| static.depositfiles.com/js/function.js | 91.226.124.125 | 200 OK | 35 kB |
URL GET HTTP/2static.depositfiles.com/js/function.js IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeJavaScript source, ASCII text, with very long lines (4240) Hasha5779d2f560cd50376dbba372b0fd15b 07b08e35b9254288c1372e37577db8b9e4da01b4 51d26403861d61a7842bc73f518d4a4351a7027c40c9f0347f61421226950b84
GET /js/function.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=300
content-type: application/javascript
date: Wed, 17 Apr 2024 18:16:08 GMT
etag: "651c240d-8863"
expires: Wed, 17 Apr 2024 18:21:08 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 34915
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-BL9163LYG1 | 142.250.74.168 | 200 OK | 100 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-BL9163LYG1 IP142.250.74.168:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size100 kB (100444 bytes) Hash874c7feb12234110d8e51ee111a42320 542d426ee04084e1a55b8e8c7c2ca772352902c1 7cd64ec28841882d36bd9ddd769499fc718919ab4ab6e40958caf85d34562ced
GET /gtag/js?id=G-BL9163LYG1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 17 Apr 2024 18:16:08 GMT
expires: Wed, 17 Apr 2024 18:16:08 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100444
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/js/jquery.validate.js | 91.226.124.125 | 200 OK | 38 kB |
URL GET HTTP/2static.depositfiles.com/js/jquery.validate.js IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (1238) Hashd5231b6378847ebdb55f64c77d5a234f eed97aa0b2aa9486b6f6831ed8a85dc729ad6b9c 95434a8a2568a6481a1fbcf5808a75dd58e77348ed6d70b4f7aeda8842e8f0c7
GET /js/jquery.validate.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=300
content-type: application/javascript
date: Wed, 17 Apr 2024 18:16:08 GMT
etag: "651c240d-957d"
expires: Wed, 17 Apr 2024 18:21:08 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 38269
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/js/962e36ace9b4601f1f51f3e2010e41b9.js | 91.226.124.125 | 200 OK | 166 kB |
URL GET HTTP/2static.depositfiles.com/js/962e36ace9b4601f1f51f3e2010e41b9.js IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeJavaScript source, ASCII text, with very long lines (60311) Size166 kB (165612 bytes) Hash02d50bb775f981faf5ad7b6c2a58399d 65d9757b4467a6199f61f2c2bfa71ba23600e8be 0fd67704d0e0d7480f58a5596d37f5e63b752a083c4e8540b24800d1adb93965
GET /js/962e36ace9b4601f1f51f3e2010e41b9.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=300
content-type: application/javascript
date: Wed, 17 Apr 2024 18:16:08 GMT
etag: "660a8714-286ec"
expires: Wed, 17 Apr 2024 18:21:08 GMT
last-modified: Mon, 01 Apr 2024 10:06:12 GMT
server: nginx
content-length: 165612
X-Firefox-Spdy: h2
|
|
| du0pud0sdlmzf.cloudfront.net/?dupud=997276 | 143.204.42.48 | 200 OK | 54 kB |
URL GET HTTP/2du0pud0sdlmzf.cloudfront.net/?dupud=997276 IP143.204.42.48:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (15945) Hash69916f57edae023cc65dd27ed444fb36 0cf9bd69be013b37db6becda572f90f6e5de7662 f511fe9f7574a00573acc86aeb77726960a317dfbfcf9a62ff2dd0aceb2b60d5
GET /?dupud=997276 HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 54499
date: Wed, 17 Apr 2024 18:16:08 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rAGXx3DJobRPIvoOsO8aNtGQx5MRXkt0MfuXyiBMLvq2urw83se7TA==
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/js/base2.js | 91.226.124.125 | 200 OK | 399 kB |
URL GET HTTP/2static.depositfiles.com/js/base2.js IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65481) Size399 kB (398927 bytes) Hash2fcae8126c3fd9a626370a701f0bd887 f3496fb7bbe122a9774d7dcfcd68da03a24dc285 d29ab86f64b4fcfbc45b9ef806c147f1e42e37e37d44a559147232288063badc
GET /js/base2.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=300
content-type: application/javascript
date: Wed, 17 Apr 2024 18:16:08 GMT
etag: "651c240d-6164f"
expires: Wed, 17 Apr 2024 18:21:08 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 398927
X-Firefox-Spdy: h2
|
|
| subqueriesendedgrounds.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js | 172.240.108.68 | 200 OK | 16 kB |
URL GET HTTP/1.1subqueriesendedgrounds.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js IP172.240.108.68:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectsubqueriesendedgrounds.com Fingerprint5A:B5:1B:3C:B2:E3:E3:20:C8:E4:69:56:9D:59:91:B2:90:31:11:5F ValidityTue, 16 Apr 2024 20:35:30 GMT - Mon, 15 Jul 2024 20:35:29 GMT
File typeJavaScript source, ASCII text, with very long lines (44174), with no line terminators Hash3abe580e6f50fc0288dd23c02f2a29a1 2727b00166631b9be0b0ea84b75b45c622c8a93c f01a5e9f7ec1fba4162e8e96f3a90e9720709322a29cc7886a4d334a6a658247
GET /22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js HTTP/1.1
Host: subqueriesendedgrounds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 17 Apr 2024 18:16:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2533eda20069bed2ca3b0b969c8f6f9c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| static.depositfiles.com/images/logo.png | 91.226.124.125 | 200 OK | 3.6 kB |
URL GET HTTP/2static.depositfiles.com/images/logo.png IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typePNG image data, 176 x 43, 8-bit/color RGBA, non-interlaced Hashc41fdd84b04e45a91cb17cfdeccb1b38 fec7fffe104c7e169aeb159032078c4b71ff2cdc 7f89eb8ab03684f4db282ca30eb231b1e254bca10c7b511950df5e0eab0a68a0
GET /images/logo.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
date: Wed, 17 Apr 2024 18:16:09 GMT
etag: "651c240d-e27"
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 3623
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/images/member_menu_bg.gif | 91.226.124.125 | 200 OK | 78 B |
URL GET HTTP/2static.depositfiles.com/images/member_menu_bg.gif IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeGIF image data, version 89a, 1 x 48 Hash20a24b56dcedf6a71a71ebec771e1f7d d7bed493d5d4eeaed5dbbf7d30d45107840790a0 6f57f29224d8e9e51ed0839e329055426fba7dcd97ef31e93ed495f93a6063df
GET /images/member_menu_bg.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=432000
content-type: image/gif
date: Wed, 17 Apr 2024 18:16:09 GMT
etag: "651c240d-4e"
expires: Mon, 22 Apr 2024 18:16:09 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 78
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/images/sprite.png | 91.226.124.125 | 200 OK | 37 kB |
URL GET HTTP/2static.depositfiles.com/images/sprite.png IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typePNG image data, 102 x 630, 8-bit/color RGBA, non-interlaced Hash2333675d7e431d5313c6dbb5230a14cd 93c4032e5b8b85793a9cda7167804445d950dd96 b287134a60667ce8e2c3fa1603e3a8f2ffa59c64e746d026d1a13ef19f3f38a0
GET /images/sprite.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
date: Wed, 17 Apr 2024 18:16:09 GMT
etag: "651c240d-8fc2"
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 36802
X-Firefox-Spdy: h2
|
|
| ocsp.r2m03.amazontrust.com/ | 3.164.222.26 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP3.164.222.26:0
Hashc399fb79adf0cdeed10b05e899cc5e79 229c5e341dea8b83d6e701c57e67f91651bc15f4 b9e301d3ccdf96714e7f122760a9aad35fe55339ae4e72a6b2505c0cd8b1b603
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 17 Apr 2024 18:16:09 GMT
Last-Modified: Wed, 17 Apr 2024 17:40:45 GMT
Server: ECAcc (ska/F7A7)
X-Cache: Miss from cloudfront
Via: 1.1 5dbb5d54ce8d1d6f8480679ed6115d1c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN53-P1
X-Amz-Cf-Id: SThj42tqCsqEB56bAzZP5B5YOTl4BQUg2brwY-ITNG81gjyEUh3n6A==
Age: 2125
|
|
| static.depositfiles.com/images/timer.gif | 91.226.124.125 | 200 OK | 12 kB |
URL GET HTTP/2static.depositfiles.com/images/timer.gif IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeGIF image data, version 89a, 70 x 70 Hashfb170c2ce20d8088b7cee465689c3637 9759429c7de6921580fac900c4c6026c758bb94c 6b5c53dd4d2d07c854e019e55458ff9652a4d9b7bf1fe8848ad00ca16032e294
GET /images/timer.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=432000
content-type: image/gif
date: Wed, 17 Apr 2024 18:16:09 GMT
etag: "651c240d-2d57"
expires: Mon, 22 Apr 2024 18:16:09 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 11607
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/images/flags/lang24.png | 91.226.124.125 | 200 OK | 9.2 kB |
URL GET HTTP/2static.depositfiles.com/images/flags/lang24.png IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typePNG image data, 24 x 552, 8-bit/color RGBA, non-interlaced Hashefdcd1ca23d564ddd811f41152a2b83c 0b5aa064e7f8f241363c55fa17eb448f42a5f8df ce23be242e34c5b420f8ba0390aef20fa50ffc69f700091029616eff524e8f9b
GET /images/flags/lang24.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
date: Wed, 17 Apr 2024 18:16:09 GMT
etag: "651c240d-23d4"
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 9172
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 52.29.148.107 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.148.107:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash944b8f9bb7b456729e359ff3c45d07ad eb6e06bca68177dbdd0b87eec700598f1a99efc3 c52cde29ab7372b05aa7ab8b3de2a8a91fd094fe647e1e68abee389f1644e5e1
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 18:16:09 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dfiles.eu
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=b472b10e-b176-4106-b218-783f55e9d7f2:2:1; expires=Sat, 15 Apr 2034 18:16:09 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| afnyfiexpecttha.info/dXppSEZaRQo7eyI9GTsfIywdHwAZKDAlMhciPxovFyxYKhMyM088LxFHUHFxR01fbjYcHlR5YAYOCDwzBkdYbi8bHAZ1YANHWGZ1QVRafmhBXBx1d1MOGSkhSEtPODIBFlR5cURJWn9xQkxQeXBF | 104.21.42.166 | 204 No Content | 0 B |
URL GET HTTP/2afnyfiexpecttha.info/dXppSEZaRQo7eyI9GTsfIywdHwAZKDAlMhciPxovFyxYKhMyM088LxFHUHFxR01fbjYcHlR5YAYOCDwzBkdYbi8bHAZ1YANHWGZ1QVRafmhBXBx1d1MOGSkhSEtPODIBFlR5cURJWn9xQkxQeXBF IP104.21.42.166:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectafnyfiexpecttha.info Fingerprint6B:ED:1A:88:9C:57:2B:90:45:C1:12:0F:50:A2:BE:77:05:42:3A:DB ValiditySun, 31 Mar 2024 11:28:54 GMT - Sat, 29 Jun 2024 11:28:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dXppSEZaRQo7eyI9GTsfIywdHwAZKDAlMhciPxovFyxYKhMyM088LxFHUHFxR01fbjYcHlR5YAYOCDwzBkdYbi8bHAZ1YANHWGZ1QVRafmhBXBx1d1MOGSkhSEtPODIBFlR5cURJWn9xQkxQeXBF HTTP/1.1
Host: afnyfiexpecttha.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Wed, 17 Apr 2024 18:16:09 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=laaBCteOaYwkFgi8lbzI5xCrPikgrF4OQvzuvh5ra4fqVT3i7hQgF4XgweBGRigBspa%2FpOPb5WZdqKze4Pppn7MvfzdciHge9Kj2703MyGHdanQx7Rihx0STIpP%2F1PonC6E1CLwYyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875e67917849569f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| loader.unblockia.com/c/dfiles.eu/config.json | 108.157.214.40 | 200 OK | 47 kB |
URL GET HTTP/2loader.unblockia.com/c/dfiles.eu/config.json IP108.157.214.40:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerAmazon Subject*.unblockia.com Fingerprint79:E4:56:24:64:EB:7C:C0:1E:E3:61:D0:BE:07:4D:34:89:8B:5E:BD ValidityTue, 23 Jan 2024 00:00:00 GMT - Thu, 20 Feb 2025 23:59:59 GMT
Hashf365c1e4619a90bbadadacf55598fe90 1623c939b72aecd3831e1da35e4c0a5229383e91 23e2e4d868bb2652b97e9e13d36df1dfeeba338d4e9c4d1d737fba6b2b2b2d52
GET /c/dfiles.eu/config.json HTTP/1.1
Host: loader.unblockia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 46747
last-modified: Fri, 09 Jun 2023 09:20:17 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: trENJHq0I9QxpCJnwtrkDFWJYsxIhjKV
accept-ranges: bytes
server: AmazonS3
date: Wed, 17 Apr 2024 12:33:37 GMT
etag: "f365c1e4619a90bbadadacf55598fe90"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab5e2ae728dfa6338273a7f7bcdc636c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: WD4SXLilJvDPjRMtsSIJzXCpNi8g56e5iAm0Yui-DuHaX6tmIq5JCA==
age: 20695
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
|
|
| retherdoresper.info/MUpqOGpQKAlVVVB3CB4fQyZXHVh3b1h+DkR6Gk0OATkOVAdLLERbBl4/Dl4YXiQeFgRUPk8KLAgfBFNefAw7QCxdED1ZE2gbMnlbRStaDCFzeCAIKWQ6PHUHCS4yVAEFBB1XPWcZLAgvAT4MdwN7DwtWL3ACKHILVwlaVy9cAAd+EFksPn0FRihaUw9pDj8AIlYfPXU+RisoaSxIBxIJC3UdKAguZCIMaFgJKT9UI1wHOG4wZiBeQjIBezhZPgkdO1QBBRoCXw5wIiBWPEYtPGIHexg7eSxdLlpIXHcdMFEsZwwPcTlBKSlfK0IrAQEEcycoCzlfZwVuMFwDJmwCZyQvCCt+AgdqXWkLBXknSykLbVsIMjN8UnoLLW4DYhsBeTBpLiZ7LGhzI3oSVBITQFlieV5yM18yIHABZzozT0xbOQVWGgwYK2wkWigmQRBaEDx7AA | 3.164.240.42 | 200 OK | 1.2 kB |
URL GET HTTP/2retherdoresper.info/MUpqOGpQKAlVVVB3CB4fQyZXHVh3b1h+DkR6Gk0OATkOVAdLLERbBl4/Dl4YXiQeFgRUPk8KLAgfBFNefAw7QCxdED1ZE2gbMnlbRStaDCFzeCAIKWQ6PHUHCS4yVAEFBB1XPWcZLAgvAT4MdwN7DwtWL3ACKHILVwlaVy9cAAd+EFksPn0FRihaUw9pDj8AIlYfPXU+RisoaSxIBxIJC3UdKAguZCIMaFgJKT9UI1wHOG4wZiBeQjIBezhZPgkdO1QBBRoCXw5wIiBWPEYtPGIHexg7eSxdLlpIXHcdMFEsZwwPcTlBKSlfK0IrAQEEcycoCzlfZwVuMFwDJmwCZyQvCCt+AgdqXWkLBXknSykLbVsIMjN8UnoLLW4DYhsBeTBpLiZ7LGhzI3oSVBITQFlieV5yM18yIHABZzozT0xbOQVWGgwYK2wkWigmQRBaEDx7AA IP3.164.240.42:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerAmazon Subjectretherdoresper.info Fingerprint0F:CF:B6:F9:42:21:50:48:81:B3:2B:2A:69:A9:E4:C9:D0:BF:53:59 ValidityMon, 01 Apr 2024 00:00:00 GMT - Wed, 30 Apr 2025 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (3042), with no line terminators Hash85f7cbe32a3f51ea2d33425c5e3a79ec 81bb41b03fcf47fb7eec6b68a9b7cad075efad02 aeb3f5651663d9cb39cd4705d5b60866ecb8e31fe6730ad753727557297873e2
GET /MUpqOGpQKAlVVVB3CB4fQyZXHVh3b1h+DkR6Gk0OATkOVAdLLERbBl4/Dl4YXiQeFgRUPk8KLAgfBFNefAw7QCxdED1ZE2gbMnlbRStaDCFzeCAIKWQ6PHUHCS4yVAEFBB1XPWcZLAgvAT4MdwN7DwtWL3ACKHILVwlaVy9cAAd+EFksPn0FRihaUw9pDj8AIlYfPXU+RisoaSxIBxIJC3UdKAguZCIMaFgJKT9UI1wHOG4wZiBeQjIBezhZPgkdO1QBBRoCXw5wIiBWPEYtPGIHexg7eSxdLlpIXHcdMFEsZwwPcTlBKSlfK0IrAQEEcycoCzlfZwVuMFwDJmwCZyQvCCt+AgdqXWkLBXknSykLbVsIMjN8UnoLLW4DYhsBeTBpLiZ7LGhzI3oSVBITQFlieV5yM18yIHABZzozT0xbOQVWGgwYK2wkWigmQRBaEDx7AA HTTP/1.1
Host: retherdoresper.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1194
date: Wed, 17 Apr 2024 18:16:09 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 a89672c5bed576aaabefe419c0d5bad2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: M5eJ3XLDTw36nSflG4SUENxMntmvUQKDvWOCK4rdjOo2WP7-dKUhBw==
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 172.67.180.87 | 200 OK | 28 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP172.67.180.87:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 18:16:09 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 6545c7cfd554393e34b589512ee0b1e0
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 17 Apr 2024 18:16:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=73m28tg29It5sAYlvRIpLLjCKtIP%2Buo6PQCGG6A19Z6ws8QR3fDuv3sXMSObkS8Hctqzo3kwY7O4d1vkw1%2FdVlb%2F8y6awdbtNUxBddc4rnnqaa1XMcbziwL4Y7U11YwYORgrL5Gxr1PHW2Hf9VJ6sg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875e679149ce569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| na.nawpush.com/tags/46445?version_name=c | 45.133.44.24 | 200 OK | 907 B |
URL GET HTTP/2na.nawpush.com/tags/46445?version_name=c IP45.133.44.24:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectna.nawpush.com FingerprintE4:8A:6D:1E:95:BA:50:33:94:D3:16:FE:4C:61:AA:DE:72:B1:70:87 ValidityThu, 28 Mar 2024 03:00:38 GMT - Wed, 26 Jun 2024 03:00:37 GMT
Hashd09107983b399151d6f9f93f96bbb481 e0e513817985057099df65c374aaa09840651bfe c1eb8b346db82db50d4e571fc6c6c441a3defd92ddfe3fb287581333421c7da8
GET /tags/46445?version_name=c HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 18:16:09 GMT
content-type: application/json
content-length: 907
server: nginx/1.24.0
cache-control: max-age=300, public
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| cdn.unblockia.com/autopromos/unicef2.jpg?unblockia=true | 108.157.214.50 | 200 OK | 37 kB |
URL GET HTTP/2cdn.unblockia.com/autopromos/unicef2.jpg?unblockia=true IP108.157.214.50:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerAmazon Subject*.unblockia.com Fingerprint79:E4:56:24:64:EB:7C:C0:1E:E3:61:D0:BE:07:4D:34:89:8B:5E:BD ValidityTue, 23 Jan 2024 00:00:00 GMT - Thu, 20 Feb 2025 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 728x90, components 3 Hash58fbb6ffe72ac0c1aa468de39ee18e13 d25230f1ef89aecc6048b0ceb09dd0af609ee7b6 e8ff7f3a8926e5b5497d2ab7a1bf47c5655e287a51045f11846f426ac6c7d180
GET /autopromos/unicef2.jpg?unblockia=true HTTP/1.1
Host: cdn.unblockia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 36773
last-modified: Tue, 12 Apr 2022 08:41:28 GMT
x-amz-version-id: xUurxjfnscsyJn430NFsrgfbabIFowSl
accept-ranges: bytes
server: AmazonS3
date: Wed, 17 Apr 2024 04:08:38 GMT
etag: "58fbb6ffe72ac0c1aa468de39ee18e13"
x-cache: Hit from cloudfront
via: 1.1 009f08cce389af684f28c36891875534.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: Op61QdDELDoCMWC-aRAmyn2BSpN284u26G3xEvbRkaFGv5uli01J8A==
age: 50914
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
|
|
| acscdn.com/script/aclib.js | 172.67.165.20 | 200 OK | 136 kB |
URL GET HTTP/2acscdn.com/script/aclib.js IP172.67.165.20:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerGoogle Trust Services LLC Subjectacscdn.com FingerprintC2:6C:14:F0:34:12:76:91:EB:3A:02:AC:4F:41:CA:11:17:6F:F0:01 ValidityWed, 28 Feb 2024 11:34:54 GMT - Tue, 28 May 2024 11:34:53 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65436) Size136 kB (136514 bytes) Hashaa5502dfd5258498e89e92a0923afbe5 5a0d2e6dd8f03d743a5554b0cd855046cd235932 913404435cc2e88ca55336cd2a89a062f37971f4893caa637d5b36c04816d0ef
GET /script/aclib.js HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 18:16:08 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPqm9eOwZlMAvAYk4W7V8HVJcpT0qhQpLbR9gqQjgxME5bODq5mGD-A8qvdrSFmqvCxTWr8rrERmKQ
x-goog-generation: 1713265374889872
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 166958
x-goog-hash: crc32c=kb+1Lg==, md5=qlUC39UlhJjonpKgkjr75Q==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Wed, 17 Apr 2024 19:07:11 GMT
cache-control: public, max-age=3600
age: 537
last-modified: Tue, 16 Apr 2024 11:02:54 GMT
etag: W/"aa5502dfd5258498e89e92a0923afbe5"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q6s5U5y8yupPfJVjChPfWoaDUmTgPNt%2F3g5RHPcsVY9FeQONJy4X8%2F%2FsVHWIEGHs4IfuqOGPbG%2Bh5pTi4uRHhAp%2BCDCFLGiYWqRkL0AvBw5Tlx6Rco8vcN5nKliR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875e678c18bcb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| adsbb.dfiles.eu//ad.php?z=58&c=NO&g=no_file | 91.226.124.106 | 303 See Other | 0 B |
URL GET HTTP/2adsbb.dfiles.eu//ad.php?z=58&c=NO&g=no_file IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET //ad.php?z=58&c=NO&g=no_file HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: last_file=741172
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 303 See Other
content-security-policy: frame-ancestors depositfiles.com depositfiles.org dfiles.eu dfiles.com web-301.dfiles.eu web-302.dfiles.eu web-303.dfiles.eu web-304.dfiles.eu
content-type: text/html; charset=UTF-8
date: Wed, 17 Apr 2024 18:16:09 GMT
location: /upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
server: nginx
set-cookie: _nf58=1; expires=Thu, 18-Apr-2024 18:16:09 GMT; Max-Age=86400
x-powered-by: PHP/5.6.40
X-Firefox-Spdy: h2
|
|
| ntvpforever.com/keywords | 168.119.25.102 | 200 OK | 0 B |
IP168.119.25.102:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint61:48:0F:89:F9:D8:E5:03:50:63:1E:62:FB:E9:66:8A:88:80:57:B0 ValidityWed, 10 Apr 2024 05:41:27 GMT - Tue, 09 Jul 2024 05:41:26 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /keywords HTTP/1.1
Host: ntvpforever.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx/1.18.0
date: Wed, 17 Apr 2024 18:16:09 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| adsbb.dfiles.eu/upload/blank.htm | 91.226.124.106 | 200 OK | 797 B |
URL GET HTTP/2adsbb.dfiles.eu/upload/blank.htm IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
File typeHTML document, ASCII text, with very long lines (746) Hashd420c2d53d390311107ed02e1df96d65 cead380ab2cc70b2563beb703a40f77e67e55839 f4c23734b88aa380853dcc3f357e278155d769742647df8faa4dd41efe311763
GET /upload/blank.htm HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
DNT: 1
Connection: keep-alive
Cookie: last_file=741172; _nf60=1; _nf58=1; _nf56=1; _nf7=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-security-policy: frame-ancestors depositfiles.com depositfiles.org dfiles.eu dfiles.com web-301.dfiles.eu web-302.dfiles.eu web-303.dfiles.eu web-304.dfiles.eu
content-type: text/html
date: Wed, 17 Apr 2024 18:16:09 GMT
last-modified: Wed, 29 Nov 2023 10:47:03 GMT
server: nginx
X-Firefox-Spdy: h2
|
|
| cdn.unblockia.com/autopromos/unicef3.jpg?unblockia=true | 108.157.214.50 | 200 OK | 54 kB |
URL GET HTTP/2cdn.unblockia.com/autopromos/unicef3.jpg?unblockia=true IP108.157.214.50:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerAmazon Subject*.unblockia.com Fingerprint79:E4:56:24:64:EB:7C:C0:1E:E3:61:D0:BE:07:4D:34:89:8B:5E:BD ValidityTue, 23 Jan 2024 00:00:00 GMT - Thu, 20 Feb 2025 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 160x600, components 3 Hash5dcf47442fc7fbb8d0263bbf4869537e 2c8232ac93448bbc06b5464f1839a5cdb2ed3e07 81804a1b2b20350ec009ba6429a4f58124c16ca30683af0af255544cd98c8fa6
GET /autopromos/unicef3.jpg?unblockia=true HTTP/1.1
Host: cdn.unblockia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 54292
last-modified: Tue, 12 Apr 2022 08:41:27 GMT
x-amz-version-id: iA22.ytP0i4dmuIhnc0eyNVgJlt2K4fl
accept-ranges: bytes
server: AmazonS3
date: Wed, 17 Apr 2024 08:17:50 GMT
etag: "5dcf47442fc7fbb8d0263bbf4869537e"
x-cache: Hit from cloudfront
via: 1.1 009f08cce389af684f28c36891875534.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 56UmVk38qzDIoWOjhEjIfmgNKImXmvITKKqY3d82SfC6yM7-qLcTQQ==
age: 50313
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
|
|
| t.unblockia.com/?sid=140&o=3&b=2&p=1&t=1 | 108.157.229.80 | 200 OK | 0 B |
URL POST HTTP/2t.unblockia.com/?sid=140&o=3&b=2&p=1&t=1 IP108.157.229.80:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerAmazon Subject*.unblockia.com Fingerprint79:E4:56:24:64:EB:7C:C0:1E:E3:61:D0:BE:07:4D:34:89:8B:5E:BD ValidityTue, 23 Jan 2024 00:00:00 GMT - Thu, 20 Feb 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?sid=140&o=3&b=2&p=1&t=1 HTTP/1.1
Host: t.unblockia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
content-type: application/json
content-length: 0
server: nginx/1.20.0
date: Wed, 17 Apr 2024 18:16:09 GMT
x-cache: Miss from cloudfront
via: 1.1 c76d87fd83a704b78afc1028fc7bcea2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: LMdTyHmVKrYia3BVeZJPpE_iDodMMmysxWuVkfSg7NgcBuShKgHjvQ==
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
|
|
| fp.metricswpsh.com/fp?tag_id=46445 | 157.90.84.242 | 200 OK | 0 B |
URL POST HTTP/1.1fp.metricswpsh.com/fp?tag_id=46445 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint61:48:0F:89:F9:D8:E5:03:50:63:1E:62:FB:E9:66:8A:88:80:57:B0 ValidityWed, 10 Apr 2024 05:41:27 GMT - Tue, 09 Jul 2024 05:41:26 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=46445 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Wed, 17 Apr 2024 18:16:09 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://dfiles.eu
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
|
|
| ntvpforever.com/keywords | 168.119.25.102 | 200 OK | 15 B |
IP168.119.25.102:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint61:48:0F:89:F9:D8:E5:03:50:63:1E:62:FB:E9:66:8A:88:80:57:B0 ValidityWed, 10 Apr 2024 05:41:27 GMT - Tue, 09 Jul 2024 05:41:26 GMT
Hash32323194b8b07fd0aa9b6f7fc79a7b30 ea248c45722bff267b55a453dc794bc42171cef6 080040b4937f3f423f32cd7f19b2a79ba1e1e213f1d9f4f4db4f609d4ad778d8
POST /keywords HTTP/1.1
Host: ntvpforever.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 405
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 17 Apr 2024 18:16:09 GMT
content-type: application/json
content-length: 15
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| decidedlyenjoyableannihilation.com/c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js | 172.240.127.234 | 200 OK | 30 kB |
URL GET HTTP/1.1decidedlyenjoyableannihilation.com/c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js IP172.240.127.234:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectdecidedlyenjoyableannihilation.com Fingerprint04:5E:A7:2F:94:E4:08:88:66:15:BE:36:F0:95:99:2C:7B:DD:4F:6D ValidityTue, 16 Apr 2024 13:55:09 GMT - Mon, 15 Jul 2024 13:55:08 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashe1fbac68eec651d0fa589e8dde26f92c 446939e76209079eb33ff1c93e49eeadcc757567 1b497ca74ccdbf7b100795fde6d700a8c4b4ec69601d3e0eea2d58b800ee7e3d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js HTTP/1.1
Host: decidedlyenjoyableannihilation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 17 Apr 2024 18:16:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-2967-new=0; expires=Mon, 22 Apr 2024 09:16:09 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dddc7a5fac24dd46944b8d6709e90856
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| fp.metricswpsh.com/fp?tag_id=46445 | 157.90.84.242 | 200 OK | 58 B |
URL POST HTTP/1.1fp.metricswpsh.com/fp?tag_id=46445 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint61:48:0F:89:F9:D8:E5:03:50:63:1E:62:FB:E9:66:8A:88:80:57:B0 ValidityWed, 10 Apr 2024 05:41:27 GMT - Tue, 09 Jul 2024 05:41:26 GMT
Hash87385fcd2a67fc74d2fa67366ba68ea2 a604cdbb1d31ce257e8643eee9219c9c724c200c 9307cbb21345500294eae459b18a8ffb2bd2fcccd928a09efbc1e324fa9c9995
POST /fp?tag_id=46445 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1836
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 17 Apr 2024 18:16:09 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 58
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://dfiles.eu
Set-Cookie: id=11935726560473926699; Expires=Thu, 17 Apr 2025 18:16:09 GMT; Secure; SameSite=None
Vary: Origin
|
|
| 4d716774ff.7d3906347f.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxMzc1NTU4MjIwODg1ODY5NDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjExOS4wIiwidGFnX2lkIjo0NjQ0NSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjI1LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 | 45.133.44.53 | 200 OK | 0 B |
URL GET HTTP/24d716774ff.7d3906347f.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxMzc1NTU4MjIwODg1ODY5NDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjExOS4wIiwidGFnX2lkIjo0NjQ0NSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjI1LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subject4d716774ff.7d3906347f.com FingerprintB1:46:37:91:28:F0:B4:54:79:3F:25:E2:AF:6C:44:E0:14:9F:40:BB ValiditySun, 14 Apr 2024 02:50:16 GMT - Sat, 13 Jul 2024 02:50:15 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxMzc1NTU4MjIwODg1ODY5NDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjExOS4wIiwidGFnX2lkIjo0NjQ0NSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjI1LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 HTTP/1.1
Host: 4d716774ff.7d3906347f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 18:16:10 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| adsbb.dfiles.eu/view.gif?c=2964&z=60&b=2761&u=662011a4be61a4188158985903597 | 91.226.124.106 | 200 OK | 43 B |
URL GET HTTP/2adsbb.dfiles.eu/view.gif?c=2964&z=60&b=2761&u=662011a4be61a4188158985903597 IP91.226.124.106:443
Requested byhttps://adsbb.dfiles.eu/upload/2203/ad27612964f48cd2.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
File typeGIF image data, version 89a, 1 x 1 Hash6d22e4f2d2057c6e8d6fab098e76e80f b80b11203d97fe01c5597ca3be70406ea48f5709 afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /view.gif?c=2964&z=60&b=2761&u=662011a4be61a4188158985903597 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2203/ad27612964f48cd2.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: last_file=741172; _nf60=1; _nf58=1; _nf56=1; _nf7=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: no-cache, private, no-cache, no-store, must-revalidate
content-type: image/gif
date: Wed, 17 Apr 2024 18:16:10 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
pragma: no-cache
server: nginx
content-length: 43
X-Firefox-Spdy: h2
|
|
| decidedlyenjoyableannihilation.com/sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6&uuid=b472b10e-b176-4106-b218-783f55e9d7f2%3A2%3A1 | 172.240.127.234 | 200 OK | 7.6 kB |
URL GET HTTP/1.1decidedlyenjoyableannihilation.com/sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6&uuid=b472b10e-b176-4106-b218-783f55e9d7f2%3A2%3A1 IP172.240.127.234:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectdecidedlyenjoyableannihilation.com Fingerprint04:5E:A7:2F:94:E4:08:88:66:15:BE:36:F0:95:99:2C:7B:DD:4F:6D ValidityTue, 16 Apr 2024 13:55:09 GMT - Mon, 15 Jul 2024 13:55:08 GMT
Hash759995be1016fe061e9d291b62f45c3f 4991bb9d26b17e6358c0bbbfe11b3d07bf41a390 13b4e2c92f75ba856c00d9e9dccf93c439dccb6b02746c88e357ca82fc693123
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6&uuid=b472b10e-b176-4106-b218-783f55e9d7f2%3A2%3A1 HTTP/1.1
Host: decidedlyenjoyableannihilation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 17 Apr 2024 18:16:10 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://dfiles.eu
Access-Control-Allow-Origin: https://dfiles.eu
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16004719; expires=Thu, 18 Apr 2024 18:16:10 GMT; secure; SameSite=None
uid_id2=b472b10e-b176-4106-b218-783f55e9d7f2:2:1; expires=Wed, 24 Apr 2024 18:16:10 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 18 Apr 2024 18:16:10 GMT; secure; SameSite=None
uncs=1; expires=Thu, 18 Apr 2024 18:16:10 GMT; secure; SameSite=None
pdhtkv29=true; expires=Thu, 18 Apr 2024 18:16:10 GMT; secure; SameSite=None
uncs29=1; expires=Thu, 18 Apr 2024 18:16:10 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 55b5e31595071ea90f13c91eb5873eec
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| decidedlyenjoyableannihilation.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwWskxRutnl%2F4XRQhujcV%2BuBBxUy6e2a6Z9yDGGMkbNwsu4p6kqqu6kmZ6q6mqnt6klNwQfY4LILXzptkg%2Bsi68Wbi0wWPCwIGU85mD%2FAgxdlzzJjcPQ79Pfe976GV6%2Fqi8PyggQo6fn6%2B3pfKkVXO03PffVj37%2FqbsmsHLrDbvhp2L7qmsGbvbDpvea%2BJ%2BJdvRp4vuf5nu9uSCMSPVydiZD5g57f7HnNdtD0O20MzX%2B5LR1Y6oAPLsjzkHy69Ni5AhlPkKUP14XdLXT%2BxrtpqWihDQb85MNsN9NVhnQBE%2BMgyU4ut6Ht2cYj6Ox4bhd68M8ik1Pi%2FPQILDu5NAk2OJr7ZAoiA%2BPPoBpMINQEkk4Q69uQ%2FIwAMcf1bWTpvevaVHTvb5XO1ClZevoHZDUlS79eQZZ%2Bu6bk0L2lVVlInVkMkxpyOIHsT5CXpyj2G5DVKeLic0j%2BM1l9uoUsPdq2SkPy81dYOwqY74kV5kfhStv3whUW%2BN2VqNtKOh3R41ESzAOScgKZTKDECNQ2UFoHpXRQJg7K3EHKz93Y9%2F3I4zH1ur04bvFIsJB7Po0Sn%2Fpe2EUZz84wQpGPEKsRYnOA3BxgV45gyh9hd2pY7sAWBANeoxIElSWoKEElCaqCoBrUx1zZwNb3uLIl8y97cNlb9VgX%2FUN6rIu%2ByAioGcHw%2BjC%2FIMvzAP8MNXbFuRsEbcrb1G%2BzNvM7sR8FYZJEXkfEYRQIGsLKGtI2QK2DfXn2Qo5cnj37Ehg9hVWniOUyaPkyaFWD7tTYzx5ykWsri0QqYZuxTsF1jbxYQrHnHKoL8uLcwbWv7kPET8hlITY1clPjM%2FmYoK%2FujG%2Fqihzd1JUl323nhUzlPp1d762CFuL%2F96%2BJvUobvrluR1%2B%2FHc%2BEGXzwgbDFFs24zPqWfLMmORdmQ5tYkB827UeC3SjtzlppsjLfuvHOxmaaG2Gt1NkEVJ59chexnJLnvt%2Bav9vX3d8hzQSmrJGWC6dSTxDnB7D5YmY1gVELznIHVVmPTcAWQyUJlFhwymrYf3G2wGNDZ39TWR%2FaO%2BibBmhxG1laY2BqDFQNqkaw5f%2FGRW6evPVLa15gqjFmyjSOmDLq7jzk2edLWHnuRq2WR8Nex48iKiLWDrpJ6HNKg3YYhCFtobDTxF3%2B7S8AAAD%2F%2FwEAAP%2F%2FX%2F33oJEEAAA%3D | 172.240.127.234 | 200 OK | 7 B |
URL GET HTTP/1.1decidedlyenjoyableannihilation.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwWskxRutnl%2F4XRQhujcV%2BuBBxUy6e2a6Z9yDGGMkbNwsu4p6kqqu6kmZ6q6mqnt6klNwQfY4LILXzptkg%2Bsi68Wbi0wWPCwIGU85mD%2FAgxdlzzJjcPQ79Pfe976GV6%2Fqi8PyggQo6fn6%2B3pfKkVXO03PffVj37%2FqbsmsHLrDbvhp2L7qmsGbvbDpvea%2BJ%2BJdvRp4vuf5nu9uSCMSPVydiZD5g57f7HnNdtD0O20MzX%2B5LR1Y6oAPLsjzkHy69Ni5AhlPkKUP14XdLXT%2BxrtpqWihDQb85MNsN9NVhnQBE%2BMgyU4ut6Ht2cYj6Ox4bhd68M8ik1Pi%2FPQILDu5NAk2OJr7ZAoiA%2BPPoBpMINQEkk4Q69uQ%2FIwAMcf1bWTpvevaVHTvb5XO1ClZevoHZDUlS79eQZZ%2Bu6bk0L2lVVlInVkMkxpyOIHsT5CXpyj2G5DVKeLic0j%2BM1l9uoUsPdq2SkPy81dYOwqY74kV5kfhStv3whUW%2BN2VqNtKOh3R41ESzAOScgKZTKDECNQ2UFoHpXRQJg7K3EHKz93Y9%2F3I4zH1ur04bvFIsJB7Po0Sn%2Fpe2EUZz84wQpGPEKsRYnOA3BxgV45gyh9hd2pY7sAWBANeoxIElSWoKEElCaqCoBrUx1zZwNb3uLIl8y97cNlb9VgX%2FUN6rIu%2ByAioGcHw%2BjC%2FIMvzAP8MNXbFuRsEbcrb1G%2BzNvM7sR8FYZJEXkfEYRQIGsLKGtI2QK2DfXn2Qo5cnj37Ehg9hVWniOUyaPkyaFWD7tTYzx5ykWsri0QqYZuxTsF1jbxYQrHnHKoL8uLcwbWv7kPET8hlITY1clPjM%2FmYoK%2FujG%2Fqihzd1JUl323nhUzlPp1d762CFuL%2F96%2BJvUobvrluR1%2B%2FHc%2BEGXzwgbDFFs24zPqWfLMmORdmQ5tYkB827UeC3SjtzlppsjLfuvHOxmaaG2Gt1NkEVJ59chexnJLnvt%2Bav9vX3d8hzQSmrJGWC6dSTxDnB7D5YmY1gVELznIHVVmPTcAWQyUJlFhwymrYf3G2wGNDZ39TWR%2FaO%2BibBmhxG1laY2BqDFQNqkaw5f%2FGRW6evPVLa15gqjFmyjSOmDLq7jzk2edLWHnuRq2WR8Nex48iKiLWDrpJ6HNKg3YYhCFtobDTxF3%2B7S8AAAD%2F%2FwEAAP%2F%2FX%2F33oJEEAAA%3D IP172.240.127.234:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectdecidedlyenjoyableannihilation.com Fingerprint04:5E:A7:2F:94:E4:08:88:66:15:BE:36:F0:95:99:2C:7B:DD:4F:6D ValidityTue, 16 Apr 2024 13:55:09 GMT - Mon, 15 Jul 2024 13:55:08 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSwWskxRutnl%2F4XRQhujcV%2BuBBxUy6e2a6Z9yDGGMkbNwsu4p6kqqu6kmZ6q6mqnt6klNwQfY4LILXzptkg%2Bsi68Wbi0wWPCwIGU85mD%2FAgxdlzzJjcPQ79Pfe976GV6%2Fqi8PyggQo6fn6%2B3pfKkVXO03PffVj37%2FqbsmsHLrDbvhp2L7qmsGbvbDpvea%2BJ%2BJdvRp4vuf5nu9uSCMSPVydiZD5g57f7HnNdtD0O20MzX%2B5LR1Y6oAPLsjzkHy69Ni5AhlPkKUP14XdLXT%2BxrtpqWihDQb85MNsN9NVhnQBE%2BMgyU4ut6Ht2cYj6Ox4bhd68M8ik1Pi%2FPQILDu5NAk2OJr7ZAoiA%2BPPoBpMINQEkk4Q69uQ%2FIwAMcf1bWTpvevaVHTvb5XO1ClZevoHZDUlS79eQZZ%2Bu6bk0L2lVVlInVkMkxpyOIHsT5CXpyj2G5DVKeLic0j%2BM1l9uoUsPdq2SkPy81dYOwqY74kV5kfhStv3whUW%2BN2VqNtKOh3R41ESzAOScgKZTKDECNQ2UFoHpXRQJg7K3EHKz93Y9%2F3I4zH1ur04bvFIsJB7Po0Sn%2Fpe2EUZz84wQpGPEKsRYnOA3BxgV45gyh9hd2pY7sAWBANeoxIElSWoKEElCaqCoBrUx1zZwNb3uLIl8y97cNlb9VgX%2FUN6rIu%2ByAioGcHw%2BjC%2FIMvzAP8MNXbFuRsEbcrb1G%2BzNvM7sR8FYZJEXkfEYRQIGsLKGtI2QK2DfXn2Qo5cnj37Ehg9hVWniOUyaPkyaFWD7tTYzx5ykWsri0QqYZuxTsF1jbxYQrHnHKoL8uLcwbWv7kPET8hlITY1clPjM%2FmYoK%2FujG%2Fqihzd1JUl323nhUzlPp1d762CFuL%2F96%2BJvUobvrluR1%2B%2FHc%2BEGXzwgbDFFs24zPqWfLMmORdmQ5tYkB827UeC3SjtzlppsjLfuvHOxmaaG2Gt1NkEVJ59chexnJLnvt%2Bav9vX3d8hzQSmrJGWC6dSTxDnB7D5YmY1gVELznIHVVmPTcAWQyUJlFhwymrYf3G2wGNDZ39TWR%2FaO%2BibBmhxG1laY2BqDFQNqkaw5f%2FGRW6evPVLa15gqjFmyjSOmDLq7jzk2edLWHnuRq2WR8Nex48iKiLWDrpJ6HNKg3YYhCFtobDTxF3%2B7S8AAAD%2F%2FwEAAP%2F%2FX%2F33oJEEAAA%3D HTTP/1.1
Host: decidedlyenjoyableannihilation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; uid_id2=b472b10e-b176-4106-b218-783f55e9d7f2:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 17 Apr 2024 18:16:10 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6740fa92f808dbbb49559d5adc5b9f75
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| downstairsnegotiatebarren.com/sfp.js | 172.67.180.87 | 200 OK | 28 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP172.67.180.87:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 18:16:10 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 32679328351a0f997052a249e15373f6
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 17 Apr 2024 18:16:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Jzt4eWLaSkZisBWvwZ%2Bwwi8HvtNs6LTva3hy%2FLgqgNAJpqZNRu6S2uwh0Dodtam0tVezkXEcJ690MefEusXsF6F77lrZM0pqlqd4vitkcckizECA1wTd%2Btku%2B4TKhagUbt5qubdb%2BFOKQdzND%2BCKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875e67967f6d5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adsbb.dfiles.eu//ad.php?z=7&c=NO&g=no_file&u=662011e7e9bfd-90748834 | 91.226.124.106 | 303 See Other | 318 B |
URL GET HTTP/2adsbb.dfiles.eu//ad.php?z=7&c=NO&g=no_file&u=662011e7e9bfd-90748834 IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel Hash0f0b975ee529197ec75780ebc2de5907 59688c6aafca5606e388ba9a44fc9dc25fc32cd3 28a0b52229f05b66354ca38b6b813d2281af3efb7e8b0a424ef8b4c68b9e583c
GET //ad.php?z=7&c=NO&g=no_file&u=662011e7e9bfd-90748834 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: last_file=741172
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 303 See Other
content-security-policy: frame-ancestors depositfiles.com depositfiles.org dfiles.eu dfiles.com web-301.dfiles.eu web-302.dfiles.eu web-303.dfiles.eu web-304.dfiles.eu
content-type: text/html; charset=UTF-8
date: Wed, 17 Apr 2024 18:16:09 GMT
location: /upload/blank.htm
server: nginx
set-cookie: _nf7=1; expires=Thu, 18-Apr-2024 18:16:09 GMT; Max-Age=86400
x-powered-by: PHP/5.6.40
X-Firefox-Spdy: h2
|
|
| adsbb.dfiles.eu//ad.php?z=60&c=NO | 91.226.124.106 | 303 See Other | 703 B |
URL GET HTTP/2adsbb.dfiles.eu//ad.php?z=60&c=NO IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
File typegzip compressed data, max speed, from Unix Hashe79b569764c60869a1d667e7fa48d6ea d67cde07a55b8c4b6331ce28431219a267eca46f 6b1d90abee49f385690aeefda49fb51f63ba45c8ec34ca5944cd09a021a00bb3
GET //ad.php?z=60&c=NO HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: last_file=741172
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 303 See Other
content-security-policy: frame-ancestors depositfiles.com depositfiles.org dfiles.eu dfiles.com web-301.dfiles.eu web-302.dfiles.eu web-303.dfiles.eu web-304.dfiles.eu
content-type: text/html; charset=UTF-8
date: Wed, 17 Apr 2024 18:16:09 GMT
location: /upload/2203/ad27612964f48cd2.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
server: nginx
set-cookie: _nf60=1; expires=Thu, 18-Apr-2024 18:16:09 GMT; Max-Age=86400
x-powered-by: PHP/5.6.40
X-Firefox-Spdy: h2
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail | 173.194.222.84 | 302 Found | 0 B |
URL GET HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail IP173.194.222.84:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com FingerprintCC:CB:DD:14:30:B0:75:6A:EE:1D:20:F1:9E:C5:DD:5F:DD:68:4F:7B ValidityMon, 18 Mar 2024 20:38:53 GMT - Mon, 10 Jun 2024 20:38:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:9AhxKh1Q2N5zL0vAqO1uIEtibnPEDg:V_IQtca3a2pNaxbX; Expires=Fri, 17-Apr-2026 18:16:10 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 17 Apr 2024 18:16:10 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ARZ0qKJ7g1c_GuoXweTkV3lwSof8-3TpdKjDYkgzpcrgrgOIiGtPZpC1-azgf_hvyo2M_Fcb_e1HZA
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-y1LwvkEq0AReNTHgiMcvDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARZ0qKIwyf92EM_zl3h7kYNQlva7iHK7gL02P7YfL1x7fAke90qEOIxCh16u8DfQPdvd9fCLy6ATEQ | 173.194.222.84 | 302 Found | 425 B |
URL GET HTTP/2accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARZ0qKIwyf92EM_zl3h7kYNQlva7iHK7gL02P7YfL1x7fAke90qEOIxCh16u8DfQPdvd9fCLy6ATEQ IP173.194.222.84:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com FingerprintCC:CB:DD:14:30:B0:75:6A:EE:1D:20:F1:9E:C5:DD:5F:DD:68:4F:7B ValidityMon, 18 Mar 2024 20:38:53 GMT - Mon, 10 Jun 2024 20:38:52 GMT
File typeHTML document, ASCII text, with very long lines (407) Hash00e9940a00312d9884b7ecfe9e6b6106 1d641c459875c79946130c1fc3a7571602d53947 a80b2bc9c77953c98c2f136d0f1b4b70c952124fdf7c6d0600e9ebe3fefdc0ac
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARZ0qKIwyf92EM_zl3h7kYNQlva7iHK7gL02P7YfL1x7fAke90qEOIxCh16u8DfQPdvd9fCLy6ATEQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:2CcJgS4e2dPREfnG7bhe6IGJvNb51g:uhNRTfAx3Ow9zinc;Path=/;Expires=Fri, 17-Apr-2026 18:16:10 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 17 Apr 2024 18:16:10 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKLqaUSL0ucg29ndkfZqL1-yO8v3Yf0m2wVWdeOlbbnuekfMaBOq5bc2l7GC9qu68b1a1X1oGQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-720483541%3A1713377770632060&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-wWTGBZ_57xFA1veeoL7XKg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 425
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js | 142.250.74.35 | 200 OK | 203 kB |
URL GET HTTP/2www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js IP142.250.74.35:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (554) Size203 kB (203369 bytes) Hashe9ccb3dbde79ba5ffdf9cad4b32d59fd 3a8cd67adc7c885bdf683f1e7f491e6a4a50679f 8f2c6777c7ccc01ab67290fa8acd5a4c4866be64129f39dfaeb9197dfa15e137
GET /recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 203369
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 13 Apr 2024 02:30:15 GMT
expires: Sun, 13 Apr 2025 02:30:15 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 29 Mar 2024 04:30:36 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 402355
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ARZ0qKJ7g1c_GuoXweTkV3lwSof8-3TpdKjDYkgzpcrgrgOIiGtPZpC1-azgf_hvyo2M_Fcb_e1HZA | 173.194.222.84 | 302 Found | 426 B |
URL GET HTTP/2accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ARZ0qKJ7g1c_GuoXweTkV3lwSof8-3TpdKjDYkgzpcrgrgOIiGtPZpC1-azgf_hvyo2M_Fcb_e1HZA IP173.194.222.84:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com FingerprintCC:CB:DD:14:30:B0:75:6A:EE:1D:20:F1:9E:C5:DD:5F:DD:68:4F:7B ValidityMon, 18 Mar 2024 20:38:53 GMT - Mon, 10 Jun 2024 20:38:52 GMT
File typeHTML document, ASCII text, with very long lines (404) Hash765d351448be0d46229674d9b9f9d90c 097d22843b2ced1a96b131f6fb2a3499be31ac03 ffa3ef51a91219c456bf7701da8d455ecbebf786b27bc339871e3f6cc9001366
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ARZ0qKJ7g1c_GuoXweTkV3lwSof8-3TpdKjDYkgzpcrgrgOIiGtPZpC1-azgf_hvyo2M_Fcb_e1HZA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:OR_7wys5QSasL-V3HB93YYe-hd2ieA:cpyjx_CfP6Un3fZf;Path=/;Expires=Fri, 17-Apr-2026 18:16:10 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 17 Apr 2024 18:16:10 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKIh8AwJdMK4Br4PMidhWoOetq5wjRMiIeNZ-JV9RJ2jHsh33eARG3CZ2mCuQrfsgZ8uPLU1GQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1022644776%3A1713377770665095&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-CkWfSKre3vqzXKk6tot5dQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 426
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| storage.multstorage.com/log/count.html | 172.67.174.51 | 200 OK | 390 B |
URL GET HTTP/2storage.multstorage.com/log/count.html IP172.67.174.51:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerGoogle Trust Services LLC Subjectmultstorage.com Fingerprint63:F0:24:29:21:22:E5:42:33:61:B5:20:05:1B:EF:36:81:F5:7B:0A ValiditySun, 17 Mar 2024 08:38:54 GMT - Sat, 15 Jun 2024 08:38:53 GMT
File typeHTML document, ASCII text, with very long lines (700) Hashb728ca9cd183d1b7c3f72116b19b22a3 c1fd73f6b02cf00b8bc60b09cc99495e8494b739 8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2
GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 18:16:09 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: 4076c4109f03d5c984631008e0f540e1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=usmfkhGY6uW3oCmrZkqx9VoJ%2B4b6uSftMejxPlCTsfsRaKV2Z%2BFJB%2BKwncvsQaB69MtQu2YNGBlSLK9BmXSqigona%2BkQErX6dEU0OittKH01TW94SqJLb2oew%2FXAQR7LE7EnJxwHnf%2BATQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875e6793eb0d56c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| decidedlyenjoyableannihilation.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Findex.html&l=1571&fd=683 | 172.240.127.234 | 200 OK | 0 B |
URL GET HTTP/1.1decidedlyenjoyableannihilation.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Findex.html&l=1571&fd=683 IP172.240.127.234:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectdecidedlyenjoyableannihilation.com Fingerprint04:5E:A7:2F:94:E4:08:88:66:15:BE:36:F0:95:99:2C:7B:DD:4F:6D ValidityTue, 16 Apr 2024 13:55:09 GMT - Mon, 15 Jul 2024 13:55:08 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Findex.html&l=1571&fd=683 HTTP/1.1
Host: decidedlyenjoyableannihilation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; uid_id2=b472b10e-b176-4106-b218-783f55e9d7f2:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 17 Apr 2024 18:16:11 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/img/1.jpg | 188.114.97.1 | 200 OK | 22 kB |
URL GET HTTP/3cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/img/1.jpg IP188.114.97.1:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x320, components 3 Hash7bcc800a4957dac955e91ce1ee3b73cd b1fae2cacecc790a22f91e2320077f89707473b1 760783cbcd04b3b7ef5f6b10a24878869d061709e4511ccada113b532833243d
GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/img/1.jpg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 18:16:11 GMT
content-type: image/jpeg
content-length: 21597
last-modified: Thu, 01 Feb 2024 14:55:47 GMT
etag: "65bbb0f3-545d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2396010
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yeF6SvZGGjLbrqmpw5Dssk1YsEf1UVIHK6UHCKk%2B50WFkcjNImk530uvX2UhvaMsRQcmfLSBUkYxSeBGKvzZcK5YfKH4LX7ROeCGPV83nv09lGZrEN34hllbI3VlNdtiveOZ8Y1ZcDTj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875e679de83956b7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.cookie-script.com/iabtcf/2.2/sdk_cmp.js | 146.185.171.19 | 200 OK | 18 kB |
URL GET HTTP/2cdn.cookie-script.com/iabtcf/2.2/sdk_cmp.js IP146.185.171.19:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerSectigo Limited Subject*.cookie-script.com FingerprintEC:4C:BD:45:07:39:A8:24:AD:C5:44:8F:4B:DF:0B:40:79:EA:44:77 ValidityMon, 11 Sep 2023 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65530), with no line terminators Hash9635f3ed8b8bffd3fb6e14c0d7fbe553 c06b23a59493274748d064abf9326e122bbd98b1 8d3e2a5b74a6f8bd2f0a17abfeb46e3c051223de2a27bd45e8ce56195ff0d59a
GET /iabtcf/2.2/sdk_cmp.js HTTP/1.1
Host: cdn.cookie-script.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 17 Apr 2024 18:16:11 GMT
content-type: text/javascript
content-length: 17606
last-modified: Wed, 20 Mar 2024 11:07:09 GMT
etag: "10b17-61415978931f8-gzip"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
x-cache-status: HIT
x-server: n3
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| decidedlyenjoyableannihilation.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fjs%2Fscript.js&l=386&fd=84 | 172.240.127.234 | 200 OK | 0 B |
URL GET HTTP/1.1decidedlyenjoyableannihilation.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fjs%2Fscript.js&l=386&fd=84 IP172.240.127.234:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectdecidedlyenjoyableannihilation.com Fingerprint04:5E:A7:2F:94:E4:08:88:66:15:BE:36:F0:95:99:2C:7B:DD:4F:6D ValidityTue, 16 Apr 2024 13:55:09 GMT - Mon, 15 Jul 2024 13:55:08 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fjs%2Fscript.js&l=386&fd=84 HTTP/1.1
Host: decidedlyenjoyableannihilation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; uid_id2=b472b10e-b176-4106-b218-783f55e9d7f2:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 17 Apr 2024 18:16:11 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| decidedlyenjoyableannihilation.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fcss%2Fanimate.css&l=79245&fd=91 | 172.240.127.234 | 200 OK | 0 B |
URL GET HTTP/1.1decidedlyenjoyableannihilation.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fcss%2Fanimate.css&l=79245&fd=91 IP172.240.127.234:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectdecidedlyenjoyableannihilation.com Fingerprint04:5E:A7:2F:94:E4:08:88:66:15:BE:36:F0:95:99:2C:7B:DD:4F:6D ValidityTue, 16 Apr 2024 13:55:09 GMT - Mon, 15 Jul 2024 13:55:08 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fcss%2Fanimate.css&l=79245&fd=91 HTTP/1.1
Host: decidedlyenjoyableannihilation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; uid_id2=b472b10e-b176-4106-b218-783f55e9d7f2:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 17 Apr 2024 18:16:11 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKIh8AwJdMK4Br4PMidhWoOetq5wjRMiIeNZ-JV9RJ2jHsh33eARG3CZ2mCuQrfsgZ8uPLU1GQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1022644776%3A1713377770665095&theme=mn&ddm=0 | 173.194.222.84 | 403 Forbidden | 856 B |
URL GET HTTP/3accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKIh8AwJdMK4Br4PMidhWoOetq5wjRMiIeNZ-JV9RJ2jHsh33eARG3CZ2mCuQrfsgZ8uPLU1GQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1022644776%3A1713377770665095&theme=mn&ddm=0 IP173.194.222.84:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File typegzip compressed data, max compression Hash2ac4b75031a46d1a63f5177dac4cd7ef 66ba7154e34354c9a2bb8605d735d1acf22db0e3 d58c1fade7170514a46553487c0246cd744769f92bb9f5c50fb17d466eeebf51
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKIh8AwJdMK4Br4PMidhWoOetq5wjRMiIeNZ-JV9RJ2jHsh33eARG3CZ2mCuQrfsgZ8uPLU1GQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1022644776%3A1713377770665095&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 17 Apr 2024 18:16:10 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-l_ScgyVS0dfqsb4m7sECVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| decidedlyenjoyableannihilation.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fcss%2Fstyle.css&l=3630&fd=95 | 172.240.108.76 | 200 OK | 0 B |
URL GET HTTP/1.1decidedlyenjoyableannihilation.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fcss%2Fstyle.css&l=3630&fd=95 IP172.240.108.76:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectdecidedlyenjoyableannihilation.com Fingerprint04:5E:A7:2F:94:E4:08:88:66:15:BE:36:F0:95:99:2C:7B:DD:4F:6D ValidityTue, 16 Apr 2024 13:55:09 GMT - Mon, 15 Jul 2024 13:55:08 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fcss%2Fstyle.css&l=3630&fd=95 HTTP/1.1
Host: decidedlyenjoyableannihilation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; uid_id2=b472b10e-b176-4106-b218-783f55e9d7f2:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 17 Apr 2024 18:16:11 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 16 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hash29c07cc77639538bfb82377634a38021 efb8e8494177fa44a008a1b5048e63ecfeb8c552 3e66074f451d1ed5968192eb93b0f1be1ec157aecd03255b3c4583bbbfada4a0
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 17 Apr 2024 18:16:11 GMT
date: Wed, 17 Apr 2024 18:16:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.163:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 10:46:32 GMT
expires: Wed, 16 Apr 2025 10:46:32 GMT
cache-control: public, max-age=31536000
age: 113379
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| decidedlyenjoyableannihilation.com/pixel/sbs?c=1 | 172.240.108.76 | 200 OK | 0 B |
URL GET HTTP/1.1decidedlyenjoyableannihilation.com/pixel/sbs?c=1 IP172.240.108.76:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectdecidedlyenjoyableannihilation.com Fingerprint04:5E:A7:2F:94:E4:08:88:66:15:BE:36:F0:95:99:2C:7B:DD:4F:6D ValidityTue, 16 Apr 2024 13:55:09 GMT - Mon, 15 Jul 2024 13:55:08 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: decidedlyenjoyableannihilation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; uid_id2=b472b10e-b176-4106-b218-783f55e9d7f2:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 17 Apr 2024 18:16:11 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| decidedlyenjoyableannihilation.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2Btnm%2F4XhRhdW8q9MGDipl09%2FzoiXsQ1xgJGzfLrqKepH71pEx1V1PVPT3JKbggexwWwWvnTbLBdZH14s1FJgseFoSMpxzMH%2BDBi7JnmTE4%2Bjn0573P%2BzS8elVfHJTnJEJJz9beN3tKa7rSaQb%2Bqx%2BH4RV%2FU2Xl0B%2F2up9221d8O3hztdsMXvPfk3zHrERBGARhEPrrysrEDFdmIlT%2BYDVsrgbNdtQMO20M7X%2B5Kz046kEMzsnzUGK69Ni7DMUnyNKHa9LtFCZ%2F49201LQwFgNx%2FGG2k5kqQ7qAifWQZMcX2zDudP0RTHY0twsz%2BGeRqSnxfnoElh1fmAQbHM59Mg2ZgYlnUA0mkHoCRSfg5jaUOCUAF7i%2BhSy9d93Yiu7%2BrdKZOiVLT%2F%2BAqqZk6dfLyNJvr2o19G8ZXRbKZA7DpIYaTqD6E%2BTlCYq9BlR1Al58DiV%2BJitPN5Glh1tOGyhx9gprxxELA7nMwri73A6D7jKLwt5y3GslnY5cFXESzQNSagKVTKDlCNQ1UDoPpfJQJh7K3EMqznwehmEcCE6D3irnLRFL1hVBSOMkpGHQ7aHkszOMUOQjcD0Ct%2FvI7T521Ai2%2FBFuu4YTHlxBMBA1KklQOYKKElSKoCoIqkF9JLSLXH1PaFey8KJHF71Vj03RP6BHpujLjIDaEayoD%2FJzcmke4J9dgx155kdRm4o2DduszcIOD%2BOomyRx0JG8G0eSduFUDeUaoM7Dnjp9IUeuTp99CYyewOkTcHUJtHwZtKpBt2vsZQ%2BFzI1TRaK0dE1uUghTIy%2BWUOx6B%2FqcvDh3cO2r%2B5D8CbkocFsjtzU%2BU48J%2BvrO%2BKapyOFNUzny3VZeqFTt0dn13ipoIf9%2F%2F5rcrYwVG2tu9PXbfCbM4IMPpCs2aSZU1nfkm6tKCGnXjeWS%2FLDhPpLsRum2r5Y2K%2FPNG%2B%2Bsb6S5lc4pk01A1eknd8HVlDz3%2Feb83b7u%2Fw5lJ7BljbRcOFVmAp7vw%2BWLmTMEVi84yz1UZT22EVsMtSLQcsEpq%2BH%2BxdkCjy2d%2FU1VfeDuoG8boMVtZGmNga0x0DWoHsGV%2FxsXuX3y1i%2BteYHpxphp2zhk2uq785Bnny%2Fh1JnfCkTMZCJjJtuddiK5YJ0OC3jCWUv0ehyFmyb%2Bpd%2F%2BAgAA%2F%2F8BAAD%2F%2F98pIkiRBAAA | 172.240.127.234 | 200 OK | 7 B |
URL GET HTTP/1.1decidedlyenjoyableannihilation.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2Btnm%2F4XhRhdW8q9MGDipl09%2FzoiXsQ1xgJGzfLrqKepH71pEx1V1PVPT3JKbggexwWwWvnTbLBdZH14s1FJgseFoSMpxzMH%2BDBi7JnmTE4%2Bjn0573P%2BzS8elVfHJTnJEJJz9beN3tKa7rSaQb%2Bqx%2BH4RV%2FU2Xl0B%2F2up9221d8O3hztdsMXvPfk3zHrERBGARhEPrrysrEDFdmIlT%2BYDVsrgbNdtQMO20M7X%2B5Kz046kEMzsnzUGK69Ni7DMUnyNKHa9LtFCZ%2F49201LQwFgNx%2FGG2k5kqQ7qAifWQZMcX2zDudP0RTHY0twsz%2BGeRqSnxfnoElh1fmAQbHM59Mg2ZgYlnUA0mkHoCRSfg5jaUOCUAF7i%2BhSy9d93Yiu7%2BrdKZOiVLT%2F%2BAqqZk6dfLyNJvr2o19G8ZXRbKZA7DpIYaTqD6E%2BTlCYq9BlR1Al58DiV%2BJitPN5Glh1tOGyhx9gprxxELA7nMwri73A6D7jKLwt5y3GslnY5cFXESzQNSagKVTKDlCNQ1UDoPpfJQJh7K3EMqznwehmEcCE6D3irnLRFL1hVBSOMkpGHQ7aHkszOMUOQjcD0Ct%2FvI7T521Ai2%2FBFuu4YTHlxBMBA1KklQOYKKElSKoCoIqkF9JLSLXH1PaFey8KJHF71Vj03RP6BHpujLjIDaEayoD%2FJzcmke4J9dgx155kdRm4o2DduszcIOD%2BOomyRx0JG8G0eSduFUDeUaoM7Dnjp9IUeuTp99CYyewOkTcHUJtHwZtKpBt2vsZQ%2BFzI1TRaK0dE1uUghTIy%2BWUOx6B%2FqcvDh3cO2r%2B5D8CbkocFsjtzU%2BU48J%2BvrO%2BKapyOFNUzny3VZeqFTt0dn13ipoIf9%2F%2F5rcrYwVG2tu9PXbfCbM4IMPpCs2aSZU1nfkm6tKCGnXjeWS%2FLDhPpLsRum2r5Y2K%2FPNG%2B%2Bsb6S5lc4pk01A1eknd8HVlDz3%2Feb83b7u%2Fw5lJ7BljbRcOFVmAp7vw%2BWLmTMEVi84yz1UZT22EVsMtSLQcsEpq%2BH%2BxdkCjy2d%2FU1VfeDuoG8boMVtZGmNga0x0DWoHsGV%2FxsXuX3y1i%2BteYHpxphp2zhk2uq785Bnny%2Fh1JnfCkTMZCJjJtuddiK5YJ0OC3jCWUv0ehyFmyb%2Bpd%2F%2BAgAA%2F%2F8BAAD%2F%2F98pIkiRBAAA IP172.240.127.234:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectdecidedlyenjoyableannihilation.com Fingerprint04:5E:A7:2F:94:E4:08:88:66:15:BE:36:F0:95:99:2C:7B:DD:4F:6D ValidityTue, 16 Apr 2024 13:55:09 GMT - Mon, 15 Jul 2024 13:55:08 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2Btnm%2F4XhRhdW8q9MGDipl09%2FzoiXsQ1xgJGzfLrqKepH71pEx1V1PVPT3JKbggexwWwWvnTbLBdZH14s1FJgseFoSMpxzMH%2BDBi7JnmTE4%2Bjn0573P%2BzS8elVfHJTnJEJJz9beN3tKa7rSaQb%2Bqx%2BH4RV%2FU2Xl0B%2F2up9221d8O3hztdsMXvPfk3zHrERBGARhEPrrysrEDFdmIlT%2BYDVsrgbNdtQMO20M7X%2B5Kz046kEMzsnzUGK69Ni7DMUnyNKHa9LtFCZ%2F49201LQwFgNx%2FGG2k5kqQ7qAifWQZMcX2zDudP0RTHY0twsz%2BGeRqSnxfnoElh1fmAQbHM59Mg2ZgYlnUA0mkHoCRSfg5jaUOCUAF7i%2BhSy9d93Yiu7%2BrdKZOiVLT%2F%2BAqqZk6dfLyNJvr2o19G8ZXRbKZA7DpIYaTqD6E%2BTlCYq9BlR1Al58DiV%2BJitPN5Glh1tOGyhx9gprxxELA7nMwri73A6D7jKLwt5y3GslnY5cFXESzQNSagKVTKDlCNQ1UDoPpfJQJh7K3EMqznwehmEcCE6D3irnLRFL1hVBSOMkpGHQ7aHkszOMUOQjcD0Ct%2FvI7T521Ai2%2FBFuu4YTHlxBMBA1KklQOYKKElSKoCoIqkF9JLSLXH1PaFey8KJHF71Vj03RP6BHpujLjIDaEayoD%2FJzcmke4J9dgx155kdRm4o2DduszcIOD%2BOomyRx0JG8G0eSduFUDeUaoM7Dnjp9IUeuTp99CYyewOkTcHUJtHwZtKpBt2vsZQ%2BFzI1TRaK0dE1uUghTIy%2BWUOx6B%2FqcvDh3cO2r%2B5D8CbkocFsjtzU%2BU48J%2BvrO%2BKapyOFNUzny3VZeqFTt0dn13ipoIf9%2F%2F5rcrYwVG2tu9PXbfCbM4IMPpCs2aSZU1nfkm6tKCGnXjeWS%2FLDhPpLsRum2r5Y2K%2FPNG%2B%2Bsb6S5lc4pk01A1eknd8HVlDz3%2Feb83b7u%2Fw5lJ7BljbRcOFVmAp7vw%2BWLmTMEVi84yz1UZT22EVsMtSLQcsEpq%2BH%2BxdkCjy2d%2FU1VfeDuoG8boMVtZGmNga0x0DWoHsGV%2FxsXuX3y1i%2BteYHpxphp2zhk2uq785Bnny%2Fh1JnfCkTMZCJjJtuddiK5YJ0OC3jCWUv0ehyFmyb%2Bpd%2F%2BAgAA%2F%2F8BAAD%2F%2F98pIkiRBAAA HTTP/1.1
Host: decidedlyenjoyableannihilation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; uid_id2=b472b10e-b176-4106-b218-783f55e9d7f2:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 17 Apr 2024 18:16:11 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9d80b29842cbc861f2dae184434fd13f
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=b472b10e-b176-4106-b218-783f55e9d7f2&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18 | 192.243.59.13 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=b472b10e-b176-4106-b218-783f55e9d7f2&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=b472b10e-b176-4106-b218-783f55e9d7f2&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 17 Apr 2024 18:16:11 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7a13c3f96870585b13a9fe880a6dad77
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=b472b10e-b176-4106-b218-783f55e9d7f2&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18 | 192.243.59.13 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=b472b10e-b176-4106-b218-783f55e9d7f2&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=b472b10e-b176-4106-b218-783f55e9d7f2&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 17 Apr 2024 18:16:11 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b585937bc34b15683abb04969f4003ca
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 | 91.226.124.106 | 200 OK | 1.5 kB |
URL GET HTTP/2adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
File typeHTML document, ASCII text, with very long lines (1534), with no line terminators Hashe7011af4f97e53b283ae57fc1b91896d d2382db3dd7b06624d8f71957cdfe2b26456efd5 e3fc9b7efdf06d8854267021e8f7945e67a98ebb4de42b43c0d169edba842131
GET /upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
DNT: 1
Connection: keep-alive
Cookie: last_file=741172; _nf60=1; _nf58=1; _nf56=1; _nf7=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
content-security-policy: frame-ancestors depositfiles.com depositfiles.org dfiles.eu dfiles.com web-301.dfiles.eu web-302.dfiles.eu web-303.dfiles.eu web-304.dfiles.eu
content-type: text/html
date: Wed, 17 Apr 2024 18:16:09 GMT
last-modified: Wed, 17 Apr 2024 18:15:00 GMT
server: nginx
X-Firefox-Spdy: h2
|
|
| afnyfiexpecttha.info/popunder.gif | 104.21.42.166 | 200 OK | 35 B |
URL GET HTTP/2afnyfiexpecttha.info/popunder.gif IP104.21.42.166:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectafnyfiexpecttha.info Fingerprint6B:ED:1A:88:9C:57:2B:90:45:C1:12:0F:50:A2:BE:77:05:42:3A:DB ValiditySun, 31 Mar 2024 11:28:54 GMT - Sat, 29 Jun 2024 11:28:53 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28d6814f309ea289f847c69cf91194c6 0f4e929dd5bb2564f7ab9c76338e04e292a42ace 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /popunder.gif HTTP/1.1
Host: afnyfiexpecttha.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 18:16:09 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 530
last-modified: Wed, 17 Apr 2024 18:07:19 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fBO4YOQ%2BglEdYL4DoVlCZlPgMr38nUG0kqu8C8pYmjE0FCPgi2c%2FuaPdIyqpC8i%2FAg2UCIOic4zgSd4ffC2bGfe7X%2FTjhXkWwqbyG5R6kf%2BXpR3yIND4BES20X%2F5BJHIekIqgVdsoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875e6791784b569f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/js/script.js | 188.114.97.1 | 200 OK | 386 B |
URL GET HTTP/2cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/js/script.js IP188.114.97.1:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (399), with no line terminators Hash022602a468da44628060800173771da2 9be813fbfebbcb2aa46d8c6b8abec68b3d16c89c 6742c376e658c34d09b2dc5772bd798e3cd52bb265758bac5bce184f8ee7b5cc
GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 18:16:11 GMT
content-type: application/javascript
last-modified: Thu, 01 Feb 2024 14:55:49 GMT
etag: W/"65bbb0f5-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 102525
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FNeqs9jKC5l5V4yRzO0eQFJZF1A52n7PLz1jIIcD3T92lXpnmWysce15AaOAzwqds4VSGQ32C%2FLeT3%2FPqbf93UMn2r3yZ774dmyMJzg%2BaSqrfwE2gCgmWOWZwu%2BOYlRLcaeReCzgoy0F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875e679d2fcb712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/css/style.css | 188.114.97.1 | 200 OK | 3.6 kB |
URL GET HTTP/2cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/css/style.css IP188.114.97.1:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (3854), with no line terminators Hash1ef6c40dc9237f64e46f930e4b26d112 7e94a725845a7101b17bfc0ff488e27c12060c1d e23167c1f14d771e6eb40f86085c2f04f52010a5e934cff3f9e214aab984f4b4
GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 18:16:11 GMT
content-type: text/css
last-modified: Thu, 01 Feb 2024 14:55:46 GMT
etag: W/"65bbb0f2-e2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 102525
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8mNVcSfq5FH4GEeLAxTf6ch7yYeIjpwZG4rgMTUzHQkjdxfMJtRvGI6SWvRLzktxoe6oWkTj4cx64QulXlQdp%2Bo79qQ9IZtuJbCxMDeKTpy7Uif0S0uQPoe2kSLzhGbsQwqxmlEmj3c%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875e679d3fcf712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| js.wpadmngr.com/static/adManager.m.js | 45.133.44.53 | 200 OK | 109 kB |
URL GET HTTP/2js.wpadmngr.com/static/adManager.m.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectjs.wpadmngr.com Fingerprint60:8B:32:7F:ED:77:26:33:0E:F0:C1:0F:02:66:F5:DB:C6:0D:1F:70 ValidityMon, 11 Mar 2024 04:00:58 GMT - Sun, 09 Jun 2024 04:00:57 GMT
Size109 kB (109441 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 18:16:09 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 13:35:54 GMT
etag: W/"661e7eba-1ab81"
content-encoding: gzip
expires: Wed, 17 Apr 2024 18:21:09 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/images/favicon.ico | 91.226.124.125 | 200 OK | 318 B |
URL GET HTTP/2static.depositfiles.com/images/favicon.ico IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel Hash0f0b975ee529197ec75780ebc2de5907 59688c6aafca5606e388ba9a44fc9dc25fc32cd3 28a0b52229f05b66354ca38b6b813d2281af3efb7e8b0a424ef8b4c68b9e583c
GET /images/favicon.ico HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/x-icon
date: Wed, 17 Apr 2024 18:16:10 GMT
etag: "651c240d-13e"
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 318
X-Firefox-Spdy: h2
|
|
| acscdn.com/script/ut.js?cb=1713377769340 | 172.67.165.20 | 200 OK | 111 kB |
URL GET HTTP/3acscdn.com/script/ut.js?cb=1713377769340 IP172.67.165.20:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerGoogle Trust Services LLC Subjectacscdn.com FingerprintC2:6C:14:F0:34:12:76:91:EB:3A:02:AC:4F:41:CA:11:17:6F:F0:01 ValidityWed, 28 Feb 2024 11:34:54 GMT - Tue, 28 May 2024 11:34:53 GMT
Size111 kB (110973 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script/ut.js?cb=1713377769340 HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 18:16:09 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPqj2-9zjuV15lYe07jPEY6QCEx-gXUiFKWRFcyaVc5RmSWNLX6p6dohggkr_-1xnDtPMms
x-goog-generation: 1712582919769261
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 110973
x-goog-hash: crc32c=zPCrng==, md5=y6b2O1iBUF6uWcbIgbxEhA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Wed, 17 Apr 2024 18:50:28 GMT
cache-control: public, max-age=3600
age: 537
last-modified: Mon, 08 Apr 2024 13:28:39 GMT
etag: W/"cba6f63b5881505eae59c6c881bc4484"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sz2RljWyRDC8sTU13UvaXQkIBco%2B33unUoHkWlykYRtHbXitVJBggm61rPWPqOR3OYhyDfNUi6qfkko42uOAE5gmJfKBPbbf2dfPq4KwHZW3HSVaXe%2B%2BYIG%2BRr9C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875e67927aa9b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| pogothere.xyz/ | 104.21.24.208 | 200 OK | 26 B |
IP104.21.24.208:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerGoogle Trust Services LLC Subjectpogothere.xyz Fingerprint34:D3:33:F8:49:E2:1E:3E:44:A8:5D:74:68:9C:B8:A0:D5:F8:DD:0B ValidityWed, 27 Mar 2024 02:15:30 GMT - Tue, 25 Jun 2024 02:15:29 GMT
File typeASCII text, with no line terminators Hash12a1a7546bce85d6202fb3042d42f4d4 aad852fbf3a83b87ac878e7ccbb421a73a603924 45c109c7fe025e62d1de246364f4aeec172c2728419e3135aca24a8b2cde8ee7
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 18:16:10 GMT
content-type: text/plain
set-cookie: csu=286248252476873@1@1713377770; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://dfiles.eu
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j96LU0A2BsgOL7UaDnUxnWB%2BiBIpL1IY7hN%2FHadSpYqFxd%2BEaYXlYgmu3XQIh3wKcXSwaE3XniINhf0m2JlZ8Ix%2FfLAVMC61nDg99HJEZrVm0%2FqiJpdbAZIqwQJE8xWh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875e6799bf6a5690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| js.wpshsdk.com/npc/sdk/push.m.js?v=1 | 45.133.44.53 | 200 OK | 34 kB |
URL GET HTTP/2js.wpshsdk.com/npc/sdk/push.m.js?v=1 IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectjs.wpshsdk.com Fingerprint7C:0A:CB:08:AD:6F:60:55:9E:07:7C:F7:07:AC:DD:CF:DF:AB:01:FD ValidityWed, 20 Mar 2024 05:01:38 GMT - Tue, 18 Jun 2024 05:01:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npc/sdk/push.m.js?v=1 HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 18:16:09 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 28 Mar 2024 13:33:01 GMT
etag: W/"6605718d-8608"
content-encoding: gzip
expires: Wed, 17 Apr 2024 18:21:09 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| adsbb.dfiles.eu/upload/2203/ad27612964f48cd2.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 | 91.226.124.106 | 200 OK | 1.5 kB |
URL GET HTTP/2adsbb.dfiles.eu/upload/2203/ad27612964f48cd2.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
File typeHTML document, ASCII text, with very long lines (1537), with no line terminators Hashabb5db5d3952dd3fcb2070e08b8f4cdd b4d404e72a3bd9498dd628b09037caeac1d9b9ee f332b039641ed5ef9e9fa5386ab0a8f60aa164c1eec3080bfb0e7c1a7c045ba3
GET /upload/2203/ad27612964f48cd2.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
DNT: 1
Connection: keep-alive
Cookie: last_file=741172; _nf60=1; _nf58=1; _nf56=1; _nf7=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
content-security-policy: frame-ancestors depositfiles.com depositfiles.org dfiles.eu dfiles.com web-301.dfiles.eu web-302.dfiles.eu web-303.dfiles.eu web-304.dfiles.eu
content-type: text/html
date: Wed, 17 Apr 2024 18:16:09 GMT
last-modified: Wed, 17 Apr 2024 18:15:00 GMT
server: nginx
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api.js | 142.250.74.164 | 200 OK | 850 B |
URL GET HTTP/2www.google.com/recaptcha/api.js IP142.250.74.164:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintCC:CC:99:46:65:6C:77:0B:C8:AA:AD:5E:58:B6:2D:19:B2:C7:0B:06 ValidityMon, 04 Mar 2024 07:19:07 GMT - Mon, 27 May 2024 07:19:06 GMT
File typeJavaScript source, ASCII text, with very long lines (850), with no line terminators Hash1613f25e7a73976f440bd3c174bc1dc3 ffa5be6619ae6109c6e412186e0f12b8d8a73cd9 091a7de491da06df67c869b9905c1d028eb2816e68360c0b5b7a4fa8ce590322
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Wed, 17 Apr 2024 18:16:08 GMT
date: Wed, 17 Apr 2024 18:16:08 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| pubtrky.com/ut/hb.php?cb=0.31223563145510447&v=1 | 172.67.188.110 | 204 No Content | 0 B |
URL POST HTTP/2pubtrky.com/ut/hb.php?cb=0.31223563145510447&v=1 IP172.67.188.110:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerGoogle Trust Services LLC Subjectpubtrky.com Fingerprint1F:C3:3C:5C:C7:6F:56:DF:E4:18:22:98:6F:C2:B3:96:B2:B4:A6:30 ValidityMon, 18 Mar 2024 09:15:33 GMT - Sun, 16 Jun 2024 09:15:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ut/hb.php?cb=0.31223563145510447&v=1 HTTP/1.1
Host: pubtrky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 1595
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 17 Apr 2024 18:16:09 GMT
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2lKICg7KMzxcAPEnU1X3Xndi5WqgLXbtcc6U9BKJ7sdDy5UWYEOKyA2Ls%2FKsHZi%2FNW8xW1kpOQsSZikjg%2FCceW11PIhJObfgzFQie1cDAOo6h7M1ScXo1fT%2Fp7bcHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875e679388b1b4ff-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| js.capndr.com/advertising.js | 45.133.44.52 | 200 OK | 0 B |
URL GET HTTP/2js.capndr.com/advertising.js IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectjs.capndr.com Fingerprint62:A4:EA:AD:53:4D:AB:37:8E:A1:66:48:0B:25:9A:4C:AB:69:72:2D ValidityWed, 21 Feb 2024 03:00:58 GMT - Tue, 21 May 2024 03:00:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 18:16:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Wed, 17 Apr 2024 18:21:09 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| js.wpadmngr.com/static/adManager.js | 45.133.44.53 | 200 OK | 1.7 kB |
URL GET HTTP/2js.wpadmngr.com/static/adManager.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectjs.wpadmngr.com Fingerprint60:8B:32:7F:ED:77:26:33:0E:F0:C1:0F:02:66:F5:DB:C6:0D:1F:70 ValidityMon, 11 Mar 2024 04:00:58 GMT - Sun, 09 Jun 2024 04:00:57 GMT
File typeJavaScript source, ASCII text, with very long lines (1887), with no line terminators Hash8263610639624a65707a41479379709a 1653610e4e9b3814c8e68eb96814378d71be9776 8e6ca46c563e6ef9d3245fe116672ac9ff7b807033852fa0452493b5fb2d8a0c
GET /static/adManager.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 18:16:08 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 13:35:49 GMT
etag: W/"661e7eb5-6c7"
content-encoding: gzip
expires: Wed, 17 Apr 2024 18:21:08 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/css/animate.css | 188.114.97.1 | 200 OK | 79 kB |
URL GET HTTP/2cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/css/animate.css IP188.114.97.1:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash80047eaa13ebd50c50e8a9753621e430 9c503e07d130572a0eaf51f7c02cbd4cf6213fe3 3f831a59615f8d5d40b4340b2836f91438c876f8dbce75f78e38360d6fe0f429
GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 18:16:11 GMT
content-type: text/css
last-modified: Thu, 01 Feb 2024 14:55:44 GMT
etag: W/"65bbb0f0-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 102525
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5CSUOy%2BzGYEbdd5%2FtO7R%2F7GVZC29KiZK1kHS5Hhmpnt5al5aY4sY7FXQaio8nyVmWxuqSBxdd8eAFxrKMSHjKpg6N2dYPEn170aPXXa2r2QFLihcH6XQdztVkOWjjTSHryt5JODWNb9f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875e679d2fce712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube | 173.194.222.84 | 302 Found | 0 B |
URL GET HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP173.194.222.84:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com FingerprintCC:CB:DD:14:30:B0:75:6A:EE:1D:20:F1:9E:C5:DD:5F:DD:68:4F:7B ValidityMon, 18 Mar 2024 20:38:53 GMT - Mon, 10 Jun 2024 20:38:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:-yRHNPQub6JdlCCWj01m7lKEFl4ELQ:k3wuixspQH7lR1Z4; Expires=Fri, 17-Apr-2026 18:16:10 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 17 Apr 2024 18:16:10 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARZ0qKIwyf92EM_zl3h7kYNQlva7iHK7gL02P7YfL1x7fAke90qEOIxCh16u8DfQPdvd9fCLy6ATEQ
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-BnM4ewgzXlBTpiLJk2ewEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| pogothere.xyz/asd100.bin | 104.21.24.208 | 200 OK | 102 kB |
IP104.21.24.208:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerGoogle Trust Services LLC Subjectpogothere.xyz Fingerprint34:D3:33:F8:49:E2:1E:3E:44:A8:5D:74:68:9C:B8:A0:D5:F8:DD:0B ValidityWed, 27 Mar 2024 02:15:30 GMT - Tue, 25 Jun 2024 02:15:29 GMT
Size102 kB (102400 bytes) Hash4c6426ac7ef186464ecbb0d81cbfcb1e 5a6918eebd9d635e8f632e3ef34e3792b1b5ec13 f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 18:16:10 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://dfiles.eu
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 418
last-modified: Wed, 17 Apr 2024 18:09:12 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xo7Q6HfKi6itjLFmpR9SgV1lX4RJAn0m4fuT1Ge3ZM0juwpXYOLU%2F6cgkaS%2F8LvmJNDyn86Mgc0haAmF6dUT9MlM7mS%2BF6xR74bvJvHF%2FYkRpjxLPo0e5OGt1avg9hug"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875e6799bf6f5690-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| adsbb.dfiles.eu//ad.php?z=56&c=NO | 91.226.124.106 | 303 See Other | 1.5 kB |
URL GET HTTP/2adsbb.dfiles.eu//ad.php?z=56&c=NO IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET //ad.php?z=56&c=NO HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: last_file=741172
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 303 See Other
content-security-policy: frame-ancestors depositfiles.com depositfiles.org dfiles.eu dfiles.com web-301.dfiles.eu web-302.dfiles.eu web-303.dfiles.eu web-304.dfiles.eu
content-type: text/html; charset=UTF-8
date: Wed, 17 Apr 2024 18:16:09 GMT
location: /upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
server: nginx
set-cookie: _nf56=1; expires=Thu, 18-Apr-2024 18:16:09 GMT; Max-Age=86400
x-powered-by: PHP/5.6.40
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.163:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:37:01 GMT
expires: Fri, 11 Apr 2025 02:37:01 GMT
cache-control: public, max-age=31536000
age: 574750
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| opponenteaster.com/pixel/purst?dl=0&th=0&sc=0&rs=2339&rd=2339&fd=662&bv=24.4.2204&tmpl=136 | 192.243.61.225 | 200 OK | 0 B |
URL GET HTTP/1.1opponenteaster.com/pixel/purst?dl=0&th=0&sc=0&rs=2339&rd=2339&fd=662&bv=24.4.2204&tmpl=136 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectopponenteaster.com Fingerprint0C:AB:C9:0A:F0:47:A2:06:9F:41:1C:F4:87:68:8F:07:33:57:A0:19 ValidityTue, 16 Apr 2024 14:04:04 GMT - Mon, 15 Jul 2024 14:04:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/purst?dl=0&th=0&sc=0&rs=2339&rd=2339&fd=662&bv=24.4.2204&tmpl=136 HTTP/1.1
Host: opponenteaster.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 17 Apr 2024 18:16:10 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.cookie-script.com/iabtcf/2.2/vendor-list.json | 146.185.171.19 | 200 OK | 606 kB |
URL GET HTTP/2cdn.cookie-script.com/iabtcf/2.2/vendor-list.json IP146.185.171.19:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerSectigo Limited Subject*.cookie-script.com FingerprintEC:4C:BD:45:07:39:A8:24:AD:C5:44:8F:4B:DF:0B:40:79:EA:44:77 ValidityMon, 11 Sep 2023 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT
Size606 kB (605551 bytes) Hash96aeb08ad70fd943f6d62672be7ec63a ebd487dbdfd9ea37133348a2cfd221675d2e18aa 60d250a9b850b976e86cd99d8d92351423758af6daefc2e39a8c4397dfddd7b9
GET /iabtcf/2.2/vendor-list.json HTTP/1.1
Host: cdn.cookie-script.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 17 Apr 2024 18:16:11 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Sun, 14 Apr 2024 00:00:01 GMT
etag: W/"93d6f-616032fbd28bf"
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
x-cache-status: HIT
x-server: n3
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.cookie-script.com/iabtcf/2.2/vendor-list.json | 146.185.171.19 | 200 OK | 606 kB |
URL GET HTTP/2cdn.cookie-script.com/iabtcf/2.2/vendor-list.json IP146.185.171.19:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerSectigo Limited Subject*.cookie-script.com FingerprintEC:4C:BD:45:07:39:A8:24:AD:C5:44:8F:4B:DF:0B:40:79:EA:44:77 ValidityMon, 11 Sep 2023 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT
Size606 kB (605551 bytes) Hash96aeb08ad70fd943f6d62672be7ec63a ebd487dbdfd9ea37133348a2cfd221675d2e18aa 60d250a9b850b976e86cd99d8d92351423758af6daefc2e39a8c4397dfddd7b9
GET /iabtcf/2.2/vendor-list.json HTTP/1.1
Host: cdn.cookie-script.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 17 Apr 2024 18:16:11 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Sun, 14 Apr 2024 00:00:01 GMT
etag: W/"93d6f-616032fbd28bf"
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
x-cache-status: HIT
x-server: n3
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| depositfiles.com/files/741172/POPNEWCPRPSP.part2.rar | 91.226.124.120 | 302 Found | 16 kB |
URL User Request GET HTTP/2depositfiles.com/files/741172/POPNEWCPRPSP.part2.rar IP91.226.124.120:443
CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /files/741172/POPNEWCPRPSP.part2.rar HTTP/1.1
Host: depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
date: Wed, 17 Apr 2024 18:16:07 GMT
location: //dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar
server: nginx
X-Firefox-Spdy: h2
|
|
| adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js | 91.226.124.106 | 200 OK | 85 kB |
URL GET HTTP/2adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js IP91.226.124.106:443
Requested byhttps://adsbb.dfiles.eu/upload/2203/ad27612964f48cd2.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2203/ad27612964f48cd2.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: last_file=741172; _nf60=1; _nf58=1; _nf56=1; _nf7=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: no-cache, private, no-cache, no-store, must-revalidate
content-type: application/javascript
date: Wed, 17 Apr 2024 18:16:09 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
pragma: no-cache
server: nginx
content-length: 85260
X-Firefox-Spdy: h2
|
|
| adsbb.dfiles.eu/upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 | 91.226.124.106 | 200 OK | 1.5 kB |
URL GET HTTP/2adsbb.dfiles.eu/upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
File typeHTML document, ASCII text, with very long lines (1549), with no line terminators Hash9d62629b49373706a55c6587431ff940 0f3a68b25672597e4779c54cf9c79ce59573c89b f2b04f4b621a1d84e03de7c479710a9583af9cfba08bf356165509728095e391
GET /upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
DNT: 1
Connection: keep-alive
Cookie: last_file=741172; _nf60=1; _nf58=1; _nf56=1; _nf7=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
content-security-policy: frame-ancestors depositfiles.com depositfiles.org dfiles.eu dfiles.com web-301.dfiles.eu web-302.dfiles.eu web-303.dfiles.eu web-304.dfiles.eu
content-type: text/html
date: Wed, 17 Apr 2024 18:16:09 GMT
last-modified: Wed, 17 Apr 2024 18:15:00 GMT
server: nginx
X-Firefox-Spdy: h2
|
|
| ctrtrk.com/ut/ctr.php | 104.21.85.92 | 200 OK | 166 B |
IP104.21.85.92:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerGoogle Trust Services LLC Subjectctrtrk.com Fingerprint58:E6:48:48:DD:46:49:F1:8C:B7:7C:F4:88:92:84:58:15:D5:01:AD ValiditySat, 16 Mar 2024 06:41:09 GMT - Fri, 14 Jun 2024 06:41:08 GMT
File typeHTML document, ASCII text, with no line terminators Hash67c77a69efe4edfaf81db81284b29d03 eb3377b7ae6f9619815afae0883628085507aaed db55f72ca543260025fde702be0b8ddfc423b29ab2059e1f8f4f503ff4770a36
GET /ut/ctr.php HTTP/1.1
Host: ctrtrk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 18:16:09 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
set-cookie: uniqid=15f1a2ef-350c-4089-a6e8-1936e9dd9f49; path=/; SameSite=None; Secure; Max-Age=1744913769; HttpOnly
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0oTaFfpX8qxZHrZaWIJE8chFPUtkDb2S7fazXRxpmm5JQ6iL%2B0v%2BzkTGpJNylRsLKhCil8VXu5yjsPuFTZH6fGfN6S1g6jBOrLjSjCZ5%2FoOeBW5AFjZ%2Bs5EoFDYJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875e67938945569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKLqaUSL0ucg29ndkfZqL1-yO8v3Yf0m2wVWdeOlbbnuekfMaBOq5bc2l7GC9qu68b1a1X1oGQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-720483541%3A1713377770632060&theme=mn&ddm=0 | 173.194.222.84 | 403 Forbidden | 0 B |
URL GET HTTP/2accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKLqaUSL0ucg29ndkfZqL1-yO8v3Yf0m2wVWdeOlbbnuekfMaBOq5bc2l7GC9qu68b1a1X1oGQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-720483541%3A1713377770632060&theme=mn&ddm=0 IP173.194.222.84:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com FingerprintCC:CB:DD:14:30:B0:75:6A:EE:1D:20:F1:9E:C5:DD:5F:DD:68:4F:7B ValidityMon, 18 Mar 2024 20:38:53 GMT - Mon, 10 Jun 2024 20:38:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKLqaUSL0ucg29ndkfZqL1-yO8v3Yf0m2wVWdeOlbbnuekfMaBOq5bc2l7GC9qu68b1a1X1oGQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-720483541%3A1713377770632060&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 17 Apr 2024 18:16:10 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce--ZkTSwtNeQEpxaPm0ajHoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar | 91.226.124.106 | 200 OK | 16 kB |
URL User Request GET HTTP/2dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar IP91.226.124.106:443
CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /files/741172/POPNEWCPRPSP.part2.rar HTTP/1.1
Host: dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 17 Apr 2024 18:16:07 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
set-cookie: PHPSESSID=5b95cdf7ea49ed3740563ee193a73e2f; path=/
last_file=741172; path=/; domain=.dfiles.eu
lang_current=en; expires=Thu, 17-Apr-2025 18:16:07 GMT; Max-Age=31536000; path=/; domain=.dfiles.eu; secure
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/css/main.css | 91.226.124.125 | 200 OK | 194 kB |
URL GET HTTP/2static.depositfiles.com/css/main.css IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
Size194 kB (194436 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /css/main.css HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=300
content-encoding: gzip
content-type: text/css
date: Wed, 17 Apr 2024 18:16:08 GMT
etag: W/"6545effd-2f784"
expires: Wed, 17 Apr 2024 18:21:08 GMT
last-modified: Sat, 04 Nov 2023 07:17:17 GMT
server: nginx
X-Firefox-Spdy: h2
|
|
| consent.cookie-script.com/analytics?action=firstshown&time=1713377770959&script=962e36ace9b4601f1f51f3e2010e41b9&category= | 116.203.90.127 | 200 OK | 47 B |
URL GET HTTP/2consent.cookie-script.com/analytics?action=firstshown&time=1713377770959&script=962e36ace9b4601f1f51f3e2010e41b9&category= IP116.203.90.127:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerSectigo Limited Subject*.cookie-script.com FingerprintEC:4C:BD:45:07:39:A8:24:AD:C5:44:8F:4B:DF:0B:40:79:EA:44:77 ValidityMon, 11 Sep 2023 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash4e47a014c692640c3066aa5d1f3102f6 8ca6ef57c10f359e55c332cf34ce4d359940e456 70ce9552a9651377dd50169445a2d78c033d7ef42850452cf0f5c36fceee37f8
GET /analytics?action=firstshown&time=1713377770959&script=962e36ace9b4601f1f51f3e2010e41b9&category= HTTP/1.1
Host: consent.cookie-script.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 17 Apr 2024 18:16:11 GMT
content-type: application/json
content-length: 47
x-amzn-requestid: 9364ff69-3915-4cb7-99d9-1dbd3c701fd1
access-control-allow-origin: *
x-amz-apigw-id: WYe8yEWIDoEEqEA=
x-amzn-trace-id: Root=1-662011eb-71be4d3f1ccbecb544682abd;Parent=6b48b0164c1e4877;Sampled=0;lineage=a8669a4e:0
x-cache: Miss from cloudfront
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: KufE2Hx6q2Hup6kg0BUSt53WJAJv4HlwZwNQIR5NRKxE9jTWZFSCTQ==
X-Firefox-Spdy: h2
|
|
| cdn.unblockia.com/h.js | 108.157.214.50 | 200 OK | 168 kB |
IP108.157.214.50:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerAmazon Subject*.unblockia.com Fingerprint79:E4:56:24:64:EB:7C:C0:1E:E3:61:D0:BE:07:4D:34:89:8B:5E:BD ValidityTue, 23 Jan 2024 00:00:00 GMT - Thu, 20 Feb 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size168 kB (168079 bytes) Hashbc5af0220c4116294c4e9c72ae4e244c f03f6753bcdfdedf4475b83022003b01a02fbde0 b7d2974070cf9f476d97e4401209a440e8fee787781d9084655cca366dad4d21
GET /h.js HTTP/1.1
Host: cdn.unblockia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Tue, 20 Jun 2023 10:06:46 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-content-sha256: 02f1ef29ead1d705cce351046cded37a79615ae12624547bfa0e8307765c8765
x-amz-version-id: m8vKRZ4OANVjVfMIKL3cKYiXKt6EM9QQ
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:987257285531:build/unblockia-loader-codebuild-project:4e52eb3f-761b-4c10-a85a-162fb4fa3980
x-amz-meta-codebuild-content-md5: fb4d4b7b1d35720e2d2481016ef4369b
server: AmazonS3
content-encoding: gzip
date: Wed, 17 Apr 2024 01:27:21 GMT
etag: W/"bc5af0220c4116294c4e9c72ae4e244c"
x-cache: Hit from cloudfront
via: 1.1 009f08cce389af684f28c36891875534.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: Dta9dZmqnmNLqqMqF93xYqC77lPDtpzokemumdp1VtYdWPTFn6HbcQ==
age: 60530
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
|
|
| cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/index.html | 104.26.7.19 | 200 OK | 1.6 kB |
URL GET HTTP/2cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/index.html IP104.26.7.19:443
Requested byhttps://dfiles.eu/files/741172/POPNEWCPRPSP.part2.rar CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint84:82:6E:35:03:D4:C4:FC:BA:08:CD:C8:E6:A3:97:A9:20:2F:F5:49 ValiditySun, 23 Jul 2023 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (1660), with no line terminators Hash0029b7cb4d5550c5233f931c816165ea 31298b092158bb9ce60a8e9bf497c5bd1f562a11 26ba2ea9cf182d890d03039af9052b75e71a92a6f3a9a386e955428677907062
GET /sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 18:16:10 GMT
content-type: text/html
last-modified: Thu, 01 Feb 2024 14:55:44 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U93WZiHbQB8tLDy2Q1Q4kGruE98RR0zdZ%2B9vQ7cP5W2pdxBhiFupx5kFXAHpo7zOJjLZLUdolhtCJ3dgpMTtLa71Z31UZKNZBlgUW%2FmR2Kng8X9OCj9n1%2B%2BtFE1E0Nk1xKr2Xjo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875e67980e5256ab-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|