js HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:58 GMT
content-type: application/javascript
content-length: 640
last-modified: Fri, 03 Feb 2023 10:28:36 GMT
etag: "74d-5f3c924e8f287-gzip"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 2436
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g8Mn16USEDKEQ%2Fm9CuyvU0ynOEtWZ6dLT8x%2FUBWXTYWkZ4ot5WTEqwa85wMl3QyMiJW3rQCF9SJiWgmG3J%2FM6ByjySGJYNHcd7ejNQkZ9B%2FS91mnHniU0Ox%2FlIduAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881864953c9ab4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images/paysys/btceth.png | 188.114.97.1 | 200 OK | 4.4 kB |
URL GET HTTP/3filesfly.cc/images/paysys/btceth.png IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 160 x 40, 8-bit/color RGBA, non-interlaced Hash32e8ab42c5f8cf7eb629476f6db5404e 354b4f27cfd747412a60eb0fdb2c8f3f5cce02b2 3ea8357f0810fab9a229a1d572f6a6081eea4a61eb1e08c57897221dff4e144e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/paysys/btceth.png HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:58 GMT
content-type: image/png
content-length: 4443
last-modified: Tue, 23 Jan 2024 18:40:05 GMT
etag: "115b-60fa146601abc"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 5704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sQu%2BOL3nQDHtP5mtpWoLanT1qXpHFDZhLKB3aOUctWgsWYes5mSIqqJSqsNt7HnMAwUzyvo02OhAzkA2SF%2BhVP%2BK118WZZ4mnGzIkWffd2fk1p6uFmeh0G41jZQQtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881864954c9eb4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images/Cwqq1f2.png | 188.114.97.1 | 200 OK | 5.7 kB |
URL GET HTTP/3filesfly.cc/images/Cwqq1f2.png IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 180 x 55, 8-bit/color RGBA, non-interlaced Hash21b9b91f161e1af0bd7be06236f0341f 3a3af54e2fb9c1315ab76ddf83d9b6bdca6000d2 320c1d8f714c859828310704b06693bec127bdcf188409bb1847b13b013dcc49
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/Cwqq1f2.png HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:58 GMT
content-type: image/png
content-length: 5721
last-modified: Tue, 23 Jan 2024 18:42:18 GMT
etag: "1659-60fa14e54d3ca"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 4494
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j3iokpn9LA4qqg%2FQOCY7ttPSw5zx7ziateIwitMz%2BHUQSlRaF1wZtgPdbCvklYfvZmjt2cr0y0AFtfhifpveiK4WHyECoFxC81meFSV9npuP6t34noTda1lIirFlLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881864954ca7b4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images/paypal.png | 188.114.97.1 | 200 OK | 4.5 kB |
URL GET HTTP/3filesfly.cc/images/paypal.png IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 160 x 46, 8-bit/color RGBA, non-interlaced Hashfcef3a0a534d973a12ef0b8042f7394c d30d46d9e2d6e423f60507a10bb284669cb7d969 00f35282e245eb922201ac01bae96e5071dade46249855e777481d7f564e609d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/paypal.png HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:58 GMT
content-type: image/png
content-length: 4521
last-modified: Tue, 23 Jan 2024 18:43:00 GMT
etag: "11a9-60fa150d31475"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 5704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sUHvjhJdwt0sxbxPTaPJvRhO%2BkaUqo5q1Ed3MOXep2tnVDdF3S%2BsIM5orc8J7bWuvKTvfetD1tRjH2qVWDSpC9n4HMOPD1a0xqiVhepqp3W%2FJjorYVrYCuY853NSxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881864954ca5b4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images/PtnIEWP.png | 188.114.97.1 | 200 OK | 8.2 kB |
URL GET HTTP/3filesfly.cc/images/PtnIEWP.png IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 180 x 52, 8-bit/color RGBA, non-interlaced Hash04e59a886e24f049e1149efbde47b0b6 0f1cb50c40c35c3b6f6184a94c3dc4fb427d91d4 14e9e94f9bcc8f15c92d86a98c712c2daf9d3e28ddc96255ac320dccf0f43dee
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/PtnIEWP.png HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:58 GMT
content-type: image/png
content-length: 8165
last-modified: Wed, 24 Jan 2024 07:42:47 GMT
etag: "1fe5-60fac3586c9ac"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 5704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QYuyS3koPfDGJTppK40hz3aC1amcJSx5i%2FjH0ayn%2FEue1ytlyVDJTqyqWvWN1brvzrU9eME2gl7nt2qdAA12BYXN7PDbzoywCFG5lfXio2pZYt2f3VQBLj3p1kVY1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881864954ca2b4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images/QPVrOwJ.png | 188.114.97.1 | 200 OK | 5.1 kB |
URL GET HTTP/3filesfly.cc/images/QPVrOwJ.png IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 142 x 33, 8-bit/color RGBA, non-interlaced Hash655526ec81e5600914e901c33c701e9e 60c5db710069dbde9768345cc364e3ee678a7976 297f8e61f60350d74edd29a3000c5ffe64405a54136295fa8d072dd9b8a70f86
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/QPVrOwJ.png HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:58 GMT
content-type: image/png
content-length: 5050
last-modified: Tue, 23 Jan 2024 19:01:13 GMT
etag: "13ba-60fa191fcf99f"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 5704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nvdj7bnXcprrQZMERhI%2BXKJnZ%2FVluGU5E%2BaxWldl%2F%2FYtvkji6XfEc0TWqubRn%2FJPgNN2%2Fqt%2BBZOf45R6IammmzMkPixF4oeaqfhFxJ5nMnrOr7P%2ByqcXDSDfK7f0sg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881864955cc0b4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images//Cwqq1f2.png | 188.114.97.1 | 200 OK | 5.7 kB |
URL GET HTTP/3filesfly.cc/images//Cwqq1f2.png IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 180 x 55, 8-bit/color RGBA, non-interlaced Hash21b9b91f161e1af0bd7be06236f0341f 3a3af54e2fb9c1315ab76ddf83d9b6bdca6000d2 320c1d8f714c859828310704b06693bec127bdcf188409bb1847b13b013dcc49
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//Cwqq1f2.png HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:58 GMT
content-type: image/png
content-length: 5721
last-modified: Tue, 23 Jan 2024 18:42:18 GMT
etag: "1659-60fa14e54d3ca"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 4494
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JifyGnidZlxzaIPmbcfmFSuoGmsEPX4wnLV%2B4SLYtsKkxZu5pJ5dQ3FdDXG7R9VPKv2NUs6YXs9TJlbrV6HExLDPO6y2%2FSTjO0qWS9z6ozQXVoT%2BQKkuW8YYvBV6WQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881864955cbcb4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images/UKyU65F.png | 188.114.97.1 | 200 OK | 5.6 kB |
URL GET HTTP/3filesfly.cc/images/UKyU65F.png IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 181 x 48, 8-bit/color RGBA, non-interlaced Hash0e03511430d4287132a7cefa7cc467b4 665e045866078804dc499407b2c30d2be845c9f0 951dd7777b38a624a4651af640bef783e939215f5a3e89b14972609bc2f460ef
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/UKyU65F.png HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:58 GMT
content-type: image/png
content-length: 5554
last-modified: Tue, 23 Jan 2024 19:02:05 GMT
etag: "15b2-60fa1951ab6ed"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 5704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lhdaD8iZsh8QLfcfsj2%2FSBIoEb97wkwRO5uf9hJkFKO7V5p7EbC9GNEGd8E0Ory08Di7W%2FzJCevRQiOyqUQ9krRNq66plT68fPSrkXqacqhoYY2h3oCVw2OaR%2B06mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881864955cc3b4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images/l8Y1Evx.png | 188.114.97.1 | 200 OK | 6.6 kB |
URL GET HTTP/3filesfly.cc/images/l8Y1Evx.png IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 182 x 45, 8-bit/color RGBA, non-interlaced Hashe3d58d6cf5f1c0f018b798cb8c014b1b 0612b7c41c4b1586d4dbc5c0f55f91f97e8ed629 a295f987053691badde3930d0d1abed6319e38fd0b02056801cfe979c6db3160
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/l8Y1Evx.png HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:58 GMT
content-type: image/png
content-length: 6555
last-modified: Tue, 23 Jan 2024 19:01:37 GMT
etag: "199b-60fa1936cd6ac"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 5704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oVXY3r6eZfXGl05whfiuog%2Bhdh5eiAK0NUDAellZzngjpvSlzxolvlzgTwylqShhkLQdnFvQ42VeB8hzn%2FWjglUaXFacIf3DCuP6sJbsXMWNrLxG3odCzRSLbP40kg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881864957cf5b4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images/cmRccbz.png | 188.114.97.1 | 200 OK | 2.9 kB |
URL GET HTTP/3filesfly.cc/images/cmRccbz.png IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 170 x 30, 8-bit/color RGBA, non-interlaced Hashd950b67aeece85936307a7d927f38f85 8cdb4be5f991f7adf9e794dfbd7078145598e057 3b51408bdbc9803485ea3dc1567dae9967c341e5ee3fe1d93f670f1083955891
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/cmRccbz.png HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:58 GMT
content-type: image/png
content-length: 2879
last-modified: Tue, 23 Jan 2024 18:42:00 GMT
etag: "b3f-60fa14d3ddcd5"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 2452
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mj0Gyed%2BP2zJg7JfoVOG5MCjraIF37zB8xExBJWa%2Bw85%2F8K7%2BL5rdaHKYdMBmr2yN%2BILcuYH9nd3JBtrnKfjkWKOAa8NRvs5YqpouJoWqZE%2Fr80kIHdwVZvqYKZ3VA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881864957cf2b4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images//PtnIEWP.png | 188.114.97.1 | 200 OK | 8.2 kB |
URL GET HTTP/3filesfly.cc/images//PtnIEWP.png IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 180 x 52, 8-bit/color RGBA, non-interlaced Hash04e59a886e24f049e1149efbde47b0b6 0f1cb50c40c35c3b6f6184a94c3dc4fb427d91d4 14e9e94f9bcc8f15c92d86a98c712c2daf9d3e28ddc96255ac320dccf0f43dee
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//PtnIEWP.png HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:58 GMT
content-type: image/png
content-length: 8165
last-modified: Wed, 24 Jan 2024 07:42:47 GMT
etag: "1fe5-60fac3586c9ac"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 5704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pkih%2BXwb74KtaEVlF%2FfVb590tr9hDeWJQOZXLipkXpuDR2YIBEtFanm3GywYJ5whvHhhbqPwlODK37ny3dl2zpyuanSfhMa8ZvE2rh1mjHLyvQa%2F1ugPblqdSxt9sA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881864957cf7b4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images//UKyU65F.png | 188.114.97.1 | 200 OK | 5.6 kB |
URL GET HTTP/3filesfly.cc/images//UKyU65F.png IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 181 x 48, 8-bit/color RGBA, non-interlaced Hash0e03511430d4287132a7cefa7cc467b4 665e045866078804dc499407b2c30d2be845c9f0 951dd7777b38a624a4651af640bef783e939215f5a3e89b14972609bc2f460ef
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//UKyU65F.png HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:58 GMT
content-type: image/png
content-length: 5554
last-modified: Tue, 23 Jan 2024 19:02:05 GMT
etag: "15b2-60fa1951ab6ed"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 5704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xckBM%2FCyiXdu%2BUdVuTuORwoaUZJtGXESKSGXmZvjxTs0IsP1Z2mRBatlHxa8NkIlzcl%2B1vaieSjEQFTbLyiBHToaowuZtBQ81sAxVDYqnn7bDjojkZ1YumE%2BFg74dA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881864957cfdb4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images//QPVrOwJ.png | 188.114.97.1 | 200 OK | 5.1 kB |
URL GET HTTP/3filesfly.cc/images//QPVrOwJ.png IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 142 x 33, 8-bit/color RGBA, non-interlaced Hash655526ec81e5600914e901c33c701e9e 60c5db710069dbde9768345cc364e3ee678a7976 297f8e61f60350d74edd29a3000c5ffe64405a54136295fa8d072dd9b8a70f86
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//QPVrOwJ.png HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:58 GMT
content-type: image/png
content-length: 5050
last-modified: Tue, 23 Jan 2024 19:01:13 GMT
etag: "13ba-60fa191fcf99f"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 5704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ScVWw%2BgVlca7U8TrMVF34JsPhL5TJYU0dTppICskg9UaTU62WY3vQlfsEtSnVGxmUb%2BWghvOlTGHG5099XJb%2Fq2G98zJwJ8HO4Ya9QuDLPo9ltdCO107eisDXE8qA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881864957cfbb4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images//cmRccbz.png | 188.114.97.1 | 200 OK | 2.9 kB |
URL GET HTTP/3filesfly.cc/images//cmRccbz.png IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 170 x 30, 8-bit/color RGBA, non-interlaced Hashd950b67aeece85936307a7d927f38f85 8cdb4be5f991f7adf9e794dfbd7078145598e057 3b51408bdbc9803485ea3dc1567dae9967c341e5ee3fe1d93f670f1083955891
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//cmRccbz.png HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:58 GMT
content-type: image/png
content-length: 2879
last-modified: Tue, 23 Jan 2024 18:42:00 GMT
etag: "b3f-60fa14d3ddcd5"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 2436
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cq5ypxC1aI45gvGqQ7bbCfAfbU5unw7MWUmTYOMi8XkDD7M%2FMixaQKTi72%2BJaWAft6IhUgqHM2c1lb0Jg%2FEiROZ0Wu4OOBRcMVCW0acmWrVvuCcmDee7rkxmXTLqAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881864957cffb4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images//l8Y1Evx.png | 188.114.97.1 | 200 OK | 6.6 kB |
URL GET HTTP/3filesfly.cc/images//l8Y1Evx.png IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 182 x 45, 8-bit/color RGBA, non-interlaced Hashe3d58d6cf5f1c0f018b798cb8c014b1b 0612b7c41c4b1586d4dbc5c0f55f91f97e8ed629 a295f987053691badde3930d0d1abed6319e38fd0b02056801cfe979c6db3160
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//l8Y1Evx.png HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:58 GMT
content-type: image/png
content-length: 6555
last-modified: Tue, 23 Jan 2024 19:01:37 GMT
etag: "199b-60fa1936cd6ac"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 5704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2czEfgb0x4WyYcAXX9%2B8UtwrQ4ng9ysg43aBkZs4Cja%2FaEM7CpJjJjki8m3AmoGMw96v45L3jGvD8vkhnqQeJw%2BdtqQfphvl8szqaQ%2BFzQA6nIIVHoOsDQgwUEJBlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881864957d00b4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/ds1/js/bootstrap.min.js | 188.114.97.1 | 200 OK | 9.8 kB |
URL GET HTTP/3filesfly.cc/ds1/js/bootstrap.min.js IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeJavaScript source, ASCII text, with very long lines (32033), with CRLF line terminators Hash04c84852e9937b142ac73c285b895b85 8fb8a9319055253d085edfc3bb72d20f614ec709 36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ds1/js/bootstrap.min.js HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:58 GMT
content-type: application/javascript
content-length: 9811
last-modified: Fri, 03 Feb 2023 10:28:36 GMT
etag: "90bb-5f3c924dedc77-gzip"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 3850
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4vhouw4%2Bw9fHHYw%2BvTv6p6Ze0c21D2gsi4QRYeGBE9NQL%2BE8Q4A6kw7wAy7Uz8ZC4ch4DwXhEE%2FtK%2BsVoMp7RarJ3CtivIjDHUq7sX4G5vxJIg1wdJ5z3AoPE%2FqK9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881864957d02b4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/ds1/js/main.js?v=3 | 188.114.97.1 | 200 OK | 338 B |
URL GET HTTP/3filesfly.cc/ds1/js/main.js?v=3 IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeJavaScript source, ASCII text Hash6215261089af2e7a51a6d8fd4c5b1c4b 13368dc1cf83c9490ec30da50880215456c1fdb9 d970b5c6138015be569be57ee8233f16aa8d06b634ab4469243d9e518ae7b973
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ds1/js/main.js?v=3 HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:58 GMT
content-type: application/javascript
content-length: 338
last-modified: Fri, 03 Feb 2023 10:28:38 GMT
etag: "334-5f3c92506001f-gzip"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 438
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8vyhXlbNbI6c9gzWEn4p%2FJZb0xS8FVJFOpNEQi6NOMQ%2BbLdSuMhuoVal3L7yohsELnmcDTA9IEabj3xI2uWthORKIp%2BK5XNXqO9XYnP7w0X3G4qTo5I%2B0%2F4v3EHUIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88186495edb3b4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/ds1/js/clipboard.min.js | 188.114.97.1 | 200 OK | 3.3 kB |
URL GET HTTP/3filesfly.cc/ds1/js/clipboard.min.js IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (10553) Hash663a6b278b0dbd648f3fe0700d3ce4f2 14561a800d543a44a5d538c82ec5f41bd6103b83 67c123eb92c5add45ce587c51234b10e51ab61fec36fa0b28180792b27f212e2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ds1/js/clipboard.min.js HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:58 GMT
content-type: application/javascript
content-length: 3281
last-modified: Fri, 03 Feb 2023 10:28:36 GMT
etag: "29a5-5f3c924e339aa-gzip"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 3850
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k8%2B6B7vWO8aNgOoWM%2Fka%2BGrQBgj9ZWGHbU6uXRaGQytYDu95uioLcwiFCaa2Sc%2FDNBO0QvD56SvyaT0823Uap5rrkRQgMxI3QPKhmcU1TyAqD5PPtKGyV7Y%2BS87Emw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88186495edb0b4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/ds1/js/feather.min.js | 188.114.97.1 | 200 OK | 17 kB |
URL GET HTTP/3filesfly.cc/ds1/js/feather.min.js IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (62085) Hash26c35da1f95aabbac8a3cc1388f86381 1587358c4cf4cb3d915349b0744903347ec476d9 34eff09d3a94fa86b4f3e5af9cf391515e8e2caa3ebb6d7fe6ed13e5778ff8e0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ds1/js/feather.min.js HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:58 GMT
content-type: application/javascript
content-length: 17300
last-modified: Fri, 03 Feb 2023 10:28:36 GMT
etag: "ff31-5f3c924ea8cb0-gzip"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 438
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IXvQfDqlvkmqKuekgGxe%2BwwN27G0gQ%2B%2BZDJG29A4lWlrNQTJN%2FiXa38av1i47aLBn4hO2dlRwHxeHKY4RsLycNdOvxZgPON7IvoJhkqsRnNc9TX2dshH4NtqTkGctg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88186495edb2b4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700,900 | 142.250.74.106 | 200 OK | 1.3 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700,900 IP142.250.74.106:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash414e98bcd2f3d68c2b9c39ea52c36c99 93dcd1a5045867108e4fb4632ff5e4b034faffe7 076a2e474e7b3a3a8ee0448b0796909618d0792961b26bd1722f0c969a3e15cc
GET /css?family=Source+Sans+Pro:200,300,400,600,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 07:59:58 GMT
date: Fri, 10 May 2024 07:59:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD-w.ttf | 216.58.207.227 | 200 OK | 24 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD-w.ttf IP216.58.207.227:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeTrueType Font data, 17 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 The Montserrat Project Authors (https://github.com/JulietaUla/Montserrat)Montserr Hash8b7179f87b4365d145bbe3033b4a3c66 a282bab2ebc8e3a0636eefa018fe1c1e709b29d0 a4b0943e5312a5e2b4204d46f33b6f227a7fec6bb36c3ea712f1d99c05c999c2
GET /s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD-w.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://filesfly.cc
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24295
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 02:21:58 GMT
expires: Sat, 10 May 2025 02:21:58 GMT
cache-control: public, max-age=31536000
age: 20280
last-modified: Tue, 23 Jul 2019 03:46:34 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459Wlhzg.ttf | 216.58.207.227 | 200 OK | 24 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459Wlhzg.ttf IP216.58.207.227:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeTrueType Font data, 17 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 The Montserrat Project Authors (https://github.com/JulietaUla/Montserrat)Montserr Hash6a9e85ac9247f5848db957b873c62e0c 1f3ed7fd6d8b0db9e94bc15a6dc56728f23d4fda 07ae7cf9c7f3bfc4bc63842bb07e5846837c0071f8d96042de9d0f4a3cc997b6
GET /s/montserrat/v14/JTUSjIg1_i6t8kCHKm459Wlhzg.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://filesfly.cc
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24251
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 17:56:29 GMT
expires: Fri, 09 May 2025 17:56:29 GMT
cache-control: public, max-age=31536000
age: 50609
last-modified: Tue, 23 Jul 2019 03:46:21 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD-w.ttf | 216.58.207.227 | 200 OK | 24 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD-w.ttf IP216.58.207.227:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeTrueType Font data, 17 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 The Montserrat Project Authors (https://github.com/JulietaUla/Montserrat)Montserr Hashacb878a397bf674d7baa32a3267e5a3c 3b0d325c652fe6508abae0aadbd04e6176dcb125 56205168d373cb37b1870db837e74e2675593b7f930d00b2ff85c83bf886b484
GET /s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD-w.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://filesfly.cc
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24405
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 13:08:39 GMT
expires: Fri, 09 May 2025 13:08:39 GMT
cache-control: public, max-age=31536000
age: 67879
last-modified: Tue, 23 Jul 2019 03:46:43 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| filesfly.cc/images//Yz5TgHJ.jpg | 188.114.97.1 | 404 Not Found | 4.6 kB |
URL GET HTTP/3filesfly.cc/images//Yz5TgHJ.jpg IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeHTML document, ASCII text Hash467578f8986c91f1d67c3045c298ba86 a57c51f8317ed8ca7a00a29a0b73050b95cd3cf6 a96a07b625bb698afcde83b16dbf9f7fc88e60d1a464ae123c9e1aff6abdbe24
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//Yz5TgHJ.jpg HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Fri, 10 May 2024 07:59:58 GMT
content-type: text/html; charset=utf-8
last-modified: Wed, 28 Oct 2020 10:37:59 GMT
cache-control: max-age=28800
cf-cache-status: HIT
age: 12
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aBfZVGaTwtLidk%2Ba8KCRseezFowWXa3boC1YWeQ%2FM8RkfSoe1bNaOnW9KfALiPAuPmKergydPYMJlQb8fy1lcMI0fqNOBcSrtIaLFFK3PLJeWiRZb3SjXur4p5%2F%2Blg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88186497c885b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/favicon.ico | 188.114.97.1 | 200 OK | 8.0 kB |
IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typePNG image data, 16 x 16, 8-bit/color RGB, non-interlaced Hash6653f0c823d3c9f175bfb90ad3b0d3cc c874100b1b77c4b5dae9790cc73d2d34b81109b5 e8cbac8e5dae96061791f3c28a87b06321f1810dad780e94e13b37fdba26dbe5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:59:58 GMT
content-type: image/vnd.microsoft.icon
last-modified: Fri, 03 Mar 2023 14:17:38 GMT
etag: W/"1f5-5f5ff9b8d41cd"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=28800
cf-cache-status: HIT
age: 6042
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w4UsNVnRUECCeJqm4CNeTU%2Be%2FqB37bD8sSnjd5UJ%2FBYD2fcq3mWZnZmr7fxj64x4Wmmv6tCpbGFrC%2Fohdu9CFJJBopGKfJgsyYg7KWBEEsaGQw4LjAtceO0qNETzVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881864994babb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images//ZmWjKgV.jpg | 188.114.97.1 | 404 Not Found | 1.1 kB |
URL GET HTTP/3filesfly.cc/images//ZmWjKgV.jpg IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeHTML document, ASCII text, with very long lines (1086), with no line terminators Hash555d11d15d6c98682c92861a269f8a23 f7e3a528dfc01eb9b890c84291be929697d92eb5 d1ed016f7004e1c73d596c4cc25a9563af6d2af48b4e90878b12dd1576248b46
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//ZmWjKgV.jpg HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 10 May 2024 07:59:58 GMT
content-type: text/html; charset=utf-8
last-modified: Wed, 28 Oct 2020 10:37:59 GMT
cache-control: max-age=28800
cf-cache-status: HIT
age: 12
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U00nLw9c%2FI7F9r5wata5fz8qoxrPY7hCkO8so6Lv9bX4g61PLnv30z9oaeViZ22Y%2FgFcuirgQFz8IsAsb9O1uhjdW%2F6JmrT%2FgBsngX4OEMYNBvoclDwLzEFzMPK%2BmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88186497d8b9b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images/ZmWjKgV.jpg | 188.114.97.1 | 404 Not Found | 1.1 kB |
URL GET HTTP/3filesfly.cc/images/ZmWjKgV.jpg IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeHTML document, ASCII text, with very long lines (1086), with no line terminators Hash555d11d15d6c98682c92861a269f8a23 f7e3a528dfc01eb9b890c84291be929697d92eb5 d1ed016f7004e1c73d596c4cc25a9563af6d2af48b4e90878b12dd1576248b46
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/ZmWjKgV.jpg HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 10 May 2024 07:59:58 GMT
content-type: text/html; charset=utf-8
last-modified: Wed, 28 Oct 2020 10:37:59 GMT
cache-control: max-age=28800
cf-cache-status: HIT
age: 12
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m0DxVRXhckh7XcLWtZFytIT%2F9fTZqYfGj1p2%2FAT24OlUJUIba4x2kEMiFoocwBYFG6kKFbvWahu%2F%2B7aFkuPyC6Yf8%2Frnv1TJG%2FYVVL9kAsCTyYOMgPLRuLzcr12IIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881864957cefb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images//ZmWjKgV.jpg | 188.114.97.1 | 404 Not Found | 1.1 kB |
URL GET HTTP/3filesfly.cc/images//ZmWjKgV.jpg IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeHTML document, ASCII text, with very long lines (1086), with no line terminators Hash555d11d15d6c98682c92861a269f8a23 f7e3a528dfc01eb9b890c84291be929697d92eb5 d1ed016f7004e1c73d596c4cc25a9563af6d2af48b4e90878b12dd1576248b46
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//ZmWjKgV.jpg HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 10 May 2024 07:59:58 GMT
content-type: text/html; charset=utf-8
last-modified: Wed, 28 Oct 2020 10:37:59 GMT
cache-control: max-age=28800
cf-cache-status: HIT
age: 12
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s0vCf7xUogEpbVufY457f9SFAft49gaQFX%2BgawMMFpCXiWkOzdFGsxJ2y12YhYA7sLJ8tG7uik0ZZFr22W%2FpaJ2OM2AWWw2Cz%2FTSFzxBYw7rDteKffXU9JzK5PNdQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881864957cfeb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| filesfly.cc/images/ZmWjKgV.jpg | 188.114.97.1 | 404 Not Found | 1.1 kB |
URL GET HTTP/3filesfly.cc/images/ZmWjKgV.jpg IP188.114.97.1:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
File typeHTML document, ASCII text, with very long lines (1086), with no line terminators Hash555d11d15d6c98682c92861a269f8a23 f7e3a528dfc01eb9b890c84291be929697d92eb5 d1ed016f7004e1c73d596c4cc25a9563af6d2af48b4e90878b12dd1576248b46
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/ZmWjKgV.jpg HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/4evvoy38cm9z
Cookie: lang=english; aff=70264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 10 May 2024 07:59:58 GMT
content-type: text/html; charset=utf-8
last-modified: Wed, 28 Oct 2020 10:37:59 GMT
cache-control: max-age=28800
cf-cache-status: HIT
age: 12
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2BN7xqBQaWkL%2BZoHc9x0aq%2Bbdo%2F%2F86RG%2B2nnUQkoaWwzO4aQJFpBVJbCgNO2Ka1G%2Bts4fPjEHR1cMD7xGlf8%2B8542PJAu1Q9VFrVrOILjhC8l7dGMQFmm7JWiIyDlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88186497b872b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 188.114.97.1 | 200 OK | 23 kB |
URL User Request GET HTTP/2IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfilesfly.cc Fingerprint13:91:DB:01:52:66:0E:B1:4A:7B:C1:22:FF:57:D3:0E:86:3C:02:41 ValidityThu, 21 Mar 2024 11:58:46 GMT - Wed, 19 Jun 2024 11:58:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /4evvoy38cm9z HTTP/1.1
Host: filesfly.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:59:57 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 09 May 2024 07:59:57 GMT
set-cookie: lang=english; domain=.filesfly.cc; path=/
aff=70264; domain=.filesfly.cc; path=/; expires=Fri, 24-May-2024 07:59:57 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qJrG9N%2BSbMLr%2FFPFgFePSdUujV4O9Zd4jLanI8PbE82haEX2AzdcJJE1dh3tiGy3zQlnehxHOVISGeR0JUf%2FHhyDvueTeZVZqAtw9nqzrpI93e7OCFcsB1mHh1fuhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881864917ffdb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/releases/v5.6.3/js/all.js | 172.67.142.245 | 200 OK | 1.1 MB |
URL GET HTTP/2use.fontawesome.com/releases/v5.6.3/js/all.js IP172.67.142.245:443
Requested byhttps://filesfly.cc/4evvoy38cm9z CertificateIssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
Size1.1 MB (1113926 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /releases/v5.6.3/js/all.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://filesfly.cc
DNT: 1
Connection: keep-alive
Referer: https://filesfly.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:59:58 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31556926
etag: W/"7b6ab1d5b8de4d3b0e2d8084ad292818"
last-modified: Fri, 22 Sep 2023 01:45:44 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 834071
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EG8IJ0PtXkLYTG3TRH9EX3Z6a%2FZPr%2Bawtr%2FXf3do%2FEftHR7raUH5xfZmnP27JvSvZjAN2S8ASATRdpQQBEUPh0EZDBoYVMmDYgdrnhvQNcBXok8U1d9SkQb%2BqhGPa2qPKhFxF3m1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881864960d751bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|