| gizmod.ru/redirect/url.php?link=https://depositfiles.com/files/hqjs9ccxj | 46.165.236.177 | 302 Found | 0 B |
URL User Request GET HTTP/2gizmod.ru/redirect/url.php?link=https://depositfiles.com/files/hqjs9ccxj IP46.165.236.177:443 ASN#28753 Leaseweb Deutschland GmbH
CertificateIssuerLet's Encrypt Subjectgizmod.ru Fingerprint08:FA:A1:A2:22:34:16:A1:5A:36:93:D7:B5:04:6C:91:7F:5D:74:48 ValidityMon, 15 Apr 2024 20:11:18 GMT - Sun, 14 Jul 2024 20:11:17 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect/url.php?link=https://depositfiles.com/files/hqjs9ccxj HTTP/1.1
Host: gizmod.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Fri, 10 May 2024 20:54:53 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://depositfiles.com/files/hqjs9ccxj
vary: User-Agent
X-Firefox-Spdy: h2
|
|
| acscdn.com/script/aclib.js | 172.67.165.20 | 200 OK | 40 kB |
URL GET HTTP/2acscdn.com/script/aclib.js IP172.67.165.20:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerGoogle Trust Services LLC Subjectacscdn.com Fingerprint55:5D:7F:12:65:2B:04:EA:49:29:92:63:3B:D1:C2:DF:C7:F6:4B:9E ValiditySat, 27 Apr 2024 13:56:54 GMT - Fri, 26 Jul 2024 13:56:53 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65499), with no line terminators Hash4c2179a619c355d4c2eca1a64f6f3f07 b274e397844067fef7f1ee62031cf1c03d7d0343 23847115b160f47704649f2f6bb3347e31b53c12089d504d98303c18856bc58a
GET /script/aclib.js HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:54:54 GMT
content-type: text/javascript
x-goog-generation: 1714389616107910
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 125606
x-goog-hash: crc32c=xTw75w==, md5=TCF5phnDVdTC7KGmT28/Bw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
x-guploader-uploadid: ABPtcPq3WDRiywUXy1I9epsgjBrZr10_kxsxD8tygBTr-xkVVMzaGeOnPwLfQ_UPT0AwhViwE90
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Fri, 10 May 2024 21:30:50 GMT
cache-control: public, max-age=3600
age: 1444
last-modified: Mon, 29 Apr 2024 11:20:16 GMT
etag: W/"4c2179a619c355d4c2eca1a64f6f3f07"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ANo4GG595Esci3KQudxQC%2FUKiwA3m%2BYEb%2BOlm7AAO9oPua7JD1npQn4yxaFqvoAmbaImsC4MXO52TAtAtiWrY2hl683ceU7Gmq7IIeHUaBuDZXlrIwpOnEB1L6uN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881cd3be9b44b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-BL9163LYG1 | 142.250.74.168 | 200 OK | 103 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-BL9163LYG1 IP142.250.74.168:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size103 kB (102747 bytes) Hashbdeda828ccda544dfbdcc3a59069129c b8a4bc302e7c7c2824791b8eaf7f9c3082b46384 88da4d473bdbeb13276d99ac67e1fbfda1d449b2e15a1ff50a8e904985952941
GET /gtag/js?id=G-BL9163LYG1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 20:54:54 GMT
expires: Fri, 10 May 2024 20:54:54 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 102747
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| du0pud0sdlmzf.cloudfront.net/?dupud=997276 | 143.204.42.159 | 200 OK | 54 kB |
URL GET HTTP/2du0pud0sdlmzf.cloudfront.net/?dupud=997276 IP143.204.42.159:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (15945) Hashe7481c70207bc9b63471a0ef6b99e9eb f2bb16a827b258686988d2221569fe0dc99ca855 319ee280d02455b5d43c5d05e64cea2dc598f23cc9d6be0cb78bd4a90563feda
GET /?dupud=997276 HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 54513
date: Fri, 10 May 2024 20:54:54 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bqFwxxoHvpNRKmDToV6BQngY0rRH3wsTYFsLyrjChu-1ZqYX_kW9WA==
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/js/jquery.validate.js | 91.226.124.106 | 200 OK | 38 kB |
URL GET HTTP/2static.depositfiles.com/js/jquery.validate.js IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (1238) Hashd5231b6378847ebdb55f64c77d5a234f eed97aa0b2aa9486b6f6831ed8a85dc729ad6b9c 95434a8a2568a6481a1fbcf5808a75dd58e77348ed6d70b4f7aeda8842e8f0c7
GET /js/jquery.validate.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=300
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: application/javascript
date: Fri, 10 May 2024 20:54:54 GMT
etag: "651c240d-957d"
expires: Fri, 10 May 2024 20:59:54 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 38269
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/js/962e36ace9b4601f1f51f3e2010e41b9.js | 91.226.124.106 | 200 OK | 166 kB |
URL GET HTTP/2static.depositfiles.com/js/962e36ace9b4601f1f51f3e2010e41b9.js IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeJavaScript source, ASCII text, with very long lines (60311) Size166 kB (165612 bytes) Hash02d50bb775f981faf5ad7b6c2a58399d 65d9757b4467a6199f61f2c2bfa71ba23600e8be 0fd67704d0e0d7480f58a5596d37f5e63b752a083c4e8540b24800d1adb93965
GET /js/962e36ace9b4601f1f51f3e2010e41b9.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=300
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: application/javascript
date: Fri, 10 May 2024 20:54:54 GMT
etag: "660a8714-286ec"
expires: Fri, 10 May 2024 20:59:54 GMT
last-modified: Mon, 01 Apr 2024 10:06:12 GMT
server: nginx
content-length: 165612
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/js/function.js | 91.226.124.106 | 200 OK | 35 kB |
URL GET HTTP/2static.depositfiles.com/js/function.js IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeJavaScript source, ASCII text, with very long lines (4240) Hasha5779d2f560cd50376dbba372b0fd15b 07b08e35b9254288c1372e37577db8b9e4da01b4 51d26403861d61a7842bc73f518d4a4351a7027c40c9f0347f61421226950b84
GET /js/function.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=300
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: application/javascript
date: Fri, 10 May 2024 20:54:54 GMT
etag: "651c240d-8863"
expires: Fri, 10 May 2024 20:59:54 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 34915
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/js/base2.js | 91.226.124.106 | 200 OK | 399 kB |
URL GET HTTP/2static.depositfiles.com/js/base2.js IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65481) Size399 kB (398927 bytes) Hash2fcae8126c3fd9a626370a701f0bd887 f3496fb7bbe122a9774d7dcfcd68da03a24dc285 d29ab86f64b4fcfbc45b9ef806c147f1e42e37e37d44a559147232288063badc
GET /js/base2.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=300
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: application/javascript
date: Fri, 10 May 2024 20:54:54 GMT
etag: "651c240d-6164f"
expires: Fri, 10 May 2024 20:59:54 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 398927
X-Firefox-Spdy: h2
|
|
| subqueriesendedgrounds.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js | 192.243.59.13 | 200 OK | 16 kB |
URL GET HTTP/1.1subqueriesendedgrounds.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectsubqueriesendedgrounds.com Fingerprint5A:B5:1B:3C:B2:E3:E3:20:C8:E4:69:56:9D:59:91:B2:90:31:11:5F ValidityTue, 16 Apr 2024 20:35:30 GMT - Mon, 15 Jul 2024 20:35:29 GMT
File typeJavaScript source, ASCII text, with very long lines (44109), with no line terminators Hash62d32ee153d33803a93f964fa9f6466d d4ceb12d6259817451ea1d7e79b783e2c987e4ea 2fe6295587a77af0934ab5cb7e379d69f95a3f45ca89379eff07d687574a6c22
GET /22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js HTTP/1.1
Host: subqueriesendedgrounds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 20:54:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 332aa1936ecebc0e4e42560296d01c6d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| forhavingartistic.info/popunder.gif | 172.67.189.235 | | 58 B |
URL GET forhavingartistic.info/popunder.gif IP172.67.189.235:0
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerGoogle Trust Services LLC Subjectforhavingartistic.info Fingerprint99:C4:40:7A:4F:8D:B3:1C:81:58:9B:CB:06:76:D8:05:9B:30:0E:F6 ValidityMon, 01 Apr 2024 07:04:42 GMT - Sun, 30 Jun 2024 07:04:41 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28d6814f309ea289f847c69cf91194c6 0f4e929dd5bb2564f7ab9c76338e04e292a42ace 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /popunder.gif HTTP/1.1
Host: forhavingartistic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:54:55 GMT
content-type: image/gif
content-length: 58
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
content-encoding: gzip
cf-cache-status: HIT
age: 99924
last-modified: Thu, 09 May 2024 17:09:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3bY0n8VbdqwuTyg%2BRtUxXSq%2Fmpm8hEL%2BviK8frtp8uUtpNDhl5IjCQeX0CCr4mKwWCcBqBx5ExE4Fz2EttONz5bMw31H%2Fh4hUQRhGSHzyrL%2F%2FG2jDeA9uhLGrpvvRzLGmvPqqQr6Ezx3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881cd3c35e6256ba-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/images/logo.png | 91.226.124.106 | 200 OK | 3.6 kB |
URL GET HTTP/2static.depositfiles.com/images/logo.png IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typePNG image data, 176 x 43, 8-bit/color RGBA, non-interlaced Hashc41fdd84b04e45a91cb17cfdeccb1b38 fec7fffe104c7e169aeb159032078c4b71ff2cdc 7f89eb8ab03684f4db282ca30eb231b1e254bca10c7b511950df5e0eab0a68a0
GET /images/logo.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/png
date: Fri, 10 May 2024 20:54:55 GMT
etag: "651c240d-e27"
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 3623
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/images/sprite.png | 91.226.124.106 | 200 OK | 37 kB |
URL GET HTTP/2static.depositfiles.com/images/sprite.png IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typePNG image data, 102 x 630, 8-bit/color RGBA, non-interlaced Hash2333675d7e431d5313c6dbb5230a14cd 93c4032e5b8b85793a9cda7167804445d950dd96 b287134a60667ce8e2c3fa1603e3a8f2ffa59c64e746d026d1a13ef19f3f38a0
GET /images/sprite.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/png
date: Fri, 10 May 2024 20:54:55 GMT
etag: "651c240d-8fc2"
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 36802
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/images/member_menu_bg.gif | 91.226.124.106 | 200 OK | 78 B |
URL GET HTTP/2static.depositfiles.com/images/member_menu_bg.gif IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeGIF image data, version 89a, 1 x 48 Hash20a24b56dcedf6a71a71ebec771e1f7d d7bed493d5d4eeaed5dbbf7d30d45107840790a0 6f57f29224d8e9e51ed0839e329055426fba7dcd97ef31e93ed495f93a6063df
GET /images/member_menu_bg.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=432000
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/gif
date: Fri, 10 May 2024 20:54:55 GMT
etag: "651c240d-4e"
expires: Wed, 15 May 2024 20:54:55 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 78
X-Firefox-Spdy: h2
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hashf7a3aabaedd5c95463e85c2d7682d410 715b2bd7dd959bb3423d71b22c43302b7a18a3a5 55ab8ca84eb2c090ff2a4eb9ebc48ce053c3f38261d66bded94f03719a384335
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 10 May 2024 20:54:55 GMT
Last-Modified: Fri, 10 May 2024 19:21:35 GMT
Server: ECAcc (ska/F776)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NqT2GBvKjfKmv9MG4MTk97w3MI3BZQyly5h27-GJmMnANii4I5LJeA==
Age: 5600
|
|
| static.depositfiles.com/images/timer.gif | 91.226.124.106 | 200 OK | 12 kB |
URL GET HTTP/2static.depositfiles.com/images/timer.gif IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeGIF image data, version 89a, 70 x 70 Hashfb170c2ce20d8088b7cee465689c3637 9759429c7de6921580fac900c4c6026c758bb94c 6b5c53dd4d2d07c854e019e55458ff9652a4d9b7bf1fe8848ad00ca16032e294
GET /images/timer.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=432000
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/gif
date: Fri, 10 May 2024 20:54:55 GMT
etag: "651c240d-2d57"
expires: Wed, 15 May 2024 20:54:55 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 11607
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/images/flags/lang24.png | 91.226.124.106 | 200 OK | 9.2 kB |
URL GET HTTP/2static.depositfiles.com/images/flags/lang24.png IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typePNG image data, 24 x 552, 8-bit/color RGBA, non-interlaced Hashefdcd1ca23d564ddd811f41152a2b83c 0b5aa064e7f8f241363c55fa17eb448f42a5f8df ce23be242e34c5b420f8ba0390aef20fa50ffc69f700091029616eff524e8f9b
GET /images/flags/lang24.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/png
date: Fri, 10 May 2024 20:54:55 GMT
etag: "651c240d-23d4"
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 9172
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 3.124.83.201 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP3.124.83.201:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash328ab430348b558c02009dcd8e0a737a 1d91defd23c91d767bdb56a6b5ae798c29ff3016 01b140c9aafa3bb354473bd84333438d17649a27969765ca6eba578024e23141
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:54:55 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dfiles.eu
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=84dba0d5-58f6-4130-8bb9-6e719fbe369b:3:1; expires=Mon, 08 May 2034 20:54:55 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| forhavingartistic.info/N1JqWlkYbQkpZGEXDiA8cwQCPDJ5AisNaE4AWmIbbjwsHAp2JUwuMFNvU2NuBWVcfCleNldrf0QmCy4sRG9bfDBZNAVnf0FvW3RqA3xZbHcDdB9naBEmGjs+CmNMKi1DPldrbgZnWW1tA2tfa24P | 172.67.189.235 | 204 No Content | 0 B |
URL GET HTTP/2forhavingartistic.info/N1JqWlkYbQkpZGEXDiA8cwQCPDJ5AisNaE4AWmIbbjwsHAp2JUwuMFNvU2NuBWVcfCleNldrf0QmCy4sRG9bfDBZNAVnf0FvW3RqA3xZbHcDdB9naBEmGjs+CmNMKi1DPldrbgZnWW1tA2tfa24P IP172.67.189.235:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerGoogle Trust Services LLC Subjectforhavingartistic.info Fingerprint99:C4:40:7A:4F:8D:B3:1C:81:58:9B:CB:06:76:D8:05:9B:30:0E:F6 ValidityMon, 01 Apr 2024 07:04:42 GMT - Sun, 30 Jun 2024 07:04:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /N1JqWlkYbQkpZGEXDiA8cwQCPDJ5AisNaE4AWmIbbjwsHAp2JUwuMFNvU2NuBWVcfCleNldrf0QmCy4sRG9bfDBZNAVnf0FvW3RqA3xZbHcDdB9naBEmGjs+CmNMKi1DPldrbgZnWW1tA2tfa24P HTTP/1.1
Host: forhavingartistic.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Fri, 10 May 2024 20:54:55 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZPKagFpYNizJD4QIZegIgXRYPCikvDFmurZC6VQe04OreCqiy5Sq1lZIU32PbVOJMjncaWn053gNmq19%2Fh3Y6uEHp6LTnIx1%2FD6hzsAtQu9uToWigUDvg%2F%2FNj0fUS3Q2FrgDX83yE4Wa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881cd3c34e4a56ba-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| yonatallcolum.info/bG5aeDMNDDkVDA1TOF5GHgJnXQEqS2g+VxleKg1XXB0+FF4WCHQbXwMbPh5BAwAuVl0JGn9KdQALHTFJD10fGnc6XgwsVBsiDEgGJT8MLXE+Kz4ddgcrDT4DOSkMKlwIJgg9VyoJCB1wKS85MEQECAMSej0rHCpbLgQtAnQLOAw6YiUpHhN9NCgbNlcqKyIdcV1eCyx2ACsPEFA4PAwhZS4ZHyBwPVobPls1Ow05Zg4oIhBROj8LImtdWjk7SykhAgB5OT0zKXQ0OxwcZi0gODtmADocE3IWNgw5dyQWPS91XBoNKQMLDxlIZhk6NiFkPSoUHGYtQxc6cV1fCBtYHCYMFHoNODE2ei44Ayl0BAoSOWc6Kgk+fig/ajp6ORYAOmI+WhYpYTU2HABcOz8OHHE6LGs8ZRtfPDlUSgQpF10cUws5UgRYCA1+JxZs | 54.230.111.81 | 200 OK | 1.2 kB |
URL GET HTTP/2yonatallcolum.info/bG5aeDMNDDkVDA1TOF5GHgJnXQEqS2g+VxleKg1XXB0+FF4WCHQbXwMbPh5BAwAuVl0JGn9KdQALHTFJD10fGnc6XgwsVBsiDEgGJT8MLXE+Kz4ddgcrDT4DOSkMKlwIJgg9VyoJCB1wKS85MEQECAMSej0rHCpbLgQtAnQLOAw6YiUpHhN9NCgbNlcqKyIdcV1eCyx2ACsPEFA4PAwhZS4ZHyBwPVobPls1Ow05Zg4oIhBROj8LImtdWjk7SykhAgB5OT0zKXQ0OxwcZi0gODtmADocE3IWNgw5dyQWPS91XBoNKQMLDxlIZhk6NiFkPSoUHGYtQxc6cV1fCBtYHCYMFHoNODE2ei44Ayl0BAoSOWc6Kgk+fig/ajp6ORYAOmI+WhYpYTU2HABcOz8OHHE6LGs8ZRtfPDlUSgQpF10cUws5UgRYCA1+JxZs IP54.230.111.81:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerAmazon Subjectyonatallcolum.info Fingerprint61:AF:8C:AB:69:57:8C:1C:85:43:ED:04:B6:FC:74:7F:F7:94:9E:7B ValidityMon, 15 Apr 2024 00:00:00 GMT - Wed, 14 May 2025 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (3035), with no line terminators Hashf99d802cf3db66bf050a79b2c8cc6153 3b399bcbb39c3cd83ab6c473c91cd539665ab632 c9195125b7f263bbed60b2601e4692af4d1df4777c0e36a2add3bd268e112258
GET /bG5aeDMNDDkVDA1TOF5GHgJnXQEqS2g+VxleKg1XXB0+FF4WCHQbXwMbPh5BAwAuVl0JGn9KdQALHTFJD10fGnc6XgwsVBsiDEgGJT8MLXE+Kz4ddgcrDT4DOSkMKlwIJgg9VyoJCB1wKS85MEQECAMSej0rHCpbLgQtAnQLOAw6YiUpHhN9NCgbNlcqKyIdcV1eCyx2ACsPEFA4PAwhZS4ZHyBwPVobPls1Ow05Zg4oIhBROj8LImtdWjk7SykhAgB5OT0zKXQ0OxwcZi0gODtmADocE3IWNgw5dyQWPS91XBoNKQMLDxlIZhk6NiFkPSoUHGYtQxc6cV1fCBtYHCYMFHoNODE2ei44Ayl0BAoSOWc6Kgk+fig/ajp6ORYAOmI+WhYpYTU2HABcOz8OHHE6LGs8ZRtfPDlUSgQpF10cUws5UgRYCA1+JxZs HTTP/1.1
Host: yonatallcolum.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1184
date: Fri, 10 May 2024 20:54:55 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dKa3NNX9mPLPRtVCycKK3mmLhfaqZ8_MUN_Yxm4J9-JwFie0EOwcKQ==
X-Firefox-Spdy: h2
|
|
| js.wpadmngr.com/static/adManager.m.js | 45.133.44.53 | 200 OK | 37 kB |
URL GET HTTP/2js.wpadmngr.com/static/adManager.m.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectjs.wpadmngr.com Fingerprint84:E6:F4:D4:0F:47:08:72:62:3E:55:F0:E0:FB:D7:B3:4A:EA:C0:60 ValidityFri, 10 May 2024 03:00:52 GMT - Thu, 08 Aug 2024 03:00:51 GMT
File typegzip compressed data, from Unix Hash3dd410149e5fc743b79e37e6004337c0 bbe547788f782cca868b7cbea835ffa12232759b 54bc1b8bc6e7ba77178fdf4b8f420269260cff9b924156b789fd1c1ba133908a
GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 20:54:55 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 08 May 2024 10:50:20 GMT
etag: W/"663b58ec-1ab25"
content-encoding: gzip
expires: Fri, 10 May 2024 20:59:55 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| js.capndr.com/advertising.js | 45.133.44.52 | 200 OK | 0 B |
URL GET HTTP/2js.capndr.com/advertising.js IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectjs.capndr.com Fingerprint0D:30:A1:FB:7E:A0:EC:89:85:17:27:67:37:21:DA:E0:CB:E3:26:06 ValiditySun, 21 Apr 2024 03:00:41 GMT - Sat, 20 Jul 2024 03:00:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:54:55 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Fri, 10 May 2024 20:59:55 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/css/main.css | 91.226.124.106 | 200 OK | 75 kB |
URL GET HTTP/2static.depositfiles.com/css/main.css IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeASCII text, with very long lines (332) Hash17a1add9399b2e399d8084ad117526dc 9a1024ae31d3743441f81e3895b1132d503ba84e a94d076bf93abc3ddb1b6c4a1e8d8df98098c993640ef3c8f33c1eb36f175368
GET /css/main.css HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=300
content-encoding: gzip
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: text/css
date: Fri, 10 May 2024 20:54:54 GMT
etag: W/"6545effd-2f784"
expires: Fri, 10 May 2024 20:59:54 GMT
last-modified: Sat, 04 Nov 2023 07:17:17 GMT
server: nginx
X-Firefox-Spdy: h2
|
|
| pubtrky.com/ut/hb.php?cb=0.0412599152440245&v=1 | 172.67.188.110 | 204 No Content | 0 B |
URL POST HTTP/2pubtrky.com/ut/hb.php?cb=0.0412599152440245&v=1 IP172.67.188.110:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerGoogle Trust Services LLC Subjectpubtrky.com Fingerprint1F:C3:3C:5C:C7:6F:56:DF:E4:18:22:98:6F:C2:B3:96:B2:B4:A6:30 ValidityMon, 18 Mar 2024 09:15:33 GMT - Sun, 16 Jun 2024 09:15:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ut/hb.php?cb=0.0412599152440245&v=1 HTTP/1.1
Host: pubtrky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 1140
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 10 May 2024 20:54:55 GMT
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CrKmQqh5Fw6MpuA0c2Qf%2BQRPUkUwo3w9JHMJdo5Rm4BBTxd3GokfhAihZC33C6PG6UIU69z3AywxaHFH4O46C25YisEOK7tGUGjdKaxcdO%2BcMbNWEfIVb6vR5plABw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881cd3c5cace56c4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/images/favicon.ico | 91.226.124.106 | 200 OK | 318 B |
URL GET HTTP/2static.depositfiles.com/images/favicon.ico IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel Hash0f0b975ee529197ec75780ebc2de5907 59688c6aafca5606e388ba9a44fc9dc25fc32cd3 28a0b52229f05b66354ca38b6b813d2281af3efb7e8b0a424ef8b4c68b9e583c
GET /images/favicon.ico HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/x-icon
date: Fri, 10 May 2024 20:54:55 GMT
etag: "651c240d-13e"
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 318
X-Firefox-Spdy: h2
|
|
| du0pud0sdlmzf.cloudfront.net/leGIzc3EbDV0VTgwLV05IQVUBREdeEkEWF0UGVRodHREdFgReCEAcHwhfYjIQEFRhBjwzGgVVBQIGDkNXFANdFExeB10QTElEUhcTRVYVBwEXCQ4AFhYUWAUbFxhbVQQZX14cCxEOXxJUSiQGXUFdUANbCUlTFkAzXVADHxgWF0tWQ0gaC0UuTlYWQDNdUA-MBB11RckpHVlIaVkNIBVYQGhdHATVDSFMDQ0BIUxZBQR4LQRYXFxoWQTdBVB1DVw1fAg | 143.204.42.159 | | 524 B |
URL du0pud0sdlmzf.cloudfront.net/leGIzc3EbDV0VTgwLV05IQVUBREdeEkEWF0UGVRodHREdFgReCEAcHwhfYjIQEFRhBjwzGgVVBQIGDkNXFANdFExeB10QTElEUhcTRVYVBwEXCQ4AFhYUWAUbFxhbVQQZX14cCxEOXxJUSiQGXUFdUANbCUlTFkAzXVADHxgWF0tWQ0gaC0UuTlYWQDNdUA-MBB11RckpHVlIaVkNIBVYQGhdHATVDSFMDQ0BIUxZBQR4LQRYXFxoWQTdBVB1DVw1fAg IP143.204.42.159:0
CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (743), with no line terminators Hash409273cfe294c6a2b6ca2125ee739f50 e9203261a1338e6a0a6580aacb5f0d964cbd2513 d13a7cd8f64b1668d032cf663437fb0dc6b288c82fcf9ad3eac0f1a33a9f5eac
GET /leGIzc3EbDV0VTgwLV05IQVUBREdeEkEWF0UGVRodHREdFgReCEAcHwhfYjIQEFRhBjwzGgVVBQIGDkNXFANdFExeB10QTElEUhcTRVYVBwEXCQ4AFhYUWAUbFxhbVQQZX14cCxEOXxJUSiQGXUFdUANbCUlTFkAzXVADHxgWF0tWQ0gaC0UuTlYWQDNdUA-MBB11RckpHVlIaVkNIBVYQGhdHATVDSFMDQ0BIUxZBQR4LQRYXFxoWQTdBVB1DVw1fAg HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yonatallcolum.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 524
date: Fri, 10 May 2024 20:54:55 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Y4Flm80uChaGxIJRe-B-aEKBv5PR5hZDTtsr26ljlbkDZIhz5FaKrw==
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hash11052695b701a95eeafc403471ba37b2 e5f56ea3634511055543f120e7d55219722c55a5 5602dd10bde28abf89ae0a31a3824b20db75f39d0a7c05e1f8f43807f77064eb
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 10 May 2024 20:54:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| proftrafficcounter.com/stats | 3.124.83.201 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP3.124.83.201:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash328ab430348b558c02009dcd8e0a737a 1d91defd23c91d767bdb56a6b5ae798c29ff3016 01b140c9aafa3bb354473bd84333438d17649a27969765ca6eba578024e23141
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: uid_id2=84dba0d5-58f6-4130-8bb9-6e719fbe369b:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 20:54:55 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dfiles.eu
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hash11052695b701a95eeafc403471ba37b2 e5f56ea3634511055543f120e7d55219722c55a5 5602dd10bde28abf89ae0a31a3824b20db75f39d0a7c05e1f8f43807f77064eb
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 10 May 2024 20:54:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js | 142.250.74.35 | 200 OK | 204 kB |
URL GET HTTP/2www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js IP142.250.74.35:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeJavaScript source, ASCII text, with very long lines (632) Size204 kB (204445 bytes) Hashadd520996e437bff5d081315da187fbf 2e489fe16f3712bf36df00b03a8a5af8fa8d4b42 922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4
GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 16:12:34 GMT
expires: Tue, 06 May 2025 16:12:34 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 362541
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail | 64.233.161.84 | 302 Found | 0 B |
URL GET HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail IP64.233.161.84:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerGoogle Trust Services Subjectaccounts.google.com Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:I255yXobyBYd02IzkWYyGWwPfh4ndQ:hN1RcIROrUxbgj67; Expires=Sun, 10-May-2026 20:54:56 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 10 May 2024 20:54:56 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQzbqp7zoEeP-V0xULPxM2mZPgqAnnvVWKklzVBa-vgTzyTBXen8YdxSLu-rrRVdf6V5DzkV
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-rqVkCzWCUS-7oXLjVv008g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube | 64.233.161.84 | 302 Found | 0 B |
URL GET HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP64.233.161.84:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerGoogle Trust Services Subjectaccounts.google.com Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:sORyrgdcRqVDZLPq_xw-g5NcXt7WPg:rcrVFYf76JfRHp41; Expires=Sun, 10-May-2026 20:54:56 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 10 May 2024 20:54:56 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwKA2PZ0vn97nvQCdlZqYvICrag5OwghnGZ_YDK_J-GXaCTJcZWED74mZgSW1nqXe2lHdam
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-geK2WJwrgnsSHYsduAJxCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js | 91.226.124.104 | 200 OK | 85 kB |
URL GET HTTP/2adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js IP91.226.124.104:443
Requested byhttps://adsbb.dfiles.eu/upload/2203/ad27612964f48cd2.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65168) Hashb04a3bccd23ddeb7982143707a63ccf9 4a5dc1389aad050a44ee5e81408238a317ab3413 764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: last_file=hqjs9ccxj; _nf58=1; _nf60=1; _nf7=1; _nf56=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: no-cache, private, no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: application/javascript
date: Fri, 10 May 2024 20:54:56 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
pragma: no-cache
server: nginx
content-length: 85260
X-Firefox-Spdy: h2
|
|
| adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js | 91.226.124.104 | 200 OK | 85 kB |
URL GET HTTP/2adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js IP91.226.124.104:443
Requested byhttps://adsbb.dfiles.eu/upload/2203/ad27612964f48cd2.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65168) Hashb04a3bccd23ddeb7982143707a63ccf9 4a5dc1389aad050a44ee5e81408238a317ab3413 764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2401/ad27972995eacd9f.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: last_file=hqjs9ccxj; _nf58=1; _nf60=1; _nf7=1; _nf56=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: no-cache, private, no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: application/javascript
date: Fri, 10 May 2024 20:54:56 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
pragma: no-cache
server: nginx
content-length: 85260
X-Firefox-Spdy: h2
|
|
| adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js | 91.226.124.104 | 200 OK | 85 kB |
URL GET HTTP/2adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js IP91.226.124.104:443
Requested byhttps://adsbb.dfiles.eu/upload/2203/ad27612964f48cd2.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65168) Hashb04a3bccd23ddeb7982143707a63ccf9 4a5dc1389aad050a44ee5e81408238a317ab3413 764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2203/ad27612964f48cd2.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: last_file=hqjs9ccxj; _nf58=1; _nf60=1; _nf7=1; _nf56=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: no-cache, private, no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: application/javascript
date: Fri, 10 May 2024 20:54:56 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
pragma: no-cache
server: nginx
content-length: 85260
X-Firefox-Spdy: h2
|
|
| customarydesolate.com/sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6 | 172.240.108.84 | 200 OK | 7.7 kB |
URL GET HTTP/1.1customarydesolate.com/sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6 IP172.240.108.84:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectcustomarydesolate.com Fingerprint00:D2:0D:86:8E:FB:C8:79:46:C6:0E:E5:71:C7:50:AC:0E:C1:D1:F8 ValidityMon, 06 May 2024 08:18:02 GMT - Sun, 04 Aug 2024 08:18:01 GMT
Hash37055c1267746211accfc5f1ec3a53d2 2ed8937a9e85b66f634a1272a0da9d4c8193283d a8aa939bcaec140c2c9c8cdae9ae6b31f9eba13a8c843f8eac67e5601832e1ce
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6 HTTP/1.1
Host: customarydesolate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 20:54:56 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://dfiles.eu
Access-Control-Allow-Origin: https://dfiles.eu
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16004719; expires=Sat, 11 May 2024 20:54:56 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 11 May 2024 20:54:56 GMT; secure; SameSite=None
uncs=1; expires=Sat, 11 May 2024 20:54:56 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 11 May 2024 20:54:56 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 11 May 2024 20:54:56 GMT; secure; SameSite=None
slec224ad4a14b4b15c1726ff705ec672ea6=[5210995,5210996]; expires=Fri, 10 May 2024 20:55:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5dab93cfb73d2892a2b1563e34344e79
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hash726587f27f154102afa932e111fa272c e73d681b88e26f384f95956ff0cdb6e5087af0c8 15212a8da55128e4e34c7d87e75f746bcf8a69aef65a2d833f746491f361c7a3
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 10 May 2024 20:54:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| adsbb.dfiles.eu/view.gif?c=2973&z=58&b=2775&u=663e8878e95015688866285513495 | 91.226.124.104 | 200 OK | 43 B |
URL GET HTTP/2adsbb.dfiles.eu/view.gif?c=2973&z=58&b=2775&u=663e8878e95015688866285513495 IP91.226.124.104:443
Requested byhttps://adsbb.dfiles.eu/upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
File typeGIF image data, version 89a, 1 x 1 Hash6d22e4f2d2057c6e8d6fab098e76e80f b80b11203d97fe01c5597ca3be70406ea48f5709 afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /view.gif?c=2973&z=58&b=2775&u=663e8878e95015688866285513495 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: last_file=hqjs9ccxj; _nf58=1; _nf60=1; _nf7=1; _nf56=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: no-cache, private, no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/gif
date: Fri, 10 May 2024 20:54:56 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
pragma: no-cache
server: nginx
content-length: 43
X-Firefox-Spdy: h2
|
|
| adsbb.dfiles.eu/view.gif?c=2995&z=56&b=2797&u=663e8878ea1a62130678288404333 | 91.226.124.104 | 200 OK | 43 B |
URL GET HTTP/2adsbb.dfiles.eu/view.gif?c=2995&z=56&b=2797&u=663e8878ea1a62130678288404333 IP91.226.124.104:443
Requested byhttps://adsbb.dfiles.eu/upload/2401/ad27972995eacd9f.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
File typeGIF image data, version 89a, 1 x 1 Hash6d22e4f2d2057c6e8d6fab098e76e80f b80b11203d97fe01c5597ca3be70406ea48f5709 afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /view.gif?c=2995&z=56&b=2797&u=663e8878ea1a62130678288404333 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2401/ad27972995eacd9f.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: last_file=hqjs9ccxj; _nf58=1; _nf60=1; _nf7=1; _nf56=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: no-cache, private, no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/gif
date: Fri, 10 May 2024 20:54:56 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
pragma: no-cache
server: nginx
content-length: 43
X-Firefox-Spdy: h2
|
|
| adsbb.dfiles.eu/upload/2203/ad27612964f48cd2.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 | 91.226.124.104 | 200 OK | 703 B |
URL GET HTTP/2adsbb.dfiles.eu/upload/2203/ad27612964f48cd2.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 IP91.226.124.104:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash9de80d603423fd41bdcdbf758a012ef5 9faf38f012910eea838db2bdf6b20ea1da51f527 8704bb90c8f2ff0514371545292fb6fda43fef6ad86d3fda5e247c3064b6f23c
GET /upload/2203/ad27612964f48cd2.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
DNT: 1
Connection: keep-alive
Cookie: last_file=hqjs9ccxj; _nf58=1; _nf60=1; _nf7=1; _nf56=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-security-policy: frame-ancestors depositfiles.com depositfiles.org dfiles.eu dfiles.com web-301.dfiles.eu web-302.dfiles.eu web-303.dfiles.eu web-304.dfiles.eu, frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: text/html
date: Fri, 10 May 2024 20:54:55 GMT
last-modified: Fri, 10 May 2024 20:50:00 GMT
server: nginx
X-Firefox-Spdy: h2
|
|
| adsbb.dfiles.eu/view.gif?c=2964&z=60&b=2761&u=663e8878e4d8120672536707672384 | 91.226.124.104 | 200 OK | 43 B |
URL GET HTTP/2adsbb.dfiles.eu/view.gif?c=2964&z=60&b=2761&u=663e8878e4d8120672536707672384 IP91.226.124.104:443
Requested byhttps://adsbb.dfiles.eu/upload/2203/ad27612964f48cd2.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
File typeGIF image data, version 89a, 1 x 1 Hash6d22e4f2d2057c6e8d6fab098e76e80f b80b11203d97fe01c5597ca3be70406ea48f5709 afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /view.gif?c=2964&z=60&b=2761&u=663e8878e4d8120672536707672384 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2203/ad27612964f48cd2.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: last_file=hqjs9ccxj; _nf58=1; _nf60=1; _nf7=1; _nf56=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: no-cache, private, no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/gif
date: Fri, 10 May 2024 20:54:56 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
pragma: no-cache
server: nginx
content-length: 43
X-Firefox-Spdy: h2
|
|
| fp.metricswpsh.com/fp?tag_id=46445 | 157.90.84.242 | 204 No Content | 58 B |
URL OPTIONS HTTP/1.1fp.metricswpsh.com/fp?tag_id=46445 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hash87385fcd2a67fc74d2fa67366ba68ea2 a604cdbb1d31ce257e8643eee9219c9c724c200c 9307cbb21345500294eae459b18a8ffb2bd2fcccd928a09efbc1e324fa9c9995
POST /fp?tag_id=46445 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1836
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Fri, 10 May 2024 20:54:56 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 58
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://dfiles.eu
Set-Cookie: id=3628157127092181276; Expires=Sat, 10 May 2025 20:54:56 GMT; Secure; SameSite=None
Vary: Origin
|
|
| storage.multstorage.com/log/count.html | 104.21.30.242 | 200 OK | 2.5 kB |
URL GET HTTP/2storage.multstorage.com/log/count.html IP104.21.30.242:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerGoogle Trust Services LLC Subjectmultstorage.com Fingerprint63:F0:24:29:21:22:E5:42:33:61:B5:20:05:1B:EF:36:81:F5:7B:0A ValiditySun, 17 Mar 2024 08:38:54 GMT - Sat, 15 Jun 2024 08:38:53 GMT
File typeHTML document, ASCII text, with very long lines (700) Hashb728ca9cd183d1b7c3f72116b19b22a3 c1fd73f6b02cf00b8bc60b09cc99495e8494b739 8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2
GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:54:56 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: fcfda1ed006e7f8dc3d0bbb12051f0ca
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xWe5Dbu%2BAlXj8hr1AiCq454Iicrf4CziYeisjynSEGHkbnDzjhmzPxOkfm9f1lqLEG7WXWCdK0yO0t58OdX%2BnXTxsTxZCiW7fzgSg41%2BH0nlHZ5BB1dofoWxZHJG%2BGwa7K44vS0sLrXGIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881cd3ca0f040b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ef34ee98f7.0b2d458c45.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxMTM3MDQ3Mjk0MDMyODA2MDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMi4wIiwidGFnX2lkIjo0NjQ0NSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjY1LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 | 45.133.44.53 | 200 OK | 0 B |
URL GET HTTP/2ef34ee98f7.0b2d458c45.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxMTM3MDQ3Mjk0MDMyODA2MDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMi4wIiwidGFnX2lkIjo0NjQ0NSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjY1LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectef34ee98f7.0b2d458c45.com Fingerprint7E:FF:35:2B:6F:6E:5F:D7:37:70:83:6B:E4:B9:B9:4C:4B:D8:3A:6B ValidityTue, 07 May 2024 02:50:30 GMT - Mon, 05 Aug 2024 02:50:29 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxMTM3MDQ3Mjk0MDMyODA2MDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMi4wIiwidGFnX2lkIjo0NjQ0NSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjY1LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 HTTP/1.1
Host: ef34ee98f7.0b2d458c45.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:54:56 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| customarydesolate.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSujvGioqzuQVBhjgrrpLtn0pPsgsGYjQbjZt31FypKdVX1pEx1V1PVPT3JQYIBWW%2BDHvRY%2BSbZoC6y%2FgGuMllYISJmxEMO5iD4Fyh78SIzhg0%2BqHrv1fcVfO%2Br%2Bni7PCYhSnq08IrekErRqem6X3v6rSC4UFuWWdmtdWei96PmhZrpnJ%2BN6v4ztRcFW9NToR%2F4fuAHtUVpRKK7UyMQMr8xG9Rn%2FXozrAfTTXTN%2F3tberDUA%2B8ck0ch%2BXDytncWkg2QpTcXhF0rdH7uYloqWmiDDt97PVvLdJUhPS0T4yHJ9k7Y0PZw8RZ0tjuWC925R4zlkHh3biHO9k5EIu7sjHXGCiJDzB9E1RlAqAEkHYDpLUh%2BSADGcWkFWXr9kjYVXf8PpSN0SCbv%2FgVZDcnk72eRpd%2FMK9mtXdWqLKTOLLqJg%2BwOINsD5OU%2Bio0JyGofrPgIkv9Mpu4uI0t3VqzSkNyNZ5dyAJkMoEQP1HooR0t6KBMPZe4h5Uc1FgRBy%2BeM%2BjOzjDV4S8QR9wPaSgIa%2BNEMSjaS10OR98BUD8xsIjebWJM9mPIH2FUHyz3YYki8VzfR4Q6VIKgsQUUJKklQFQRVx%2B1yZUPrrnNlyzg4yeFJbri%2BLtrbdFcXbZERUNOD4W47PyZnxv78HWmsiaNaGDYpb9KgGTfjYJoFrTBKkpY%2FLVjUCgWNYKWDtBPjkTfk4WM5cnn40JOI6T6s2geTZ0DLp0ArB7rqsJHd5CLXVhaJVMLWmU7BtUNeTKJY97bVMXlirGBly0Kwg7lf7uy99%2BH5L8CMQ24cPpC3CdrqWv%2BKrsjOFV1Z8u1KXshUbtDR610taCHu%2F%2BplsV5pw5cWbO%2FL59kIGJU3XhO2WKYZl1nbkq%2FnJefCLGrDBPluyb4p4sulXZ0vTVbmy5dfWFxKcyOslTobgMrDi5%2BDySF55Pt3x9%2Fy3Dt%2FQpoBTOmQlgfkJCD1Pli%2BCZsfzP34z0sPvP3Tb7CawKhTTpx7qErXN2F8eqgkgRKnPY0drDiY%2B%2BPZh9%2BYfPwzxOKeHX1DR7epdNv2GtpmArTYQpY6dIxDRzlQ1YMt7%2BsXuTmY%2B7UxDsRqoh8rM7ETK6M%2BHZs82gpYeVRrNRo%2BjWang1aLilbcDGeSKOCUhs0ojCLaQGGHyXOfuH8BAAD%2F%2FwEAAP%2F%2F%2Fe9SgnAEAAA%3D | 172.240.108.84 | 200 OK | 7 B |
URL GET HTTP/1.1customarydesolate.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSujvGioqzuQVBhjgrrpLtn0pPsgsGYjQbjZt31FypKdVX1pEx1V1PVPT3JQYIBWW%2BDHvRY%2BSbZoC6y%2FgGuMllYISJmxEMO5iD4Fyh78SIzhg0%2BqHrv1fcVfO%2Br%2Bni7PCYhSnq08IrekErRqem6X3v6rSC4UFuWWdmtdWei96PmhZrpnJ%2BN6v4ztRcFW9NToR%2F4fuAHtUVpRKK7UyMQMr8xG9Rn%2FXozrAfTTXTN%2F3tberDUA%2B8ck0ch%2BXDytncWkg2QpTcXhF0rdH7uYloqWmiDDt97PVvLdJUhPS0T4yHJ9k7Y0PZw8RZ0tjuWC925R4zlkHh3biHO9k5EIu7sjHXGCiJDzB9E1RlAqAEkHYDpLUh%2BSADGcWkFWXr9kjYVXf8PpSN0SCbv%2FgVZDcnk72eRpd%2FMK9mtXdWqLKTOLLqJg%2BwOINsD5OU%2Bio0JyGofrPgIkv9Mpu4uI0t3VqzSkNyNZ5dyAJkMoEQP1HooR0t6KBMPZe4h5Uc1FgRBy%2BeM%2BjOzjDV4S8QR9wPaSgIa%2BNEMSjaS10OR98BUD8xsIjebWJM9mPIH2FUHyz3YYki8VzfR4Q6VIKgsQUUJKklQFQRVx%2B1yZUPrrnNlyzg4yeFJbri%2BLtrbdFcXbZERUNOD4W47PyZnxv78HWmsiaNaGDYpb9KgGTfjYJoFrTBKkpY%2FLVjUCgWNYKWDtBPjkTfk4WM5cnn40JOI6T6s2geTZ0DLp0ArB7rqsJHd5CLXVhaJVMLWmU7BtUNeTKJY97bVMXlirGBly0Kwg7lf7uy99%2BH5L8CMQ24cPpC3CdrqWv%2BKrsjOFV1Z8u1KXshUbtDR610taCHu%2F%2BplsV5pw5cWbO%2FL59kIGJU3XhO2WKYZl1nbkq%2FnJefCLGrDBPluyb4p4sulXZ0vTVbmy5dfWFxKcyOslTobgMrDi5%2BDySF55Pt3x9%2Fy3Dt%2FQpoBTOmQlgfkJCD1Pli%2BCZsfzP34z0sPvP3Tb7CawKhTTpx7qErXN2F8eqgkgRKnPY0drDiY%2B%2BPZh9%2BYfPwzxOKeHX1DR7epdNv2GtpmArTYQpY6dIxDRzlQ1YMt7%2BsXuTmY%2B7UxDsRqoh8rM7ETK6M%2BHZs82gpYeVRrNRo%2BjWang1aLilbcDGeSKOCUhs0ojCLaQGGHyXOfuH8BAAD%2F%2FwEAAP%2F%2F%2Fe9SgnAEAAA%3D IP172.240.108.84:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectcustomarydesolate.com Fingerprint00:D2:0D:86:8E:FB:C8:79:46:C6:0E:E5:71:C7:50:AC:0E:C1:D1:F8 ValidityMon, 06 May 2024 08:18:02 GMT - Sun, 04 Aug 2024 08:18:01 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSujvGioqzuQVBhjgrrpLtn0pPsgsGYjQbjZt31FypKdVX1pEx1V1PVPT3JQYIBWW%2BDHvRY%2BSbZoC6y%2FgGuMllYISJmxEMO5iD4Fyh78SIzhg0%2BqHrv1fcVfO%2Br%2Bni7PCYhSnq08IrekErRqem6X3v6rSC4UFuWWdmtdWei96PmhZrpnJ%2BN6v4ztRcFW9NToR%2F4fuAHtUVpRKK7UyMQMr8xG9Rn%2FXozrAfTTXTN%2F3tberDUA%2B8ck0ch%2BXDytncWkg2QpTcXhF0rdH7uYloqWmiDDt97PVvLdJUhPS0T4yHJ9k7Y0PZw8RZ0tjuWC925R4zlkHh3biHO9k5EIu7sjHXGCiJDzB9E1RlAqAEkHYDpLUh%2BSADGcWkFWXr9kjYVXf8PpSN0SCbv%2FgVZDcnk72eRpd%2FMK9mtXdWqLKTOLLqJg%2BwOINsD5OU%2Bio0JyGofrPgIkv9Mpu4uI0t3VqzSkNyNZ5dyAJkMoEQP1HooR0t6KBMPZe4h5Uc1FgRBy%2BeM%2BjOzjDV4S8QR9wPaSgIa%2BNEMSjaS10OR98BUD8xsIjebWJM9mPIH2FUHyz3YYki8VzfR4Q6VIKgsQUUJKklQFQRVx%2B1yZUPrrnNlyzg4yeFJbri%2BLtrbdFcXbZERUNOD4W47PyZnxv78HWmsiaNaGDYpb9KgGTfjYJoFrTBKkpY%2FLVjUCgWNYKWDtBPjkTfk4WM5cnn40JOI6T6s2geTZ0DLp0ArB7rqsJHd5CLXVhaJVMLWmU7BtUNeTKJY97bVMXlirGBly0Kwg7lf7uy99%2BH5L8CMQ24cPpC3CdrqWv%2BKrsjOFV1Z8u1KXshUbtDR610taCHu%2F%2BplsV5pw5cWbO%2FL59kIGJU3XhO2WKYZl1nbkq%2FnJefCLGrDBPluyb4p4sulXZ0vTVbmy5dfWFxKcyOslTobgMrDi5%2BDySF55Pt3x9%2Fy3Dt%2FQpoBTOmQlgfkJCD1Pli%2BCZsfzP34z0sPvP3Tb7CawKhTTpx7qErXN2F8eqgkgRKnPY0drDiY%2B%2BPZh9%2BYfPwzxOKeHX1DR7epdNv2GtpmArTYQpY6dIxDRzlQ1YMt7%2BsXuTmY%2B7UxDsRqoh8rM7ETK6M%2BHZs82gpYeVRrNRo%2BjWang1aLilbcDGeSKOCUhs0ojCLaQGGHyXOfuH8BAAD%2F%2FwEAAP%2F%2F%2Fe9SgnAEAAA%3D HTTP/1.1
Host: customarydesolate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec224ad4a14b4b15c1726ff705ec672ea6=[5210995,5210996]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 20:54:56 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9f606dbe6f33a8fd4ff79f7e24343a88
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| customarydesolate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Findex.html&l=1444&fd=183 | 172.240.108.84 | 200 OK | 0 B |
URL GET HTTP/1.1customarydesolate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Findex.html&l=1444&fd=183 IP172.240.108.84:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectcustomarydesolate.com Fingerprint00:D2:0D:86:8E:FB:C8:79:46:C6:0E:E5:71:C7:50:AC:0E:C1:D1:F8 ValidityMon, 06 May 2024 08:18:02 GMT - Sun, 04 Aug 2024 08:18:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Findex.html&l=1444&fd=183 HTTP/1.1
Host: customarydesolate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec224ad4a14b4b15c1726ff705ec672ea6=[5210995,5210996]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 20:54:56 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/confetti.gif | 172.67.141.24 | 200 OK | 206 kB |
URL GET HTTP/3cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/confetti.gif IP172.67.141.24:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeGIF image data, version 89a, 480 x 360 Size206 kB (206291 bytes) Hash0b33face774f2203446507ce5f075538 1dd3522529bce7739df0687f47f5bc84356698a0 ac345899461d5634d25c47281b10e3c1886abb33019e2ce8140573a79e9f52f2
GET /sb/notifications/gambling/default/android-btn/8/img/confetti.gif HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 20:54:56 GMT
content-type: image/gif
content-length: 206291
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: "65aa8644-325d3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 872123
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v9YWVLszmjwWgJMACLd%2BOxP8AwCpWjzLiJpYoJ9nZKQXAN%2FjyBaMiHUPQeWQG0QV%2FGzAGYL82hH7VrBcHShlWFQymksJam0ICrWntyHAB1PhbBkWmxFkcXX%2FjrSFl5r6N52er99R2nUr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881cd3cdd92456c6-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/bonus-stars-6593305-5446274.mp4 | 172.67.141.24 | 206 Partial Content | 34 kB |
URL GET HTTP/3cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/bonus-stars-6593305-5446274.mp4 IP172.67.141.24:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Hash69e52ff16a779d8ab66a1156cc50ab23 27f8897a2acc3bcfd319c267d137aaa4650fb3c5 2048e8325f6d17e0fefb2226c4191a9e300c562f2bc46543ac616d49ff971d61
GET /sb/notifications/gambling/default/android-btn/8/img/bonus-stars-6593305-5446274.mp4 HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Fri, 10 May 2024 20:54:56 GMT
content-type: video/mp4
content-length: 34238
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: "65aa8644-85be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 872114
content-range: bytes 0-34237/34238
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vQZ%2FkTsupMqPhKaDqApWAQTr0PBZqQrEfxIfA%2BtpDAeUMxiY7Vkh1BVwX7HKHEIkTWIqsAzchPlzRakI6exU8miUMHxJh3fqkRQHotngUn1G0whsOe4CRLZk10xPoAytiu78T8vMdW%2BY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881cd3cde93c56c6-OSL
alt-svc: h3=":443"; ma=86400
|
|
| accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQzbqp7zoEeP-V0xULPxM2mZPgqAnnvVWKklzVBa-vgTzyTBXen8YdxSLu-rrRVdf6V5DzkV | 64.233.161.84 | 302 Found | 419 B |
URL GET HTTP/3accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQzbqp7zoEeP-V0xULPxM2mZPgqAnnvVWKklzVBa-vgTzyTBXen8YdxSLu-rrRVdf6V5DzkV IP64.233.161.84:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerGoogle Trust Services Subject*.google.com Fingerprint9F:A1:53:E4:09:E1:ED:82:F8:E0:30:B6:39:FA:EC:03:B4:89:46:8A ValidityTue, 16 Apr 2024 03:19:40 GMT - Tue, 09 Jul 2024 03:19:39 GMT
File typeHTML document, ASCII text, with very long lines (390) Hashde09ab0d4b2f2d03552506585db5580b 1c1913675c15fd9232d7f1af278fdcbde9bf7c78 b0e6a8e8ffb67014ac42af6bc13b09e624bb1c85d503c7d14a951dbf315f53a0
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQzbqp7zoEeP-V0xULPxM2mZPgqAnnvVWKklzVBa-vgTzyTBXen8YdxSLu-rrRVdf6V5DzkV HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:8zbo4KQTY0XDl6qlg5QIVNqtQZ850Q:sSyfVZwXyuxduHyn;Path=/;Expires=Sun, 10-May-2026 20:54:56 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 10 May 2024 20:54:56 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzkKlDquz8MZps8P5IVIIzL3toNgxrtKYpN-mD3ikzoiT7iVt8n8K8wI9cAyMEavhC2OLVdeg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-519622298%3A1715374496963846&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-e6sAYBgNvC8vtLnqQJjBew' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 419
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cdn.yourwebbars.com/sb/notifications/gambling/default/android-btn/8/index.html | 104.26.6.19 | 200 OK | 898 B |
URL GET HTTP/2cdn.yourwebbars.com/sb/notifications/gambling/default/android-btn/8/index.html IP104.26.6.19:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint84:82:6E:35:03:D4:C4:FC:BA:08:CD:C8:E6:A3:97:A9:20:2F:F5:49 ValiditySun, 23 Jul 2023 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text Hash988cd00695890a395de736ef1f43180a fc35045adb5a0bb89e9150574db517cffb44b0c9 100f83963832c14a85c4d7095f0279b0962b83ee6323481ece9b1b2b39515036
GET /sb/notifications/gambling/default/android-btn/8/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:54:56 GMT
content-type: text/html
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 199253
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lp2QJURnJs8NizdkEIVaRYHFm3JdPOcWxx5c%2B6o8aGy%2FdCE%2BAOjuROIZTaNvPxPLQDhK%2F4IKkR5Hw0XqbQh6PnojRYTm98S7UqcgkdPA%2FE6JeRLyZSwAKnMR2OMmIol1bl0bHXo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881cd3cc381856ab-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| customarydesolate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fjs%2Fscript.js&l=7986&fd=67 | 172.240.108.84 | 200 OK | 0 B |
URL GET HTTP/1.1customarydesolate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fjs%2Fscript.js&l=7986&fd=67 IP172.240.108.84:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectcustomarydesolate.com Fingerprint00:D2:0D:86:8E:FB:C8:79:46:C6:0E:E5:71:C7:50:AC:0E:C1:D1:F8 ValidityMon, 06 May 2024 08:18:02 GMT - Sun, 04 Aug 2024 08:18:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fjs%2Fscript.js&l=7986&fd=67 HTTP/1.1
Host: customarydesolate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec224ad4a14b4b15c1726ff705ec672ea6=[5210995,5210996]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 20:54:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| customarydesolate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fanimate.css&l=78693&fd=75 | 172.240.108.84 | 200 OK | 0 B |
URL GET HTTP/1.1customarydesolate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fanimate.css&l=78693&fd=75 IP172.240.108.84:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectcustomarydesolate.com Fingerprint00:D2:0D:86:8E:FB:C8:79:46:C6:0E:E5:71:C7:50:AC:0E:C1:D1:F8 ValidityMon, 06 May 2024 08:18:02 GMT - Sun, 04 Aug 2024 08:18:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fanimate.css&l=78693&fd=75 HTTP/1.1
Host: customarydesolate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec224ad4a14b4b15c1726ff705ec672ea6=[5210995,5210996]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 20:54:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 559580
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| customarydesolate.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSujvGioqzuQVBhjgrrpHsyP5JdMBiz0WDcrLv%2BQkWpXz0pU93VVHVPT3KQYEDW26AHPVa%2BSTaoi6x%2FgKtMFlaIiBnxkIM5CP4Fyl68yIxhgw%2Bq3nv1fQXf%2B6o%2B3i6OSQ0FPVp4xWworelUoxpWnn4rii5UllVadCvdmeb7zfqFiu2cn21Ww2cqL0q%2BZqZqYRSGURhVFpWVselOjUCo7MZsVJ0Nq%2FVaNWrU0bX%2F710RwNEAonNMHoUSw8nbwVkoPkCa3FyQbi032bmLSaFpbiw6Yu%2F1dC01ZYrktIxtgDjdO2HDuMPFWzDp7lguTOcekakhCe7cAkv3TkSCdXbGOpmGTMHEgyg7A0g9gKIDcLMFJQ4JwAUurSBNrl8ytqTr%2F6F0hA7J5N2%2FoMohmfz9LNLkm3mtupWrRhe5MqlDN%2FZQ3QFUe4Cs2Ee%2BMQFV7oPnH0GJn8nU3WWkyc6K0wZK%2BPHsSg2g4gG07IG6AMVoqQBFHKDIAiTiqMKjKGqFgtNwZpbzadGSrCnCiLbiiEZhcwYFH8nrIc964LoHbjeR2U2sqR5s8QPcqocTAVw%2BJMGrm%2BgIj1ISlI6gpASlIihzgrLjd4V2NeevC%2B0KFp3k2kme9n2Tt7fprsnbMiWgtgcr%2FHZ2TM6M%2Ffm7abAmjyq1Wp2KOo3qrM6iBo9atWYct8KG5M1WTdImnPJQbmI88oY6fCxDpg4fehKM7sPpfXB1BrR4CrT0oKseG%2BlNITPjVB4rLV2VmwTCeGT5JPL1YFsfkyfGCla2HCQ%2FmPvlzt57H57%2FAtx6ZNbjA3WboK2v9a%2BYkuxcMaUj365kuUrUBh293tWc5vL%2Br16W66WxYmnB9b58no%2BAUXnjNenyZZoKlbYd%2BXpeCSHtorFcku%2BW3JuSXS7c6nxh0yJbvvzC4lKSWemcMukAVB1e%2FBxcDckj3787%2Fpbn3vkTyg5gC4%2BkOCAnAWX2wbNNuOxg7sd%2FXnrg7Z9%2BgzMEVp9yWBagLHzf1tjpoVYEWp72lHk4eTD3x7MPvzH5%2BGdg8p4dfUtHt6ny2%2B4a2nYCNN9Cmnh0rEdHe1Ddgyvu6%2BeZPZj7dXocYHqiz7Sd2GHa6k%2FHJo%2B2HE4dVaZD0WIyli0m6416LLlgjQYLeczZtJiZ4cjdMH7uE%2F8vAAAA%2F%2F8BAAD%2F%2F307h2pwBAAA | 172.240.108.84 | 200 OK | 7 B |
URL GET HTTP/1.1customarydesolate.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSujvGioqzuQVBhjgrrpHsyP5JdMBiz0WDcrLv%2BQkWpXz0pU93VVHVPT3KQYEDW26AHPVa%2BSTaoi6x%2FgKtMFlaIiBnxkIM5CP4Fyl68yIxhgw%2Bq3nv1fQXf%2B6o%2B3i6OSQ0FPVp4xWworelUoxpWnn4rii5UllVadCvdmeb7zfqFiu2cn21Ww2cqL0q%2BZqZqYRSGURhVFpWVselOjUCo7MZsVJ0Nq%2FVaNWrU0bX%2F710RwNEAonNMHoUSw8nbwVkoPkCa3FyQbi032bmLSaFpbiw6Yu%2F1dC01ZYrktIxtgDjdO2HDuMPFWzDp7lguTOcekakhCe7cAkv3TkSCdXbGOpmGTMHEgyg7A0g9gKIDcLMFJQ4JwAUurSBNrl8ytqTr%2F6F0hA7J5N2%2FoMohmfz9LNLkm3mtupWrRhe5MqlDN%2FZQ3QFUe4Cs2Ee%2BMQFV7oPnH0GJn8nU3WWkyc6K0wZK%2BPHsSg2g4gG07IG6AMVoqQBFHKDIAiTiqMKjKGqFgtNwZpbzadGSrCnCiLbiiEZhcwYFH8nrIc964LoHbjeR2U2sqR5s8QPcqocTAVw%2BJMGrm%2BgIj1ISlI6gpASlIihzgrLjd4V2NeevC%2B0KFp3k2kme9n2Tt7fprsnbMiWgtgcr%2FHZ2TM6M%2Ffm7abAmjyq1Wp2KOo3qrM6iBo9atWYct8KG5M1WTdImnPJQbmI88oY6fCxDpg4fehKM7sPpfXB1BrR4CrT0oKseG%2BlNITPjVB4rLV2VmwTCeGT5JPL1YFsfkyfGCla2HCQ%2FmPvlzt57H57%2FAtx6ZNbjA3WboK2v9a%2BYkuxcMaUj365kuUrUBh293tWc5vL%2Br16W66WxYmnB9b58no%2BAUXnjNenyZZoKlbYd%2BXpeCSHtorFcku%2BW3JuSXS7c6nxh0yJbvvzC4lKSWemcMukAVB1e%2FBxcDckj3787%2Fpbn3vkTyg5gC4%2BkOCAnAWX2wbNNuOxg7sd%2FXnrg7Z9%2BgzMEVp9yWBagLHzf1tjpoVYEWp72lHk4eTD3x7MPvzH5%2BGdg8p4dfUtHt6ny2%2B4a2nYCNN9Cmnh0rEdHe1Ddgyvu6%2BeZPZj7dXocYHqiz7Sd2GHa6k%2FHJo%2B2HE4dVaZD0WIyli0m6416LLlgjQYLeczZtJiZ4cjdMH7uE%2F8vAAAA%2F%2F8BAAD%2F%2F307h2pwBAAA IP172.240.108.84:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectcustomarydesolate.com Fingerprint00:D2:0D:86:8E:FB:C8:79:46:C6:0E:E5:71:C7:50:AC:0E:C1:D1:F8 ValidityMon, 06 May 2024 08:18:02 GMT - Sun, 04 Aug 2024 08:18:01 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSujvGioqzuQVBhjgrrpHsyP5JdMBiz0WDcrLv%2BQkWpXz0pU93VVHVPT3KQYEDW26AHPVa%2BSTaoi6x%2FgKtMFlaIiBnxkIM5CP4Fyl68yIxhgw%2Bq3nv1fQXf%2B6o%2B3i6OSQ0FPVp4xWworelUoxpWnn4rii5UllVadCvdmeb7zfqFiu2cn21Ww2cqL0q%2BZqZqYRSGURhVFpWVselOjUCo7MZsVJ0Nq%2FVaNWrU0bX%2F710RwNEAonNMHoUSw8nbwVkoPkCa3FyQbi032bmLSaFpbiw6Yu%2F1dC01ZYrktIxtgDjdO2HDuMPFWzDp7lguTOcekakhCe7cAkv3TkSCdXbGOpmGTMHEgyg7A0g9gKIDcLMFJQ4JwAUurSBNrl8ytqTr%2F6F0hA7J5N2%2FoMohmfz9LNLkm3mtupWrRhe5MqlDN%2FZQ3QFUe4Cs2Ee%2BMQFV7oPnH0GJn8nU3WWkyc6K0wZK%2BPHsSg2g4gG07IG6AMVoqQBFHKDIAiTiqMKjKGqFgtNwZpbzadGSrCnCiLbiiEZhcwYFH8nrIc964LoHbjeR2U2sqR5s8QPcqocTAVw%2BJMGrm%2BgIj1ISlI6gpASlIihzgrLjd4V2NeevC%2B0KFp3k2kme9n2Tt7fprsnbMiWgtgcr%2FHZ2TM6M%2Ffm7abAmjyq1Wp2KOo3qrM6iBo9atWYct8KG5M1WTdImnPJQbmI88oY6fCxDpg4fehKM7sPpfXB1BrR4CrT0oKseG%2BlNITPjVB4rLV2VmwTCeGT5JPL1YFsfkyfGCla2HCQ%2FmPvlzt57H57%2FAtx6ZNbjA3WboK2v9a%2BYkuxcMaUj365kuUrUBh293tWc5vL%2Br16W66WxYmnB9b58no%2BAUXnjNenyZZoKlbYd%2BXpeCSHtorFcku%2BW3JuSXS7c6nxh0yJbvvzC4lKSWemcMukAVB1e%2FBxcDckj3787%2Fpbn3vkTyg5gC4%2BkOCAnAWX2wbNNuOxg7sd%2FXnrg7Z9%2BgzMEVp9yWBagLHzf1tjpoVYEWp72lHk4eTD3x7MPvzH5%2BGdg8p4dfUtHt6ny2%2B4a2nYCNN9Cmnh0rEdHe1Ddgyvu6%2BeZPZj7dXocYHqiz7Sd2GHa6k%2FHJo%2B2HE4dVaZD0WIyli0m6416LLlgjQYLeczZtJiZ4cjdMH7uE%2F8vAAAA%2F%2F8BAAD%2F%2F307h2pwBAAA HTTP/1.1
Host: customarydesolate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec224ad4a14b4b15c1726ff705ec672ea6=[5210995,5210996]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 20:54:57 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ce4b06a930e578f38bbdc9ff651d6915
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:55:00 GMT
expires: Fri, 09 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
age: 154797
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| customarydesolate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fstyle.css&l=3348&fd=81 | 192.243.61.225 | 200 OK | 0 B |
URL GET HTTP/1.1customarydesolate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fstyle.css&l=3348&fd=81 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectcustomarydesolate.com Fingerprint00:D2:0D:86:8E:FB:C8:79:46:C6:0E:E5:71:C7:50:AC:0E:C1:D1:F8 ValidityMon, 06 May 2024 08:18:02 GMT - Sun, 04 Aug 2024 08:18:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fstyle.css&l=3348&fd=81 HTTP/1.1
Host: customarydesolate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec224ad4a14b4b15c1726ff705ec672ea6=[5210995,5210996]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 20:54:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| customarydesolate.com/pixel/sbs?c=1 | 192.243.61.225 | 200 OK | 0 B |
URL GET HTTP/1.1customarydesolate.com/pixel/sbs?c=1 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectcustomarydesolate.com Fingerprint00:D2:0D:86:8E:FB:C8:79:46:C6:0E:E5:71:C7:50:AC:0E:C1:D1:F8 ValidityMon, 06 May 2024 08:18:02 GMT - Sun, 04 Aug 2024 08:18:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: customarydesolate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec224ad4a14b4b15c1726ff705ec672ea6=[5210995,5210996]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 20:54:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| discovernative.com/script/i.php?t=1&c=23427468&stamat=m%257C%252C%252CQ2d_o3JitGU3Bv_GH0dEdHP3xP.3bd%252C3xTT3RZEgQjAG5iEINfen2a_L3KkYWAzrgd7pct3_kxoIXFUc7mgnyM0Z2LiT8UcaeRGvOgq-Ue8TFBHcOEhJjCrcdrnymBUqgm-3VUzLXDqAmLM0DMRyO3Jw1ercNIKLZMNHE215chwY169PmkxN7xqRYslRM_YCwDW2Rrea7724otkQZ4Pjju2LD-v0g7gxmWIZjKOtvyDqHVLz_vSgDZNrGBcj_r_iidwNEN4EgzN39GKsus2mOXpKHBKnl8khV_YgtE-LMru_KLaQJJCMmEWoPIZHq0cf4y0mLBDg1n93Rf5qOMI9sP3ja-hVkGCKhoBIAJWiTpDJwj-5zVDH_aKMifhlxy7YaQa1JA1BQ6Di0WSgF_4P1reqcHmaX3KgeYp-3XmtU__A_-qpgixGAonZ_Xov_O3Buy4EHgqClryutEy4oUtd8qs2DfbSj_pNkbYquYrd79lklArCWwj0piLQUUEZCTy_EKNAilZHo8-Qr0-160z-UYO1p7MuFNYSro--F_-Wfznfos6u9tO1DYTvgym3Q8m1oV8fexht-2MWXvvCnVp97GuvOz6hZaQtz2BMmG3emafhKxaVA9hVW1Skd0E2bcHBVqLn473qaiPqWc-_qLQ0pB578_vGpXrUWj4mlvQu5kuqSmOo_jI52NRfOBBbYPttrEM-063M-eR46Ksb24QE_XypYpeinvFaVfzNXkoecj_LVSReke1H4BVL54nTeUzkFnzlPkn7rI-Rei4XPxLSMtCE-xakCpC&track=0,1,2 | 172.67.150.145 | 204 No Content | 0 B |
URL GET HTTP/3discovernative.com/script/i.php?t=1&c=23427468&stamat=m%257C%252C%252CQ2d_o3JitGU3Bv_GH0dEdHP3xP.3bd%252C3xTT3RZEgQjAG5iEINfen2a_L3KkYWAzrgd7pct3_kxoIXFUc7mgnyM0Z2LiT8UcaeRGvOgq-Ue8TFBHcOEhJjCrcdrnymBUqgm-3VUzLXDqAmLM0DMRyO3Jw1ercNIKLZMNHE215chwY169PmkxN7xqRYslRM_YCwDW2Rrea7724otkQZ4Pjju2LD-v0g7gxmWIZjKOtvyDqHVLz_vSgDZNrGBcj_r_iidwNEN4EgzN39GKsus2mOXpKHBKnl8khV_YgtE-LMru_KLaQJJCMmEWoPIZHq0cf4y0mLBDg1n93Rf5qOMI9sP3ja-hVkGCKhoBIAJWiTpDJwj-5zVDH_aKMifhlxy7YaQa1JA1BQ6Di0WSgF_4P1reqcHmaX3KgeYp-3XmtU__A_-qpgixGAonZ_Xov_O3Buy4EHgqClryutEy4oUtd8qs2DfbSj_pNkbYquYrd79lklArCWwj0piLQUUEZCTy_EKNAilZHo8-Qr0-160z-UYO1p7MuFNYSro--F_-Wfznfos6u9tO1DYTvgym3Q8m1oV8fexht-2MWXvvCnVp97GuvOz6hZaQtz2BMmG3emafhKxaVA9hVW1Skd0E2bcHBVqLn473qaiPqWc-_qLQ0pB578_vGpXrUWj4mlvQu5kuqSmOo_jI52NRfOBBbYPttrEM-063M-eR46Ksb24QE_XypYpeinvFaVfzNXkoecj_LVSReke1H4BVL54nTeUzkFnzlPkn7rI-Rei4XPxLSMtCE-xakCpC&track=0,1,2 IP172.67.150.145:443
Requested byhttps://adsbb.dfiles.eu/upload/2401/ad27972995eacd9f.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerLet's Encrypt Subjectdiscovernative.com Fingerprint58:FA:91:4C:A7:5B:73:89:81:BD:21:4B:5C:83:44:7B:21:2E:09:B5 ValidityTue, 30 Apr 2024 18:38:24 GMT - Mon, 29 Jul 2024 18:38:23 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script/i.php?t=1&c=23427468&stamat=m%257C%252C%252CQ2d_o3JitGU3Bv_GH0dEdHP3xP.3bd%252C3xTT3RZEgQjAG5iEINfen2a_L3KkYWAzrgd7pct3_kxoIXFUc7mgnyM0Z2LiT8UcaeRGvOgq-Ue8TFBHcOEhJjCrcdrnymBUqgm-3VUzLXDqAmLM0DMRyO3Jw1ercNIKLZMNHE215chwY169PmkxN7xqRYslRM_YCwDW2Rrea7724otkQZ4Pjju2LD-v0g7gxmWIZjKOtvyDqHVLz_vSgDZNrGBcj_r_iidwNEN4EgzN39GKsus2mOXpKHBKnl8khV_YgtE-LMru_KLaQJJCMmEWoPIZHq0cf4y0mLBDg1n93Rf5qOMI9sP3ja-hVkGCKhoBIAJWiTpDJwj-5zVDH_aKMifhlxy7YaQa1JA1BQ6Di0WSgF_4P1reqcHmaX3KgeYp-3XmtU__A_-qpgixGAonZ_Xov_O3Buy4EHgqClryutEy4oUtd8qs2DfbSj_pNkbYquYrd79lklArCWwj0piLQUUEZCTy_EKNAilZHo8-Qr0-160z-UYO1p7MuFNYSro--F_-Wfznfos6u9tO1DYTvgym3Q8m1oV8fexht-2MWXvvCnVp97GuvOz6hZaQtz2BMmG3emafhKxaVA9hVW1Skd0E2bcHBVqLn473qaiPqWc-_qLQ0pB578_vGpXrUWj4mlvQu5kuqSmOo_jI52NRfOBBbYPttrEM-063M-eR46Ksb24QE_XypYpeinvFaVfzNXkoecj_LVSReke1H4BVL54nTeUzkFnzlPkn7rI-Rei4XPxLSMtCE-xakCpC&track=0,1,2 HTTP/1.1
Host: discovernative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Fri, 10 May 2024 20:54:58 GMT
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iLSAmazHJPFMJrS89WbVhuSiZPUeSm6aEjctYZXyjoj2pYwbCfcg7k8dRGADeyVLrFmAD6es4PvbJexStTKZG6QlIw1TaTG8%2FT3Y02bDlqvjARj4CoRPtfqi7Rg77egeSYCoi6A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881cd3d48a0bb51e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnativ.com/extban/247895220/creatives/23426602/f635ee5b57730d49c680d3e693f8da44_6506.jpg | 104.21.1.203 | | 61 kB |
URL GET cdnativ.com/extban/247895220/creatives/23426602/f635ee5b57730d49c680d3e693f8da44_6506.jpg IP104.21.1.203:0
Requested byhttps://adsbb.dfiles.eu/upload/2401/ad27972995eacd9f.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerLet's Encrypt Subjectcdnativ.com Fingerprint1D:09:A9:54:84:56:9B:28:04:88:BE:F1:FC:DD:26:D6:D1:56:ED:7F ValidityWed, 24 Apr 2024 12:41:09 GMT - Tue, 23 Jul 2024 12:41:08 GMT
File typegzip compressed data, max compression, from Unix Hash79e4dffba5477996a4156ffe382a10c8 6102ccae96f931f65a4ce748e31676d2b6bb065a 7738801ccc524f51df505c8f35c6daf1f79a7214101dac745db992e12c3a9b5b
GET /extban/247895220/creatives/23426602/f635ee5b57730d49c680d3e693f8da44_6506.jpg HTTP/1.1
Host: cdnativ.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:54:57 GMT
content-type: image/jpeg
last-modified: Thu, 03 Mar 2022 17:09:04 GMT
etag: W/"6220f630-ee12"
content-encoding: gzip
via: 1.1 google
cache-control: max-age=14400
cf-cache-status: HIT
age: 3289
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sLy9KQoE5iTjVB6Bt%2FTqEEIG9wNhe7WWtsNE7aNDybGBFzghU%2Fefcc6PaL%2Bga0EG4731dhRNV0cNfdPxv6YHE55%2FAOUgtDYgbgFzrm8v6rTniYUaBW8QAA%2B55JQBjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881cd3d13aa8b50c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.cookie-script.com/iabtcf/2.2/sdk_cmp.js | 146.185.171.19 | 200 OK | 24 kB |
URL GET HTTP/2cdn.cookie-script.com/iabtcf/2.2/sdk_cmp.js IP146.185.171.19:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerSectigo Limited Subject*.cookie-script.com FingerprintEC:4C:BD:45:07:39:A8:24:AD:C5:44:8F:4B:DF:0B:40:79:EA:44:77 ValidityMon, 11 Sep 2023 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (46293) Hash526852f73eb08be3f11b85e883cd8408 d97a1c2b8367214d80098f201567a5ee7f69cf5e ca59dd07e26484305b5677c3f537c2ee2c6012a95a77049ae51d2f917fefa10a
GET /iabtcf/2.2/sdk_cmp.js HTTP/1.1
Host: cdn.cookie-script.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 20:54:58 GMT
content-type: text/javascript
content-length: 23905
last-modified: Thu, 25 Apr 2024 09:42:56 GMT
etag: "1700e-616e89ca5d8ed-gzip"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
x-cache-status: HIT
x-server: n3
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdnativ.com/extban/280033020/creatives/23427468/a6c50d87607b3c8d881ec5f07e82296e_5239.jpg | 104.21.1.203 | | 62 kB |
URL GET cdnativ.com/extban/280033020/creatives/23427468/a6c50d87607b3c8d881ec5f07e82296e_5239.jpg IP104.21.1.203:0
Requested byhttps://adsbb.dfiles.eu/upload/2401/ad27972995eacd9f.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerLet's Encrypt Subjectcdnativ.com Fingerprint1D:09:A9:54:84:56:9B:28:04:88:BE:F1:FC:DD:26:D6:D1:56:ED:7F ValidityWed, 24 Apr 2024 12:41:09 GMT - Tue, 23 Jul 2024 12:41:08 GMT
File typegzip compressed data, max compression, from Unix Hash8bfef406dccb0f560a1b79bca1081f90 79fa2542d93c4489e421282a41d39c2028b05a26 f9db44cdb26f125ac0b2db58d8c9ab06279ba2811517dcbc483bb805c421e40e
GET /extban/280033020/creatives/23427468/a6c50d87607b3c8d881ec5f07e82296e_5239.jpg HTTP/1.1
Host: cdnativ.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 20:54:58 GMT
content-type: image/jpeg
last-modified: Sun, 06 Mar 2022 12:19:36 GMT
etag: W/"6224a6d8-f3d5"
content-encoding: gzip
via: 1.1 google
cache-control: max-age=14400
cf-cache-status: HIT
age: 3290
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=39BAf2NaLAfJQJV7oRXlmQsXZUX7xehity0TosohdicoTFAdi2P7yuyFJoeIHgOY14do1Ajv40uCYWPF9x2DUBfdEYrOS62%2FjMaCM4mdugbSpo4H9CiuU8duv%2Fd16A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881cd3d48c310afa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| unseenreport.com/pxf.gif?uuid=84dba0d5-58f6-4130-8bb9-6e719fbe369b&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20 | 192.243.61.225 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=84dba0d5-58f6-4130-8bb9-6e719fbe369b&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=84dba0d5-58f6-4130-8bb9-6e719fbe369b&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 20:54:58 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0a85367739b901708bec8e3184f1f762
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=84dba0d5-58f6-4130-8bb9-6e719fbe369b&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20 | 192.243.61.225 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=84dba0d5-58f6-4130-8bb9-6e719fbe369b&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=84dba0d5-58f6-4130-8bb9-6e719fbe369b&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 20:54:58 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cbad1cdd42910e0391583fc94a3feb62
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdnativ.com/extban/359456820/creatives/23703262/92c64f74b40bf892385cc74e64c5c44d_5883.png | 0.0.0.0 | | 0 B |
URL GET cdnativ.com/extban/359456820/creatives/23703262/92c64f74b40bf892385cc74e64c5c44d_5883.png IP0.0.0.0:0
Requested byhttps://adsbb.dfiles.eu/upload/2401/ad27972995eacd9f.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerLet's Encrypt Subjectcdnativ.com Fingerprint1D:09:A9:54:84:56:9B:28:04:88:BE:F1:FC:DD:26:D6:D1:56:ED:7F ValidityWed, 24 Apr 2024 12:41:09 GMT - Tue, 23 Jul 2024 12:41:08 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /extban/359456820/creatives/23703262/92c64f74b40bf892385cc74e64c5c44d_5883.png HTTP/1.1
Host: cdnativ.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:54:58 GMT
content-type: image/png
last-modified: Wed, 13 Sep 2023 05:05:11 GMT
etag: W/"65014307-158a2"
content-encoding: gzip
via: 1.1 google
cache-control: max-age=14400
cf-cache-status: HIT
age: 4479
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sWz9r87cbEa5FY7rXWNA%2FFNl9gZGJDpEpcT7euoF05wXwcwVh1gkH0i5dFHFza9%2B1zyCaFZv8WdsljXlTaUZhk4NKO0XmdHzd4Qy8ZuKryKzmcxqNUUcKQVCptu10g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881cd3d48c340afa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| pogothere.xyz/asd100.bin | 104.21.24.208 | 200 OK | 102 kB |
IP104.21.24.208:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerGoogle Trust Services LLC Subjectpogothere.xyz Fingerprint34:D3:33:F8:49:E2:1E:3E:44:A8:5D:74:68:9C:B8:A0:D5:F8:DD:0B ValidityWed, 27 Mar 2024 02:15:30 GMT - Tue, 25 Jun 2024 02:15:29 GMT
Size102 kB (102400 bytes) Hash4c6426ac7ef186464ecbb0d81cbfcb1e 5a6918eebd9d635e8f632e3ef34e3792b1b5ec13 f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:54:55 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://dfiles.eu
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 994
last-modified: Fri, 10 May 2024 20:38:21 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BLaPwoRoLpXEdiOxq7W9QwZK30Rc7tDVjfuvuk6IPX7OSZvzULJXxkz7V72pk1kcXORtb%2F1dZqDqC2VdjDoQXm0pltzuhudl5EuwbicklJcB6bLX%2Bk1lC%2FhIiOqZ4YnR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881cd3c6fe170b69-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwKA2PZ0vn97nvQCdlZqYvICrag5OwghnGZ_YDK_J-GXaCTJcZWED74mZgSW1nqXe2lHdam | 64.233.161.84 | 302 Found | 0 B |
URL GET HTTP/3accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwKA2PZ0vn97nvQCdlZqYvICrag5OwghnGZ_YDK_J-GXaCTJcZWED74mZgSW1nqXe2lHdam IP64.233.161.84:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerGoogle Trust Services Subject*.google.com Fingerprint9F:A1:53:E4:09:E1:ED:82:F8:E0:30:B6:39:FA:EC:03:B4:89:46:8A ValidityTue, 16 Apr 2024 03:19:40 GMT - Tue, 09 Jul 2024 03:19:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwKA2PZ0vn97nvQCdlZqYvICrag5OwghnGZ_YDK_J-GXaCTJcZWED74mZgSW1nqXe2lHdam HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:C6GcNp5WiTYmJ6YO_KMgK8iUMJiSow:TU1f1P77T0FM8c6_;Path=/;Expires=Sun, 10-May-2026 20:54:56 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 10 May 2024 20:54:56 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwHj4JomKOliCgTo0ocw4U8GetqZ31KMNMoS0x2JYTLXdYjpnahtyYtMXrz7vnZe4JydeOTbg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S235015279%3A1715374496969695&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-z8ZdRXuhpi-IIFJlG7tvag' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 418
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| discovernative.com/script/native.php?nwpsv=1&r=8033562&cbrandom=0.6829448468200258&cbWidth=240&cbHeight=800&cbtitle=&cbref=https%3A%2F%2Fdfiles.eu%2F&cbdescription=DepositFiles+provides+you+with+a+legitimate+technical+solution%2C+which++enables+you+to+upload%2C+store%2C+access+and+download+text%2C+software%2C++scripts%2C+images%2C+sounds%2C+videos%2C+animations+and+any+other+materials+in+form+of+one+or+several+electronic+files.&cbkeywords=&cbiframe=1&callback=jsonp865515&wthnfp=1&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse1280x10240en-USunknown4824%20bits | 0.0.0.0 | | 0 B |
URL GET discovernative.com/script/native.php?nwpsv=1&r=8033562&cbrandom=0.6829448468200258&cbWidth=240&cbHeight=800&cbtitle=&cbref=https%3A%2F%2Fdfiles.eu%2F&cbdescription=DepositFiles+provides+you+with+a+legitimate+technical+solution%2C+which++enables+you+to+upload%2C+store%2C+access+and+download+text%2C+software%2C++scripts%2C+images%2C+sounds%2C+videos%2C+animations+and+any+other+materials+in+form+of+one+or+several+electronic+files.&cbkeywords=&cbiframe=1&callback=jsonp865515&wthnfp=1&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse1280x10240en-USunknown4824%20bits IP0.0.0.0:0
Requested byhttps://adsbb.dfiles.eu/upload/2401/ad27972995eacd9f.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerLet's Encrypt Subjectdiscovernative.com Fingerprint58:FA:91:4C:A7:5B:73:89:81:BD:21:4B:5C:83:44:7B:21:2E:09:B5 ValidityTue, 30 Apr 2024 18:38:24 GMT - Mon, 29 Jul 2024 18:38:23 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script/native.php?nwpsv=1&r=8033562&cbrandom=0.6829448468200258&cbWidth=240&cbHeight=800&cbtitle=&cbref=https%3A%2F%2Fdfiles.eu%2F&cbdescription=DepositFiles+provides+you+with+a+legitimate+technical+solution%2C+which++enables+you+to+upload%2C+store%2C+access+and+download+text%2C+software%2C++scripts%2C+images%2C+sounds%2C+videos%2C+animations+and+any+other+materials+in+form+of+one+or+several+electronic+files.&cbkeywords=&cbiframe=1&callback=jsonp865515&wthnfp=1&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse1280x10240en-USunknown4824%20bits HTTP/1.1
Host: discovernative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:54:57 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
link: <//discovernative.com>; rel=dns-prefetch,<//discovernative.com>; rel=preconnect,<//cdnativ.com>; rel=dns-prefetch,<//cdnativ.com>; rel=preconnect
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TgJnXyHcsRx4oUhrqAHzQKt%2BwX4skLTQjEEkzET3zR1QmGz66h41fG87zZrUX2B7EuZypJKexDu6ou%2BAOzZDqaITadLxhIbZRv1ILepp%2BF%2Btfs7o%2FgLdqcdY3tmfpUOck31%2FRnY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881cd3cf7be0b51e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnativ.com/extban/359456820/creatives/23703262/92c64f74b40bf892385cc74e64c5c44d_5883.png | 0.0.0.0 | | 0 B |
URL GET cdnativ.com/extban/359456820/creatives/23703262/92c64f74b40bf892385cc74e64c5c44d_5883.png IP0.0.0.0:0
Requested byhttps://adsbb.dfiles.eu/upload/2401/ad27972995eacd9f.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerLet's Encrypt Subjectcdnativ.com Fingerprint1D:09:A9:54:84:56:9B:28:04:88:BE:F1:FC:DD:26:D6:D1:56:ED:7F ValidityWed, 24 Apr 2024 12:41:09 GMT - Tue, 23 Jul 2024 12:41:08 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /extban/359456820/creatives/23703262/92c64f74b40bf892385cc74e64c5c44d_5883.png HTTP/1.1
Host: cdnativ.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:54:57 GMT
content-type: image/png
last-modified: Wed, 13 Sep 2023 05:05:11 GMT
etag: W/"65014307-158a2"
content-encoding: gzip
via: 1.1 google
cache-control: max-age=14400
cf-cache-status: HIT
age: 4478
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z9%2BWtvmblYnKDTmWycOMPXubBS93R425BVa1d7mmPKUVnLN64H5hpO15L5Z1tfLMUZfSEz0HENdwBwUIUdC5KlMCi2XmIVdqbDvOztqgb36%2BJuGRPC4RsbWoRnOBdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881cd3d12a9cb50c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/close.svg | 172.67.141.24 | 200 OK | 1.3 kB |
URL GET HTTP/3cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/close.svg IP172.67.141.24:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeSVG Scalable Vector Graphics image Hash24937fd159a21f2e91207d5788e86c70 1b07e0334cc16c5cd659de56314bd2188e3a82f9 b38a482faa1471a520d231f954412ee0293b0401610af1392038be206dc51b8a
GET /sb/notifications/gambling/default/android-btn/8/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:54:56 GMT
content-type: image/svg+xml
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: W/"65aa8644-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 876480
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UpA0NDkPddfXB88Kn1dKVr%2BPId0EfCaWZCkcK6vGZ%2Bh4nJM2f2zAILwBlfc4tDTQ9u6cNAX%2BW51h09xxMjMu03LkneXP0a%2FkE1DxWVLGGJPX3SoFOyVHkt2dF03rzdnXHhijeN2NIguC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881cd3cdd92256c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| consent.cookie-script.com/analytics?action=firstshown&time=1715374498025&script=962e36ace9b4601f1f51f3e2010e41b9&category= | 116.203.90.127 | 200 OK | 47 B |
URL GET HTTP/2consent.cookie-script.com/analytics?action=firstshown&time=1715374498025&script=962e36ace9b4601f1f51f3e2010e41b9&category= IP116.203.90.127:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerSectigo Limited Subject*.cookie-script.com FingerprintEC:4C:BD:45:07:39:A8:24:AD:C5:44:8F:4B:DF:0B:40:79:EA:44:77 ValidityMon, 11 Sep 2023 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashe8a74be8b4bbbc87c6632120e8400616 3847d20ed0b2f22dbfaa420ff0093f59a0d85616 61a3b66068e95919e92338fb5ff33f528646ebd3453d6f4a32361af82bc990ca
GET /analytics?action=firstshown&time=1715374498025&script=962e36ace9b4601f1f51f3e2010e41b9&category= HTTP/1.1
Host: consent.cookie-script.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 20:54:58 GMT
content-type: application/json
content-length: 47
x-amzn-requestid: 56823e30-a92e-4b2e-aa8d-59d409409216
access-control-allow-origin: *
x-amz-apigw-id: XkpxZH9pjoEEBlw=
x-amzn-trace-id: Root=1-663e89a2-1e843864346790911ee92ee1;Parent=492a067582b8d9c6;Sampled=0;lineage=a8669a4e:0
x-cache: Miss from cloudfront
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: VkgPGGok629FWhvOB4VvEe6LdWl4zxWzeam2YSfFaymGPeJZvSKG1w==
X-Firefox-Spdy: h2
|
|
| adsbb.dfiles.eu//ad.php?z=56&c=NO | 91.226.124.104 | 303 See Other | 6.6 kB |
URL GET HTTP/2adsbb.dfiles.eu//ad.php?z=56&c=NO IP91.226.124.104:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET //ad.php?z=56&c=NO HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: last_file=hqjs9ccxj
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 303 See Other
content-security-policy: frame-ancestors depositfiles.com depositfiles.org dfiles.eu dfiles.com web-301.dfiles.eu web-302.dfiles.eu web-303.dfiles.eu web-304.dfiles.eu, frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: text/html; charset=UTF-8
date: Fri, 10 May 2024 20:54:55 GMT
location: /upload/2401/ad27972995eacd9f.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
server: nginx
set-cookie: _nf56=1; expires=Sat, 11-May-2024 20:54:55 GMT; Max-Age=86400
x-powered-by: PHP/5.6.40
X-Firefox-Spdy: h2
|
|
| adsbb.dfiles.eu//ad.php?z=58&c=NO&g=no_file | 91.226.124.104 | 303 See Other | 1.5 kB |
URL GET HTTP/2adsbb.dfiles.eu//ad.php?z=58&c=NO&g=no_file IP91.226.124.104:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET //ad.php?z=58&c=NO&g=no_file HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: last_file=hqjs9ccxj
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 303 See Other
content-security-policy: frame-ancestors depositfiles.com depositfiles.org dfiles.eu dfiles.com web-301.dfiles.eu web-302.dfiles.eu web-303.dfiles.eu web-304.dfiles.eu, frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: text/html; charset=UTF-8
date: Fri, 10 May 2024 20:54:55 GMT
location: /upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
server: nginx
set-cookie: _nf58=1; expires=Sat, 11-May-2024 20:54:55 GMT; Max-Age=86400
x-powered-by: PHP/5.6.40
X-Firefox-Spdy: h2
|
|
| js.wpshsdk.com/npc/sdk/push.m.js?v=1 | 45.133.44.52 | 200 OK | 34 kB |
URL GET HTTP/2js.wpshsdk.com/npc/sdk/push.m.js?v=1 IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectjs.wpshsdk.com Fingerprint7C:0A:CB:08:AD:6F:60:55:9E:07:7C:F7:07:AC:DD:CF:DF:AB:01:FD ValidityWed, 20 Mar 2024 05:01:38 GMT - Tue, 18 Jun 2024 05:01:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npc/sdk/push.m.js?v=1 HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:54:56 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Sat, 27 Apr 2024 11:13:42 GMT
etag: W/"662cdde6-845a"
content-encoding: gzip
expires: Fri, 10 May 2024 20:59:56 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| adsbb.dfiles.eu//ad.php?z=60&c=NO | 91.226.124.104 | 303 See Other | 1.5 kB |
URL GET HTTP/2adsbb.dfiles.eu//ad.php?z=60&c=NO IP91.226.124.104:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET //ad.php?z=60&c=NO HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: last_file=hqjs9ccxj
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 303 See Other
content-security-policy: frame-ancestors depositfiles.com depositfiles.org dfiles.eu dfiles.com web-301.dfiles.eu web-302.dfiles.eu web-303.dfiles.eu web-304.dfiles.eu, frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: text/html; charset=UTF-8
date: Fri, 10 May 2024 20:54:55 GMT
location: /upload/2203/ad27612964f48cd2.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
server: nginx
set-cookie: _nf60=1; expires=Sat, 11-May-2024 20:54:55 GMT; Max-Age=86400
x-powered-by: PHP/5.6.40
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/style.css | 172.67.141.24 | 200 OK | 3.3 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/style.css IP172.67.141.24:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (3556), with no line terminators Hash5a37dc16b8eecffd5e7e805fee49218c 4187086691ead46033b8f2e76c4efdb611137949 436f451c35127aa88f59b29f7c8df41b3822dc16ada4d685fbeb537ecbbe914c
GET /sb/notifications/gambling/default/android-btn/8/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:54:56 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: W/"65aa8644-d14"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: HIT
age: 709585
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=liFg%2BRT7n7ss2zEr%2BkREbOKQdy3MwN1RX%2FPW%2FFJDkVvWUj7qgm6pRc3jOQvVZ82lxvO9AuICA4913rdvnQDvueGuj4vFaZlS7BDWRyUDtVgqoBng7RFpiJGYqnYeFRUx1CNNyHeHB0dZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881cd3cd2acab4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| superonclick.com/script/native_server.js | 104.21.41.60 | 200 OK | 9.3 kB |
URL GET HTTP/2superonclick.com/script/native_server.js IP104.21.41.60:443
Requested byhttps://adsbb.dfiles.eu/upload/2401/ad27972995eacd9f.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerGoogle Trust Services LLC Subjectsuperonclick.com Fingerprint9B:94:92:AB:DA:58:02:22:8D:53:4A:17:2C:53:89:9A:24:FC:26:4A ValiditySat, 30 Mar 2024 22:15:45 GMT - Fri, 28 Jun 2024 22:15:44 GMT
File typeJavaScript source, ASCII text, with very long lines (9264), with no line terminators Hashe69b620c3ea1b7f6e47bad9fb383e473 0ae9768887cdeebb0907bc0367bb6a4c00f1f43d 372bd7dc17d67e23763e2b731839eafb106486f1c1d03707694c4190a1a86a50
GET /script/native_server.js HTTP/1.1
Host: superonclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:54:56 GMT
content-type: application/javascript
x-guploader-uploadid: ABPtcPoHLgtz4lcGVIzF07JA-MCkJHKmqTquDmgzpErG5eHQ219TVu2dLAhPRdEHSznLmxfGuIU
x-goog-generation: 1550052952705094
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9260
x-goog-hash: crc32c=RAjq/g==, md5=Udh+nr2DH8yragFgeaYHkw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Fri, 10 May 2024 21:11:18 GMT
cache-control: public, max-age=14400
age: 2618
last-modified: Wed, 13 Feb 2019 10:15:52 GMT
etag: W/"51d87e9ebd831fccab6a016079a60793"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FvgAIYnI0SFE7H3D3PPK4YmcO2X9uHtlwgfvTPTvvbh8ypdMMzvsynfOAGYwA7cjlGqmsqN0h%2BcydrUqQzjvSJCOSBI9bsOR4Avc75ltPzU%2By9DLLlLIQ5jyTp1YlcDWRx7I"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881cd3cacd87b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/animate.css | 172.67.141.24 | 200 OK | 79 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/animate.css IP172.67.141.24:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash49a38187f94418e173e4bcc50c96dc4b b64e899d0c6bbb13e6f63e191b77b3eb5e5a6293 92db03d6a48c8756e15b1b2ffb9d1ea5aae5e2d9a706b630f93f73e3debbb3b0
GET /sb/notifications/gambling/default/android-btn/8/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:54:56 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: W/"65aa8644-13365"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: HIT
age: 709585
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NYtJRQ5k39YFwuJLEzaSTlqWS4s74yFlDqIVko3VZIlab2QrUVH%2B7DbXhFvhga0M%2BNQUs1BJr8JQwSdqd8GKZklrRU%2BA91OU3sSuivnMUdAreLF0jzVzgzk6xFM4R0wuMW7gzlJT6gUc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881cd3cd2ab8b4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| depositfiles.com/files/hqjs9ccxj | 91.226.124.106 | 302 Found | 16 kB |
URL User Request GET HTTP/2depositfiles.com/files/hqjs9ccxj IP91.226.124.106:443
CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /files/hqjs9ccxj HTTP/1.1
Host: depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: text/html; charset=UTF-8
date: Fri, 10 May 2024 20:54:53 GMT
location: //dfiles.eu/files/hqjs9ccxj
server: nginx
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api.js | 142.250.74.132 | 200 OK | 850 B |
URL GET HTTP/2www.google.com/recaptcha/api.js IP142.250.74.132:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99 ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT
File typeJavaScript source, ASCII text, with very long lines (850), with no line terminators Hashcc9da74bc51547f7da14aea584e7bd4e cb70339c904703d3a88777889e63b867a04ab2d1 9d640e16608a79d4f95372f1dd9c1edf1322993b6f0d6ec224ff0f01d2053d64
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Fri, 10 May 2024 20:54:54 GMT
date: Fri, 10 May 2024 20:54:54 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| dfiles.eu/files/hqjs9ccxj | 91.226.124.104 | 200 OK | 16 kB |
URL User Request GET HTTP/2dfiles.eu/files/hqjs9ccxj IP91.226.124.104:443
CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /files/hqjs9ccxj HTTP/1.1
Host: dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: text/html; charset=UTF-8
date: Fri, 10 May 2024 20:54:54 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
set-cookie: PHPSESSID=a24ccba6987f0f0a3d520078f34af98f; path=/
last_file=hqjs9ccxj; path=/; domain=.dfiles.eu
lang_current=en; expires=Sat, 10-May-2025 20:54:54 GMT; Max-Age=31536000; path=/; domain=.dfiles.eu; secure
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| superonclick.com/script/style.js | 104.21.41.60 | 200 OK | 41 kB |
URL GET HTTP/3superonclick.com/script/style.js IP104.21.41.60:443
Requested byhttps://adsbb.dfiles.eu/upload/2401/ad27972995eacd9f.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerGoogle Trust Services LLC Subjectsuperonclick.com Fingerprint9B:94:92:AB:DA:58:02:22:8D:53:4A:17:2C:53:89:9A:24:FC:26:4A ValiditySat, 30 Mar 2024 22:15:45 GMT - Fri, 28 Jun 2024 22:15:44 GMT
File typeJavaScript source, ASCII text, with very long lines (41251) Hashf6f9c433637f7abffaf0eb918b83874c b2fe86ef85e729459425dcbfa683682188fca3ef 07e8d6ea069f651d48ad47731cce6d24417176b3a353554f40fe2d5f8b81afb1
GET /script/style.js HTTP/1.1
Host: superonclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:54:57 GMT
content-type: text/javascript
x-goog-generation: 1570691734888336
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 41280
x-goog-hash: crc32c=r+9kWg==, md5=9vnEM2N/er/68OuRi4OHTA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
x-guploader-uploadid: ABPtcPqufkSEuEcZJknswyz8vJn8RyQlQAXeDfTcwIIJc_1ELpi8NQQH84C_blv7nNg3APRNdwECO-bLGQ
expires: Fri, 10 May 2024 21:41:35 GMT
cache-control: public, max-age=14400
age: 802
last-modified: Thu, 10 Oct 2019 07:15:34 GMT
etag: W/"f6f9c433637f7abffaf0eb918b83874c"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n5SmHkFJH4sIVaysVHsA3i7O66V0iqxTX6VNzOvwpixDF8YI1K3dhowS2mxChhY0dhS6g15rcM40I61z8%2F1QHgh9F%2B9jJEqJJYOlpCN5P6YfrQBGY3AuMCiPm%2FVYBKWKzzY8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881cd3d09ad7b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| js.wpadmngr.com/static/adManager.js | 45.133.44.53 | 200 OK | 1.7 kB |
URL GET HTTP/2js.wpadmngr.com/static/adManager.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectjs.wpadmngr.com Fingerprint84:E6:F4:D4:0F:47:08:72:62:3E:55:F0:E0:FB:D7:B3:4A:EA:C0:60 ValidityFri, 10 May 2024 03:00:52 GMT - Thu, 08 Aug 2024 03:00:51 GMT
File typeJavaScript source, ASCII text, with very long lines (1887), with no line terminators Hash8263610639624a65707a41479379709a 1653610e4e9b3814c8e68eb96814378d71be9776 8e6ca46c563e6ef9d3245fe116672ac9ff7b807033852fa0452493b5fb2d8a0c
GET /static/adManager.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:54:54 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 08 May 2024 10:50:16 GMT
etag: W/"663b58e8-6c7"
content-encoding: gzip
expires: Fri, 10 May 2024 20:59:54 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| customarydesolate.com/c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js | 172.240.108.84 | 200 OK | 76 kB |
URL GET HTTP/1.1customarydesolate.com/c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js IP172.240.108.84:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectcustomarydesolate.com Fingerprint00:D2:0D:86:8E:FB:C8:79:46:C6:0E:E5:71:C7:50:AC:0E:C1:D1:F8 ValidityMon, 06 May 2024 08:18:02 GMT - Sun, 04 Aug 2024 08:18:01 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashdb15e4f6695918fb72961a50ff5a3641 6c4644cd43d77036b276e18ca627e934c2a98c11 1f4f07459137b54ae71160e3dd08ff8aec123dc985a7847f0695c55984f0fb56
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js HTTP/1.1
Host: customarydesolate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 20:54:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 38f527d265719e1a175f3d8e244d35ac
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| superonclick.com/script/native_render.js | 104.21.41.60 | 200 OK | 4.3 kB |
URL GET HTTP/2superonclick.com/script/native_render.js IP104.21.41.60:443
Requested byhttps://adsbb.dfiles.eu/upload/2401/ad27972995eacd9f.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerGoogle Trust Services LLC Subjectsuperonclick.com Fingerprint9B:94:92:AB:DA:58:02:22:8D:53:4A:17:2C:53:89:9A:24:FC:26:4A ValiditySat, 30 Mar 2024 22:15:45 GMT - Fri, 28 Jun 2024 22:15:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4302), with no line terminators Hashe6a0e9d7c59dd6177052c848b8e5ee22 a5899a8b6ca1c9f1b4f307b305d417ef473038db f63b4728b0cbf0880a12c2426864acc70702afd82a48c85b8b68120d88059ad4
GET /script/native_render.js HTTP/1.1
Host: superonclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:54:56 GMT
content-type: application/javascript
x-guploader-uploadid: ABPtcPqsg6sA7rrjstE46D9gHYq59PKsdPtTg2d3jZ4iIuzh21hikHCNSS2m0GmVfcUAge8tj6Y
x-goog-generation: 1550052950916101
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4285
x-goog-hash: crc32c=rXethw==, md5=i4AdaMb2P574qaeqSEucdQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Fri, 10 May 2024 20:26:38 GMT
cache-control: public, max-age=14400
age: 2618
last-modified: Wed, 13 Feb 2019 10:15:50 GMT
etag: W/"8b801d68c6f63f9ef8a9a7aa484b9c75"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SJZraKkRIah3o7GjFBGNUCPLrMC%2BQVmZHVB3oR50x6PT5KskXwLeksu%2FbOi%2FRECM6q4mG1nqvmGqwHIhH4XRq2IlPsnB9sCxgFgtdPHp6%2FKjWqhiinPemAPP0nV561AP2oD2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881cd3cacd90b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| adsbb.dfiles.eu/upload/blank.htm | 91.226.124.104 | 200 OK | 387 B |
URL GET HTTP/2adsbb.dfiles.eu/upload/blank.htm IP91.226.124.104:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
File typeHTML document, ASCII text, with very long lines (425), with no line terminators Hashd91c0cb44500d613d5d1c609d61e609d 9fbbda167004d5a1b7769aaf255d33b324d03d23 4849fb0b7cd69d8b1fe3a782569b7023f2001588f2a7a1060ac67c641eda6b73
GET /upload/blank.htm HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
DNT: 1
Connection: keep-alive
Cookie: last_file=hqjs9ccxj; _nf58=1; _nf60=1; _nf7=1; _nf56=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
content-security-policy: frame-ancestors depositfiles.com depositfiles.org dfiles.eu dfiles.com web-301.dfiles.eu web-302.dfiles.eu web-303.dfiles.eu web-304.dfiles.eu, frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: text/html
date: Fri, 10 May 2024 20:54:55 GMT
last-modified: Wed, 29 Nov 2023 10:47:03 GMT
server: nginx
X-Firefox-Spdy: h2
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzkKlDquz8MZps8P5IVIIzL3toNgxrtKYpN-mD3ikzoiT7iVt8n8K8wI9cAyMEavhC2OLVdeg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-519622298%3A1715374496963846&ddm=0 | 64.233.161.84 | 403 Forbidden | 0 B |
URL GET HTTP/3accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzkKlDquz8MZps8P5IVIIzL3toNgxrtKYpN-mD3ikzoiT7iVt8n8K8wI9cAyMEavhC2OLVdeg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-519622298%3A1715374496963846&ddm=0 IP64.233.161.84:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerGoogle Trust Services Subject*.google.com Fingerprint9F:A1:53:E4:09:E1:ED:82:F8:E0:30:B6:39:FA:EC:03:B4:89:46:8A ValidityTue, 16 Apr 2024 03:19:40 GMT - Tue, 09 Jul 2024 03:19:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzkKlDquz8MZps8P5IVIIzL3toNgxrtKYpN-mD3ikzoiT7iVt8n8K8wI9cAyMEavhC2OLVdeg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-519622298%3A1715374496963846&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 10 May 2024 20:54:57 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-Gygxd6TaWbiUcLIECDs-zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| adsbb.dfiles.eu/upload/2401/ad27972995eacd9f.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 | 91.226.124.104 | 200 OK | 6.6 kB |
URL GET HTTP/2adsbb.dfiles.eu/upload/2401/ad27972995eacd9f.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 IP91.226.124.104:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
File typeHTML document, ASCII text, with very long lines (6837), with no line terminators Hash3c8982ba610359ebff17d4984fe630c5 cbab432e90f5630f48504a767d596a0611ed8358 7ca7f15b035919f44cd3d0df67eb71e2a0eacf1d990d6be3a08b66f3e2d75fad
GET /upload/2401/ad27972995eacd9f.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
DNT: 1
Connection: keep-alive
Cookie: last_file=hqjs9ccxj; _nf58=1; _nf60=1; _nf7=1; _nf56=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
content-security-policy: frame-ancestors depositfiles.com depositfiles.org dfiles.eu dfiles.com web-301.dfiles.eu web-302.dfiles.eu web-303.dfiles.eu web-304.dfiles.eu, frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: text/html
date: Fri, 10 May 2024 20:54:55 GMT
last-modified: Fri, 10 May 2024 20:50:00 GMT
server: nginx
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 7.0 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (7193), with no line terminators Hash16b49a99486594c0b42d9bd7821deb2c 2fb46e5e86d6b37d4497cc04bfd89b3cb33a276a 3f3540952441e06ef81189cf63d46bac242804e386779dbb0cdd78ed10025c21
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 20:54:57 GMT
date: Fri, 10 May 2024 20:54:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 104.21.35.227 | 200 OK | 86 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP104.21.35.227:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:54:55 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 51e929647d346f08cee48497f6227e7c
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 10 May 2024 20:54:55 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YsBmLPww38zJXgHIz71NQ4EWyHBFwwUuhR8kH3IArBhqL3FOJST6amdRamU1oVyVhDxYuAFRt7wD1%2FG38i6IsrPug%2F3nW%2BFMkzgPm0kNVkKQFI2qMH%2FU3DNeNc0fSzncg9HU8gY%2FgYKMaSlKMfWJGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881cd3c30a9b7129-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 104.21.35.227 | 200 OK | 86 kB |
URL GET HTTP/3downstairsnegotiatebarren.com/sfp.js IP104.21.35.227:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:54:56 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 57a2dddb03e94554b674f52461325f02
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 10 May 2024 20:54:55 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BbzYnyoxt4%2Bwy0zQdFnbIDqBQmqRu2aJxA%2FJ9wTVHBTy25b6bCVJJ%2BNuUsq9XJFQz2n0NWYyFEV%2FXTt2fuLhWtaaNX3IX1eRFI5e6uqFL1rmCIoVy9uvBl%2FZ1ECVKxsea31tt5vB8D9KoyIlILcTjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881cd3c7cbd956bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| acscdn.com/script/ut.js?cb=1715374495488 | 172.67.165.20 | 200 OK | 63 kB |
URL GET HTTP/3acscdn.com/script/ut.js?cb=1715374495488 IP172.67.165.20:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerGoogle Trust Services LLC Subjectacscdn.com Fingerprint55:5D:7F:12:65:2B:04:EA:49:29:92:63:3B:D1:C2:DF:C7:F6:4B:9E ValiditySat, 27 Apr 2024 13:56:54 GMT - Fri, 26 Jul 2024 13:56:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script/ut.js?cb=1715374495488 HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:54:55 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPq4rLQfUzIb4PXABJF3kaL6QpNC2eEDt1dZIA_AICzJwRtEzQkHmfGBvBjJTgyllcLoFfCchk7ypw
x-goog-generation: 1714053300452258
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 62975
x-goog-hash: crc32c=f8d0YQ==, md5=vEgeNFwEtFNOCk5UoPLBxg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Fri, 10 May 2024 21:23:21 GMT
cache-control: public, max-age=3600
age: 756
last-modified: Thu, 25 Apr 2024 13:55:00 GMT
etag: W/"bc481e345c04b4534e0a4e54a0f2c1c6"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=97xk72VikImPDEumI9DIlXA787SWB0okdRjWkvEx1lmAhM3wJYxFOjkSIqt%2BjcR6c%2BllAlezc7wyNy6CY%2FwWg8HrxdWbV4MRMK8uGZAWwWFFlJveehRhPoCJF%2BCx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881cd3c4f90e56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adsbb.dfiles.eu/upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 | 91.226.124.104 | 200 OK | 1.5 kB |
URL GET HTTP/2adsbb.dfiles.eu/upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 IP91.226.124.104:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
File typeHTML document, ASCII text, with very long lines (1549), with no line terminators Hash0362dc36e7dca16d6dd120fded4e95c0 3beca03054c208fd42e452560394adeb254d2f2e ea8b822ebc79c8ce6d830068acef6b4a9bb034176012ca762efe8b3f835c8de6
GET /upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
DNT: 1
Connection: keep-alive
Cookie: last_file=hqjs9ccxj; _nf58=1; _nf60=1; _nf7=1; _nf56=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
content-security-policy: frame-ancestors depositfiles.com depositfiles.org dfiles.eu dfiles.com web-301.dfiles.eu web-302.dfiles.eu web-303.dfiles.eu web-304.dfiles.eu, frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: text/html
date: Fri, 10 May 2024 20:54:55 GMT
last-modified: Fri, 10 May 2024 20:50:00 GMT
server: nginx
X-Firefox-Spdy: h2
|
|
| discovernative.com/script/native.php?nwpsv=1&r=8033562&cbrandom=0.6829448468200258&cbWidth=240&cbHeight=800&cbtitle=&cbref=https%3A%2F%2Fdfiles.eu%2F&cbdescription=DepositFiles%20provides%20you%20with%20a%20legitimate%20technical%20solution%2C%20which%20%20enables%20you%20to%20upload%2C%20store%2C%20access%20and%20download%20text%2C%20software%2C%20%20scripts%2C%20images%2C%20sounds%2C%20videos%2C%20animations%20and%20any%20other%20materials%20in%20form%20of%20one%20or%20several%20electronic%20files.&cbkeywords=&cbiframe=1&&callback=jsonp865515 | 172.67.150.145 | 200 OK | 1.4 kB |
URL GET HTTP/2discovernative.com/script/native.php?nwpsv=1&r=8033562&cbrandom=0.6829448468200258&cbWidth=240&cbHeight=800&cbtitle=&cbref=https%3A%2F%2Fdfiles.eu%2F&cbdescription=DepositFiles%20provides%20you%20with%20a%20legitimate%20technical%20solution%2C%20which%20%20enables%20you%20to%20upload%2C%20store%2C%20access%20and%20download%20text%2C%20software%2C%20%20scripts%2C%20images%2C%20sounds%2C%20videos%2C%20animations%20and%20any%20other%20materials%20in%20form%20of%20one%20or%20several%20electronic%20files.&cbkeywords=&cbiframe=1&&callback=jsonp865515 IP172.67.150.145:443
Requested byhttps://adsbb.dfiles.eu/upload/2401/ad27972995eacd9f.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerLet's Encrypt Subjectdiscovernative.com Fingerprint58:FA:91:4C:A7:5B:73:89:81:BD:21:4B:5C:83:44:7B:21:2E:09:B5 ValidityTue, 30 Apr 2024 18:38:24 GMT - Mon, 29 Jul 2024 18:38:23 GMT
File typeJavaScript source, ASCII text, with very long lines (1451), with no line terminators Hash292f858209bd3e3598f0aa86e436b673 7d463dd99c44d7da67e996d395fb103301425714 397c0aaf0328e510fb1222b5955ab0344e77f707ae5f0743a46119949888c2e0
GET /script/native.php?nwpsv=1&r=8033562&cbrandom=0.6829448468200258&cbWidth=240&cbHeight=800&cbtitle=&cbref=https%3A%2F%2Fdfiles.eu%2F&cbdescription=DepositFiles%20provides%20you%20with%20a%20legitimate%20technical%20solution%2C%20which%20%20enables%20you%20to%20upload%2C%20store%2C%20access%20and%20download%20text%2C%20software%2C%20%20scripts%2C%20images%2C%20sounds%2C%20videos%2C%20animations%20and%20any%20other%20materials%20in%20form%20of%20one%20or%20several%20electronic%20files.&cbkeywords=&cbiframe=1&&callback=jsonp865515 HTTP/1.1
Host: discovernative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:54:57 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q6K5TkYaNaPcRCKFYMPO1RIMDTKtOOxtaPLZv8UC3BcBrA8NjeWpVRxeQyceRPA0R1dvzT3yw%2F5cl17iV%2BRy623Ds32Adx%2B2ucj8%2BVv0lwoc7qLgjNjKVJMnsxdtcy%2FY6ZJiCM4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881cd3ce1ab8b509-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| pogothere.xyz/ | 104.21.24.208 | 200 OK | 27 B |
IP104.21.24.208:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerGoogle Trust Services LLC Subjectpogothere.xyz Fingerprint34:D3:33:F8:49:E2:1E:3E:44:A8:5D:74:68:9C:B8:A0:D5:F8:DD:0B ValidityWed, 27 Mar 2024 02:15:30 GMT - Tue, 25 Jun 2024 02:15:29 GMT
File typeASCII text, with no line terminators Hasha8dbbe2d06c4da79ef2cee04fe6c1ab9 51a89fee2759a3347d0e9441cc4aa06fbbaee6ff 85475f0b0ee3720f8a1d51cd1f0736cb151662534157a30128a28ffc60292d5b
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:54:55 GMT
content-type: text/plain
set-cookie: csu=2075503329809964@1@1715374495; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://dfiles.eu
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Y8cWxMB2QtOn6EctdBho7EdUs0cDjeOYuVyhNc2GedFWw3xlV1RcxjU1dn2XPahgVdDf2kzecJkbrDbKTquBUP8M1xtCvQke5Fr4WKj%2Fq%2BS1ZXB5zcFmGS2Xu5eh7Vk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881cd3c6fe110b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| adsbb.dfiles.eu//ad.php?z=7&c=NO&g=no_file&u=663e899e04d17-61314718 | 91.226.124.104 | 303 See Other | 387 B |
URL GET HTTP/2adsbb.dfiles.eu//ad.php?z=7&c=NO&g=no_file&u=663e899e04d17-61314718 IP91.226.124.104:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET //ad.php?z=7&c=NO&g=no_file&u=663e899e04d17-61314718 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: last_file=hqjs9ccxj
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 303 See Other
content-security-policy: frame-ancestors depositfiles.com depositfiles.org dfiles.eu dfiles.com web-301.dfiles.eu web-302.dfiles.eu web-303.dfiles.eu web-304.dfiles.eu, frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: text/html; charset=UTF-8
date: Fri, 10 May 2024 20:54:55 GMT
location: /upload/blank.htm
server: nginx
set-cookie: _nf7=1; expires=Sat, 11-May-2024 20:54:55 GMT; Max-Age=86400
x-powered-by: PHP/5.6.40
X-Firefox-Spdy: h2
|
|
| na.nawpush.com/tags/46445?version_name=b | 45.133.44.25 | 200 OK | 907 B |
URL GET HTTP/2na.nawpush.com/tags/46445?version_name=b IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerLet's Encrypt Subjectna.nawpush.com FingerprintE4:8A:6D:1E:95:BA:50:33:94:D3:16:FE:4C:61:AA:DE:72:B1:70:87 ValidityThu, 28 Mar 2024 03:00:38 GMT - Wed, 26 Jun 2024 03:00:37 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (1015), with no line terminators Hashfb6d8791a99100182e7dfa83497b2217 2617f3bdfc45bd7b662521b0c3a0bf9abe666924 a7e9b0d9cd91ae428f46cc004ed95efd6174a746145f1fc9e9ee97808cc54bd9
GET /tags/46445?version_name=b HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:54:55 GMT
content-type: application/json
content-length: 907
server: nginx/1.24.0
cache-control: max-age=300, public
x-proxy-cache: EXPIRED
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/js/script.js | 172.67.141.24 | 200 OK | 9.5 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/js/script.js IP172.67.141.24:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeUnicode text, UTF-8 text, with very long lines (8821), with no line terminators Hashd0707ac5d95047febbb8f131cc7a9af4 65021f149e99900eeaf7d298d2303160872b43f3 3e2e7ab351d401339df520fbd7ce4f177643dca01cad22bf59dd4b3e14853810
GET /sb/notifications/gambling/default/android-btn/8/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:54:56 GMT
content-type: application/javascript
last-modified: Tue, 20 Feb 2024 10:37:31 GMT
etag: W/"65d480eb-24fa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 709585
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C9an7byBZX6hxFipylIIxjPXyXGyhFnC1BTBk4wWrDJ0IDLlITzCWDfnJ8HApDIo86gZjso1jcbQg0W9RavHO6r9Fwrn9siSZjtlZYTFFbN5xmRqINvPE9H9k77yEV2CMxlIpxNTvHty"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881cd3cd2ac1b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwHj4JomKOliCgTo0ocw4U8GetqZ31KMNMoS0x2JYTLXdYjpnahtyYtMXrz7vnZe4JydeOTbg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S235015279%3A1715374496969695&ddm=0 | 64.233.161.84 | 403 Forbidden | 0 B |
URL GET HTTP/3accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwHj4JomKOliCgTo0ocw4U8GetqZ31KMNMoS0x2JYTLXdYjpnahtyYtMXrz7vnZe4JydeOTbg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S235015279%3A1715374496969695&ddm=0 IP64.233.161.84:443
Requested byhttps://dfiles.eu/files/hqjs9ccxj CertificateIssuerGoogle Trust Services Subject*.google.com Fingerprint9F:A1:53:E4:09:E1:ED:82:F8:E0:30:B6:39:FA:EC:03:B4:89:46:8A ValidityTue, 16 Apr 2024 03:19:40 GMT - Tue, 09 Jul 2024 03:19:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwHj4JomKOliCgTo0ocw4U8GetqZ31KMNMoS0x2JYTLXdYjpnahtyYtMXrz7vnZe4JydeOTbg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S235015279%3A1715374496969695&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 10 May 2024 20:54:57 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-nkbnAtvSQeQnC5qe08b0Tg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|