Report - dfiles.eu/files/h6xnapy8v/COD4MW-remaster.exe

Report Overview

Submitted URL
dfiles.eu/files/h6xnapy8v/COD4MW-remaster.exe
IP
91.226.124.80
ASN
#35415 Webzilla B.V.
Submitted
2023-03-23 14:01:20
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
ocsp.r2m01.amazontrust.com	unknown	2022-10-12T22:43:53Z	2023-03-29T09:11:41Z	350 B	1.0 kB	54.230.80.227
dfiles.eu	434493	2012-12-23T12:05:24Z	2023-03-28T14:47:37Z	1.8 kB	7.4 kB	91.226.124.78
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	127 B	52.42.182.211
19d80f4f97.523d6475f9.com	unknown	2023-03-20T04:42:00Z	2023-03-25T04:45:29Z	1.2 kB	320 B	45.133.44.24
sw.wpush.org	78308	2020-02-15T08:54:44Z	2023-03-28T08:51:34Z	738 B	5.4 kB	45.133.44.25
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-29T11:19:48Z	477 B	17 kB	142.250.74.3
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-29T05:09:04Z	3.4 kB	7.0 kB	142.250.74.131
js.wpadmngr.com	25762	2021-06-02T16:43:46Z	2023-03-29T17:47:17Z	1.1 kB	38 kB	45.133.44.25
jsc.adskeeper.com	31191	2020-07-04T12:58:29Z	2023-03-28T19:06:05Z	377 B	1.7 kB	104.18.8.46
js.wpshsdk.com	12130	2021-06-04T15:50:00Z	2023-03-29T18:18:07Z	1.6 kB	81 kB	45.133.44.25
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
www.google.com	7	2015-05-10T13:11:19Z	2023-03-29T05:55:56Z	360 B	1.1 kB	216.58.207.228
adsbb.dfiles.eu	unknown	2017-03-18T01:40:30Z	2023-03-28T07:39:53Z	5.5 kB	174 kB	91.226.124.80
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-29T10:13:53Z	377 B	630 B	172.217.21.170
fp.metricswpsh.com	unknown	2022-04-22T13:20:32Z	2023-03-29T15:25:15Z	929 B	774 B	157.90.84.242
friendshipmale.com	unknown	2022-10-21T14:15:25Z	2023-03-29T14:32:52Z	354 B	28 kB	172.64.167.29
cdn.cloudimagesb.com	23099	2021-02-12T17:15:41Z	2023-03-29T07:00:47Z	401 B	33 kB	45.133.44.10
unseenreport.com	unknown	2022-03-30T16:33:17Z	2023-03-29T11:04:37Z	1.4 kB	846 B	192.243.61.225
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-29T09:13:03Z	429 B	166 kB	216.58.211.3
nannyamplify.com	unknown	2023-03-10T02:32:00Z	2023-03-29T18:34:03Z	3.1 kB	35 kB	173.233.137.52
notification.tubecup.net	8210	2019-08-30T11:36:01Z	2023-03-29T18:43:31Z	428 B	309 B	78.47.199.210
cdn.barscreative1.com	25648	2021-09-16T13:14:42Z	2023-03-29T16:42:28Z	437 B	386 B	45.133.44.3
simplewebanalysis.com	unknown	2022-02-25T05:06:25Z	2023-03-29T05:10:55Z	379 B	402 B	3.123.95.62
cdn.unblockia.com	20316	2019-12-02T14:45:53Z	2023-03-28T19:25:08Z	351 B	893 B	54.230.111.125
cdn.creative-bars1.com	unknown	2022-11-15T17:46:22Z	2023-03-29T11:04:36Z	1.2 kB	4.5 kB	172.64.167.9
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	9.1 kB	24 kB	23.36.76.226
static.depositfiles.com	unknown	2012-05-24T17:07:52Z	2023-03-28T07:39:53Z	6.8 kB	661 kB	91.226.124.77
na.nawpush.com	38563	2020-12-23T09:18:12Z	2023-03-29T15:25:15Z	392 B	742 B	45.133.44.24
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	3.2 kB	52 kB	34.120.237.76
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-29T05:44:04Z	377 B	84 kB	142.250.74.72
pl16105218.highrevenuegate.com	unknown	2023-03-03T23:08:15Z	2023-03-28T07:39:53Z	404 B	14 kB	173.233.137.36
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-29T05:15:25Z	663 B	440 B	216.239.32.36
adserver.adreactor.com	268206	2012-05-22T22:55:13Z	2023-03-27T07:59:15Z	1.5 kB	10 kB	46.166.179.121

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-03-23	medium	highrevenuegate.com	Sinkholed
2023-03-23	medium	nannyamplify.com	Sinkholed
2023-03-23	medium	nannyamplify.com	Sinkholed
2023-03-23	medium	nannyamplify.com	Sinkholed
2023-03-23	medium	unseenreport.com	Sinkholed
2023-03-23	medium	unseenreport.com	Sinkholed
2023-03-23	medium	nannyamplify.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (69)

	URL	Size	First Seen	Last Seen
	adsbb.dfiles.eu/upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752	240 B	2023-03-29	2023-03-29
Pretty URL adsbb.dfiles.eu/upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 IP 91.226.124.80 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:00:35 Last Seen2023-03-29 21:00:35 Times Seen1 Hash be41cce00b491562d48864a8b19a3ae4 67e3c06766f28dfa8531842468e46953504de268 e2bcf6c0be9910fcebb2dc8e0a9b6b79b175a6a409994a1c8223335a37b1e069 Loading...

	dfiles.eu/files/h6xnapy8v/COD4MW-remaster.exe	781 B	2023-03-07	2024-05-10
Pretty URL dfiles.eu/files/h6xnapy8v/COD4MW-remaster.exe IP 91.226.124.78 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2024-05-10 22:55:29 Times Seen593 Hash fc579ba1ff4c0c2e22ba979c418178d1 87d25254a57e673bc1a10500c9a7f887d8dfa6a9 455914aff0c5916e2978af037cddc01aca97fe3c14c6cd1b8f2c6dfc557931bc Loading...

	dfiles.eu/files/h6xnapy8v/COD4MW-remaster.exe	139 B	2023-03-07	2024-05-10
Pretty URL dfiles.eu/files/h6xnapy8v/COD4MW-remaster.exe IP 91.226.124.78 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:56 Last Seen2024-05-10 22:55:29 Times Seen604 Hash 096fbc4b579acc65367920b87875c1f0 53a8d0be557838d6912339a6f684ac434f9cedc0 4a590c7532c8fdd5e2f6fe223990b525091f9412faf8b2971bfdc1e69be03cd2 Loading...

	dfiles.eu/files/h6xnapy8v/COD4MW-remaster.exe	196 B	2023-03-07	2024-05-09
Pretty URL dfiles.eu/files/h6xnapy8v/COD4MW-remaster.exe IP 91.226.124.78 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2024-05-09 04:57:55 Times Seen410 Hash 738f0ebda06d4e3be48f4576e83f5bdc e759a55fed96d6755fcfe6ca0e5462661623584c 89f8e0678a1c23c88167b818660ff3ee3177babd1941f25827c17884f0187f52 Loading...

	js.wpadmngr.com/static/adManager.js	1.2 kB	2023-03-08	2023-09-14
Pretty URL js.wpadmngr.com/static/adManager.js IP 45.133.44.25 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:37:08 Last Seen2023-09-14 04:40:07 Times Seen1254 Hash 51b1a71b0add99b35a138609b191ca0a 49f6306d517f897883dcadb89fb725a3cd5f017d 902269f1228994ac73ce1a3ed21d948beb250b5c3d945b459ac6a48a097968fe Loading...

	dfiles.eu/files/h6xnapy8v/COD4MW-remaster.exe	26 B	2023-03-07	2024-05-10
Pretty URL dfiles.eu/files/h6xnapy8v/COD4MW-remaster.exe IP 91.226.124.78 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2024-05-10 22:55:30 Times Seen606 Hash ed91f0c19cbcd50a62fe290680800145 b42572f05f14b93093f64b146245b32b3d0cbf9e c67d0cfcd4c4e9eb4c73c9ac4c4545d5628603946d522a5fca6f3106749df1e0 Loading...

	nannyamplify.com/c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js	86 kB	2023-03-26	2023-04-02
Pretty URL nannyamplify.com/c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js IP 173.233.137.52 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 09:01:15 Last Seen2023-04-02 21:20:26 Times Seen4 Hash d7eff65b484ec20d17ba1306ab9d880b 541a754480db2e0f351cfb74a57d8f04cc1742c0 09993ca55a99cc3038c985ecb0b875d21921a608d0878d7f91bb2b9ef59020c4 Loading...

	adserver.adreactor.com/servlet/tagger/33986835/1679580079130	67 B	2023-03-29	2023-03-29
Pretty URL adserver.adreactor.com/servlet/tagger/33986835/1679580079130 IP 46.166.179.121 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:00:36 Last Seen2023-03-29 21:00:36 Times Seen1 Hash bf008109823e2b98b2473fd066603816 fbb2b6783e9f285968672745e734e6f8e50b967c ae9464d59751bfceeee84e6aba325b3fd69583eaf8e5221f3a09f437f4c844cc Loading...

	cdn.unblockia.com/h.js	156 kB	2023-03-13	2023-03-29
Pretty URL cdn.unblockia.com/h.js IP 54.230.111.125 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 23:58:08 Last Seen2023-03-29 23:14:15 Times Seen73 Hash 6f10efbed5fddb7cda8b803fb6d129f4 692b7ce7edae0cc120b806133f5b267db74f8737 f0a3e10929596e4a2855798959d1d9eea123133bbf3201cbdb6c768af3f17918 Loading...

	unknown	0 B	2023-03-07	2024-05-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-11 03:35:49 Times Seen37534284 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	dfiles.eu/files/h6xnapy8v/COD4MW-remaster.exe	145 B	2023-03-07	2024-05-09
Pretty URL dfiles.eu/files/h6xnapy8v/COD4MW-remaster.exe IP 91.226.124.78 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2024-05-09 04:57:55 Times Seen410 Hash 25e8fa0a01ccad8580ab6d3e32224215 1417328ad6c6ec271babbd02e416084732e5fe16 a3c5c8f919fba5ed782546322677dfaf74cad0e631d95787d6e003d127481dfc Loading...

	dfiles.eu/files/h6xnapy8v/COD4MW-remaster.exe	698 B	2023-03-29	2023-03-29
Pretty URL dfiles.eu/files/h6xnapy8v/COD4MW-remaster.exe IP 91.226.124.78 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:00:36 Last Seen2023-03-29 21:00:36 Times Seen1 Hash eda4c35ba9c3abdcaaf56b4942a9dc92 5bdbfb74f8d5d0eda22bd51480cf19ba1b6c5069 3898900e0df24bb9253289ca918b32fa3c1eee8ad5df665c7a4d76bc2e165ab2 Loading...

	js.wpshsdk.com/npc/sdk/push.m.js?v=1	66 kB	2023-03-26	2023-03-29
Pretty URL js.wpshsdk.com/npc/sdk/push.m.js?v=1 IP 45.133.44.25 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 13:35:21 Last Seen2023-03-29 23:21:49 Times Seen80 Hash adaf07f9a7d342f9550e91c453a389fb 9a76b3eede88a3c3b9c99552a99623fc7d786571 680aeddd930fcecfdbe224416db68a222c342902408c8d2ded164bd854e99ff6 Loading...

	pl16105218.highrevenuegate.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js	37 kB	2023-03-29	2023-03-29
Pretty URL pl16105218.highrevenuegate.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:00:36 Last Seen2023-03-29 21:00:36 Times Seen1 Hash 8b70df1f69fe94fdb9ad884ed7f55d88 4af2875e5df1465475e25bec9a81d90631922ce9 831fc93342e2c6bf46c70bb7bc026c09a47adaa032489590b82ab22658ef3b69 Loading...

	adsbb.dfiles.eu/upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752	99 B	2023-03-07	2023-04-02
Pretty URL adsbb.dfiles.eu/upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 IP 91.226.124.80 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2023-04-02 21:29:32 Times Seen56 Hash 5853c66ff7f2be817e13aa11e3ad5133 305abee8cfef7908064d01388eff7be16122218d e32e9a1c34600d064c193d254afe07296829222180ea25b043b7c2edf73722a2 Loading...

	adsbb.dfiles.eu/upload/2203/ad27602963634849.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752	240 B	2023-03-29	2023-03-29
Pretty URL adsbb.dfiles.eu/upload/2203/ad27602963634849.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 IP 91.226.124.80 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:00:36 Last Seen2023-03-29 21:00:36 Times Seen1 Hash 9ac5f08282896758a87e072553109d83 28a4c1bb83302ccfcda7d885d5db1e7c85da3b9b 983cb9ef52445887b06eb066ad4b738400adcea2e3b801481222953a2c9c8860 Loading...

	dfiles.eu/files/h6xnapy8v/COD4MW-remaster.exe	154 B	2023-03-13	2024-05-10
Pretty URL dfiles.eu/files/h6xnapy8v/COD4MW-remaster.exe IP 91.226.124.78 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:01:53 Last Seen2024-05-10 22:55:29 Times Seen606 Hash a5d30d6e8f7d127b22036f0cba694312 48b3fda0a81aeee349d1d58c1064e6028ad01500 3535afb4b7453318c16fd30caa8ed102f9e880596bd4391c7aff5be03295cdf0 Loading...

	adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js	85 kB	2023-03-07	2024-05-10
Pretty URL adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js IP 91.226.124.80 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:20 Last Seen2024-05-10 22:55:30 Times Seen3893 Hash b04a3bccd23ddeb7982143707a63ccf9 4a5dc1389aad050a44ee5e81408238a317ab3413 764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b Loading...

	adserver.adreactor.com/js/libcode3.js	27 kB	2023-03-07	2023-04-29
Pretty URL adserver.adreactor.com/js/libcode3.js IP 46.166.179.121 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2023-04-29 04:38:32 Times Seen72 Hash 9f26987138f732e84bf289ba5021da07 f627a749c37eec59f7b0741b86481a340969566a 480aaf97a3fa70af01f32c73e23a2f538b541f3477f8c283829f190d5af0a768 Loading...

	jsc.adskeeper.com/d/f/dfiles.eu.1285379.js	2.7 kB	2023-03-13	2023-04-26
Pretty URL jsc.adskeeper.com/d/f/dfiles.eu.1285379.js IP 104.18.8.46 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:28:26 Last Seen2023-04-26 05:48:31 Times Seen52 Hash 9a2a5f5db695f5e0efdb270198c87937 4903f62672b26ce366be96b53cb374b55b36de6c b88bae5fb3d8ed11603a072399d05b9d61b30df3466165a74120d864fa058ca3 Loading...

	http:blank	619 B	2023-03-08	2023-06-21
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:01:55 Last Seen2023-06-21 02:10:09 Times Seen27 Hash 07f37608aebd8cf1d10b754eb2cbee83 cbb6c5a4f861f449174654ed7214a41aae4e4163 06ce7c16bd3877403fecce944e0c205ae71e697cc65c8c1945d2a19b01b21e9f Loading...

	static.depositfiles.com/js/function.js	35 kB	2023-03-07	2024-05-10
Pretty URL static.depositfiles.com/js/function.js IP 91.226.124.77 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2024-05-10 22:55:30 Times Seen1146 Hash a5779d2f560cd50376dbba372b0fd15b 07b08e35b9254288c1372e37577db8b9e4da01b4 51d26403861d61a7842bc73f518d4a4351a7027c40c9f0347f61421226950b84 Loading...

	dfiles.eu/files/h6xnapy8v/COD4MW-remaster.exe	148 B	2023-03-07	2024-05-10
Pretty URL dfiles.eu/files/h6xnapy8v/COD4MW-remaster.exe IP 91.226.124.78 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:56 Last Seen2024-05-10 22:55:29 Times Seen606 Hash 39f8fffd2249f3bb9deb92a533243df9 ee75ba64aea887c758cd24407d003bc9494237f3 62cdfe74dd5ba57340776bc53ee95b20c286efbc7c467ece9594d27e24b48dcd Loading...

	static.depositfiles.com/js/base2.js	399 kB	2023-03-07	2024-05-10
Pretty URL static.depositfiles.com/js/base2.js IP 91.226.124.77 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:54 Last Seen2024-05-10 22:55:30 Times Seen1115 Hash 2fcae8126c3fd9a626370a701f0bd887 f3496fb7bbe122a9774d7dcfcd68da03a24dc285 d29ab86f64b4fcfbc45b9ef806c147f1e42e37e37d44a559147232288063badc Loading...

	adsbb.dfiles.eu/upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752	325 B	2023-03-07	2023-04-02
Pretty URL adsbb.dfiles.eu/upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 IP 91.226.124.80 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2023-04-02 21:29:32 Times Seen56 Hash 814fea15f93270df9c1f407679255789 e401b58d6d7133b9e3b9f0116dbc35ef82008ba1 9719e5dd57e2693096fd5e1ed206d3e8fa784a18d01ca2f7e9e30c49dde5ac78 Loading...

	adserver.adreactor.com/servlet/view/banner/javascript/ajax/crossdomain/zone?zid=9&pid=8620&uuid=545a49b97cf5dcb9e5a7a0a29fb97c75&tagid=avp_1560248483863&viewable=true&txid=56339106&sver=1&pvid=84746919&resolution=728x91&random=19123239&millis=1679580079168&referrer=https%3A%2F%2Fadsbb.dfiles.eu%2Fupload%2F1906%2Fad2708292742b09a.htm%3Fcanp%3Dadv_73b411c406ca38ecadcf742fe6ade752	1.7 kB	2023-03-29	2023-03-29
Pretty URL adserver.adreactor.com/servlet/view/banner/javascript/ajax/crossdomain/zone?zid=9&pid=8620&uuid=545a49b97cf5dcb9e5a7a0a29fb97c75&tagid=avp_1560248483863&viewable=true&txid=56339106&sver=1&pvid=84746919&resolution=728x91&random=19123239&millis=1679580079168&referrer=https%3A%2F%2Fadsbb.dfiles.eu%2Fupload%2F1906%2Fad2708292742b09a.htm%3Fcanp%3Dadv_73b411c406ca38ecadcf742fe6ade752 IP 46.166.179.121 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:00:36 Last Seen2023-03-29 21:00:36 Times Seen1 Hash 29fe56bf328590afeb7428bcac5646c3 8a471de98c95aff2894843eaa424d16d081db29d 6c39cbb13e1f00e2851b37e586c4da6732a869f111e0f66ca9e853926e004238 Loading...

	static.depositfiles.com/js/download_utils.js	13 kB	2023-03-07	2024-05-09
Pretty URL static.depositfiles.com/js/download_utils.js IP 91.226.124.77 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2024-05-09 04:57:56 Times Seen769 Hash 90a706006bc709cdc974ff3e0e01b34f 89585d2c7cac44c9c03c118bbb38aefba1d8a1e4 16f1515b9938fc7de086c504fe214484d97e237647a5d7fa2cb742a93f00c1ea Loading...

	static.depositfiles.com/js/jquery.validate.js	38 kB	2023-03-07	2024-05-10
Pretty URL static.depositfiles.com/js/jquery.validate.js IP 91.226.124.77 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:56 Last Seen2024-05-10 22:55:30 Times Seen611 Hash d5231b6378847ebdb55f64c77d5a234f eed97aa0b2aa9486b6f6831ed8a85dc729ad6b9c 95434a8a2568a6481a1fbcf5808a75dd58e77348ed6d70b4f7aeda8842e8f0c7 Loading...

	dfiles.eu/files/h6xnapy8v/COD4MW-remaster.exe	475 B	2023-03-07	2024-05-10
Pretty URL dfiles.eu/files/h6xnapy8v/COD4MW-remaster.exe IP 91.226.124.78 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2024-05-10 22:55:29 Times Seen606 Hash 7d5b8ae86ab79df757399336af6dc4e6 d80237486fe292a185a576578308234114e302ce bf66c6e0c4ea53d83f6c17058e513aee1ff1c1fd319fe8fca1970ccc2151fed7 Loading...

	adsbb.dfiles.eu/upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752	256 B	2023-03-07	2023-04-05
Pretty URL adsbb.dfiles.eu/upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 IP 91.226.124.80 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2023-04-05 02:06:56 Times Seen70 Hash 20704ad7b70a34f815751819ac6ce613 a76a8f02e7fdb6df76de6a7aaa1d34ca3f2ab233 500bac24554cc71a37c7f52274010fc3800d230267fb1e86e92bb076de030fe1 Loading...

	dfiles.eu/files/h6xnapy8v/COD4MW-remaster.exe	124 B	2023-03-07	2024-05-09
Pretty URL dfiles.eu/files/h6xnapy8v/COD4MW-remaster.exe IP 91.226.124.78 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2024-05-09 04:57:55 Times Seen415 Hash ea56b045449a9a9b583e07a300254601 10f3457ead5193b389e2c5388688f1cfaedece73 292d2666bd7d7b11b87d541c20534f8d3c4ce40ec3bccc57c96d652ec30dcaf9 Loading...

	adsbb.dfiles.eu/upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752	141 B	2023-03-07	2023-04-05
Pretty URL adsbb.dfiles.eu/upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 IP 91.226.124.80 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2023-04-05 02:06:56 Times Seen70 Hash ea7bafbce03b9546cee60ff6d393128e 04b1df0124ee6c42e1b441b2d3785168914e7234 fa6fbe9fd0662566750d4f12643e9c61a2cc5f8bf438c3d3f4f2cb373a1b72e2 Loading...

	jsc.adskeeper.com/d/f/dfiles.eu.1285379.es6.js	253 kB	2023-03-29	2023-03-29
Pretty URL jsc.adskeeper.com/d/f/dfiles.eu.1285379.es6.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:00:36 Last Seen2023-03-29 22:42:50 Times Seen3 Hash e4689503da9a7fa7b53630d41bb13c1b 657dd5952abbb97bd9248addf45c71c7ffb7fbb4 6c2a75540f9519b84a9c4b6a4224afb7bd3143039a47ec72c3b7652891a2ce5e Loading...

	static.depositfiles.com/js/gold_offer.js	9.9 kB	2023-03-07	2024-05-09
Pretty URL static.depositfiles.com/js/gold_offer.js IP 91.226.124.77 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2024-05-09 04:57:56 Times Seen751 Hash 041bdbbe3ac15bc57b14933e164b55f8 790f921426d0b602424fb3077ca900af94b5ad9e a86d8d81e5c254822628c578c40d2d62956ab3060632d1884b5080093365b97b Loading...

	www.google.com/recaptcha/api.js	850 B	2023-03-26	2023-03-29
Pretty URL www.google.com/recaptcha/api.js IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 07:49:14 Last Seen2023-03-29 21:37:14 Times Seen679 Hash dc06c3119dddfbf05587300ac8ed33b1 4b1f693198d49ff46bc137de1dde821a6d0e2c96 8d8172236c099b083eb385a86781096526ef00b93215bd3a8a223725978cd04e Loading...

	dfiles.eu/files/h6xnapy8v/COD4MW-remaster.exe	141 B	2023-03-07	2024-05-09
Pretty URL dfiles.eu/files/h6xnapy8v/COD4MW-remaster.exe IP 91.226.124.78 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2024-05-09 04:57:55 Times Seen415 Hash bba9a3136929bdf22ef7c58444cd035d d8ab7384a7eae0f0cb07f544c4da92fd28a88606 76b819fa6287efa9f226f132c5779e0399810c17f08ce9fa15ddf7e8be521deb Loading...

		Size	First Seen	Last Seen
	#1 Eval - 45ce5d15da1dc1603f56d0399b3399c6	30 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 45ce5d15da1dc1603f56d0399b3399c6 285d4d78fc31669c66f2e463ebe81cc020356b3b 7ceacb36606d6f6599d3ed5454c31152cb4417fb3c02ebb66431c4227a653726 Loading...

	#2 Eval - 4df9c33be035899035ba28356b2bc2c0	22 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 4df9c33be035899035ba28356b2bc2c0 e438d9658895c6c7a57a5eda1bb97d3715360ccf c624a79f9c72c617d0ed1ad3207a67a39f6243071e14c4ebeace5dcff97313a3 Loading...

	#3 Eval - da9b396eb92f6b099e8d0e01044e253d	19 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1124 Hash da9b396eb92f6b099e8d0e01044e253d 929359434c1f79501f2dd778c5a9a6af9034476b 631bd9a13534679ce526b007d4fc8352793377d89bcc321392b01ecf075c4101 Loading...

	#4 Eval - 2482ae11ae454d029468df48b6c52d4e	113 B	2023-03-29	2023-03-29
Pretty Observations First Seen2023-03-29 21:00:36 Last Seen2023-03-29 21:00:36 Times Seen1 Hash 2482ae11ae454d029468df48b6c52d4e 7ed2b71cf841a6527498291f9b1003e3ea33cd7b 4aa9424f9829123cfee0cd4035652cf9c0702a05a804bcc94aaecbeeda7d2d68 Loading...

	#5 Eval - c046c71777b1d9ff147a8d04d76771e5	32 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1124 Hash c046c71777b1d9ff147a8d04d76771e5 c3c7716eab0ed9ea66365a6f9f7bac166dfaca94 a535a9a97ed5a801419c63a6e764dd3b24c8456f177155717caf9ba3411ef756 Loading...

	#6 Eval - 77c872a879b679ddb8628ee5ac827690	26 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 77c872a879b679ddb8628ee5ac827690 895799a91a5f4cac4be6c5b5de261dccc02cf157 59d45abada49f5b514521b527330402a2d826ae3f0dab2199c58c38f1e511777 Loading...

	#7 Eval - deadc7431ca60c864078c7b1b57b0382	45 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash deadc7431ca60c864078c7b1b57b0382 088b94c9b490d0454434bfafb684c6ef4c3c3d1d d7fff9897aaa9675a3652e7cac1a8c2a3427b896b5cc0ab5ffd628f9bb106e34 Loading...

	#8 Eval - 4e70865b8eb7f390c3e82cb023ec718e	39 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 4e70865b8eb7f390c3e82cb023ec718e 2242a0ee3b512687bd55789854529cb4f2106e20 04f881dff1163e4e36943700ddbcf25667dfe7e0b154d21e181a771955264d60 Loading...

	#9 Eval - 282b4cc68a675357c3ca24fe28d8ab04	19 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 282b4cc68a675357c3ca24fe28d8ab04 c8b868fb5effed4b8596709293518ce4caf64131 67909fba812519f6eced963d195970a41923b591290d48f96704719fc6b74ec5 Loading...

	#10 Eval - 1877f709235efe3edcf15b14afba4ca2	35 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 1877f709235efe3edcf15b14afba4ca2 b2b3bc3c703e869ae5f190981b0354bbd8abbbf6 41aae560d6dd4b675e6e45d30c1572db537659e580ac434c4b89b76e4f3dc5ac Loading...

	#11 Eval - 308ce9eddcf87856319c6e887a328f7a	28 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 308ce9eddcf87856319c6e887a328f7a e0741915340fd264162316bc3bd1749265d0ec9b 4f6a557989f79654728dcb244539b604c5329db30b964d6e8c524c72517b9fa6 Loading...

	#12 Eval - 3dd772ed2472872392d0a81700b9ccca	28 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 3dd772ed2472872392d0a81700b9ccca b070cf82068fd167e47ef731788cb29ef6f85516 fca3cd5a7ca3a44b75f81e0c169fe599fb48741835c83b5616e304b3f722522b Loading...

	#13 Eval - 4e96dc12176baffec5f6c2b824b8b037	21 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1124 Hash 4e96dc12176baffec5f6c2b824b8b037 cbffdfa5e083b9ff6d40f059aed02ad96cdcd77d 37ceb2a749341c51c7b8c25daaa71dc167b4aba7485c9b398b8ab004b685e492 Loading...

	#14 Eval - a6275f57c6e975cf6995c1d66d81d59d	108 kB	2023-03-26	2023-03-29
Pretty Observations First Seen2023-03-26 13:35:21 Last Seen2023-03-29 23:21:49 Times Seen55 Hash a6275f57c6e975cf6995c1d66d81d59d 0a52a07a380486eddd078e0b4667ac5047e841a3 5d7092c1753c2a9e33e76eaf95c3d6103c2a5ef9986e5dd6f8acf8a05a5e39a6 Loading...

	#15 Eval - cb78ba36cac064165e41253b248d1e96	36 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash cb78ba36cac064165e41253b248d1e96 1d1f956853fd2f2d7d4e291b5d615537bb96713f 2d498779a32244d72a8a7d953918ce95c00fab9d3b129b2a1c3125fb263ccb45 Loading...

	#16 Eval - adcadd21e1cc9b9d64a652b7179b929a	45 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash adcadd21e1cc9b9d64a652b7179b929a d4433f6c1d1b07f13e8380cfd95c542b9c2535df e44d38f746ee1fa3b3ef03ed6ea3f298c25e173b6daea3c4505afce8bb869508 Loading...

	#17 Eval - cef0b78101ef9c4812fae1e6cafda473	21 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1123 Hash cef0b78101ef9c4812fae1e6cafda473 f8fb9a7ff103d095cd4f5a80f5b6f0e2cfce4356 5f7d79033f82e1d81e2e6490b1fe43f241e2889aae35ea6d5f968ca697f5a577 Loading...

	#18 Eval - 76c4793055e5506049c3d1a3ca7c9961	39 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 76c4793055e5506049c3d1a3ca7c9961 20339a96f3b80e1543d7834aa40915986a6ecb28 aaa8c0ab87c7070701d0a29a610c65a4c1d29153c2d14623602acef3eea646dd Loading...

	#19 Eval - b9c95d7df82ab576585babc9b933f844	36 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash b9c95d7df82ab576585babc9b933f844 3855cdde37780e1b763b995bfb977036917f803a a612f8985aebacd5c5fa6b17d16982a29983ae9131bae94403ff9abe1ce2ded2 Loading...

	#20 Eval - 3f22c207dbad59397f7a3414ecfa6587	43 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 3f22c207dbad59397f7a3414ecfa6587 8509ea5b1d728f5be0f7eae7548d3593f98c5402 0220aceb9c3413632235ce2598b94dd7a130a95558114c04ad41f9386b69777b Loading...

	#21 Eval - 0e5f4da7554e493ccd00e092e4fd85ff	31 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 0e5f4da7554e493ccd00e092e4fd85ff 78f043bc3bb59baf65185e29f3fa75b5f22d024d fb71685befff6e5c6fb9e2dd5f9bea6c71a2a162b39920f3927ef5ebfcf0134d Loading...

	#22 Eval - aa4b04f82e6a9ea00c22ad12c62ae537	31 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash aa4b04f82e6a9ea00c22ad12c62ae537 43b5422f1f6b61b34e126bdf039b8cbc6f0d697c 0408d20a8555f96ab5cced9f89880c477f78d4ade576e5618b04094f034fb081 Loading...

	#23 Eval - 6417cc1e9a41402a403a38f10e401182	41 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1124 Hash 6417cc1e9a41402a403a38f10e401182 c0ef1ed95155ccd56c01207ad2e42b9e2edbbd8e 25fde17ee6ee622be6ebf83118c8802af55f2721a375a4017d6dec6edaf3b37b Loading...

	#24 Eval - bcfc797a1fd15c07566cb8930dde093f	41 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash bcfc797a1fd15c07566cb8930dde093f 564385b812a1c00532b2f7e6c66ddd6f8d0d4200 e9d851c02746b7bd4d9207264c143f76480b69aa3552b1cdaa79ee537d83f5ac Loading...

	#25 Eval - 6ae367f7d7c3f08e67a16f4ad82e7dca	42 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 6ae367f7d7c3f08e67a16f4ad82e7dca 81424a630ea828a1b783bedccbe3614e2702c299 2fc752a40595d1d6681e6be3ebd8f44cdda99876ff9ee19fe654647a6a11415e Loading...

	#26 Eval - 97976045385267c941449d1ba56a276e	33 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 97976045385267c941449d1ba56a276e 3ffc8cc59740faafcf3b0f0efb3f12f6b689dc90 92cc9c48ca7d897742a37b1578ba7c99e9d9c405fced233bb9a3270ef84fddfc Loading...

	#27 Eval - 1fedf6baa87d9b256a83e8e3e1b65056	35 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 1fedf6baa87d9b256a83e8e3e1b65056 0263fde258ce38794a920a672a854204bd618bcc 7013ec5264e02f54f3b42e05b51fd1ad0f180fa3870b71acd2f1a384cc81d601 Loading...

	#28 Eval - 88d55cacec67fdda96068949334b0499	25 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 88d55cacec67fdda96068949334b0499 78575799753ceb53d79fd7ce691b691adfbcddcd cfd8889f26f46323b63c7766e414faf4a4171cc959c4c2b2e6a64c0ec3edf13f Loading...

	#29 Eval - e116d02f42e23573c47a3e5d2a93e2e7	46 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1124 Hash e116d02f42e23573c47a3e5d2a93e2e7 34a847abb13bc8a6607d118069415661c48ffafc e218a1ac15f252350ef2646dead414bf35db450215962e63da301cb7c3f064eb Loading...

	#30 Eval - c4c99d99e150fd4661e8259b8f0baac8	35 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1124 Hash c4c99d99e150fd4661e8259b8f0baac8 77772ffc0d98ada5f46c88c69fd7ba7cc1c3a96d 022ae916a59e1d7cb709a35e757c60e6626bfccd2c1e87c5ad6b432f0f1b1538 Loading...

		Size	First Seen	Last Seen
	#1 Write - 9fd47d2ef12e4edcc3ecd8b2bc420555	94 B	2023-03-29	2023-03-29
Pretty Observations First Seen2023-03-29 21:00:36 Last Seen2023-03-29 21:00:36 Times Seen1 Hash 9fd47d2ef12e4edcc3ecd8b2bc420555 69eac105e11053b5d78f6097560b45c117d9d7d9 23d875011c99113be9f9e929cf2e718dfc07b13c3136bbcbfe0e209cd0ab3a61 Loading...

	#2 Write - 3bc42f03b3f1761ea9f95a335ab2bbba	77 B	2023-03-07	2024-05-10
Pretty Observations First Seen2023-03-07 01:26:57 Last Seen2024-05-10 22:55:30 Times Seen592 Hash 3bc42f03b3f1761ea9f95a335ab2bbba 4ab15b6c153a542425f02baadcc1ed4867078b8d 1f8c7edef8c37d8821755ee623f481f29d6584195b327d15ac5abe6d243d8ec0 Loading...

	#3 Write - 7e25e9e9e8e1191f70c34b6a40c78d05	970 B	2023-03-29	2023-03-29
Pretty Observations First Seen2023-03-29 21:00:36 Last Seen2023-03-29 21:00:36 Times Seen1 Hash 7e25e9e9e8e1191f70c34b6a40c78d05 417a42dce1d0ab381e34a66ad878ee8d51f56253 295e1c0480b0faaa027ad161f813bf5160276fd7c668b35c5e3c5ffab66f3f64 Loading...

HTTP Transactions (116)

URL IP Response Size

dfiles.eu/files/h6xnapy8v/COD4MW-remaster.exe

91.226.124.78

302 Moved Temporarily

138 B

URL HTTP/1.1
dfiles.eu/files/h6xnapy8v/COD4MW-remaster.exe
IP
91.226.124.78:0
ASN
#35415 Webzilla B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
138 B (138 bytes)
Hash
aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0

HTTP Headers

GET /files/h6xnapy8v/COD4MW-remaster.exe HTTP/1.1
Host: dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 23 Mar 2023 14:01:09 GMT
Content-Type: text/html
Content-Length: 138
Connection: close
Location: https://dfiles.eu/files/h6xnapy8v/COD4MW-remaster.exe

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
65fc860bc043f3fb83bdc3debdcd322d
418010755deae099ef1284e402813c5837a10f42
d93d50c523c7f735987aba09db628259441eb75efe713a2df3c214e1fb8b5171

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D93D50C523C7F735987ABA09DB628259441EB75EFE713A2DF3C214E1FB8B5171"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5223
Expires: Thu, 23 Mar 2023 15:28:12 GMT
Date: Thu, 23 Mar 2023 14:01:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6179
Expires: Thu, 23 Mar 2023 15:44:08 GMT
Date: Thu, 23 Mar 2023 14:01:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
51a5d4696a6090c295850554508b51ce
c44e143c2223546e64b19f543b8101aaf3b11e97
8794223d5e8d4d276c35e2fdcc24bf99694240634dd749cd9b5bf874dec055cf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8794223D5E8D4D276C35E2FDCC24BF99694240634DD749CD9B5BF874DEC055CF"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10626
Expires: Thu, 23 Mar 2023 16:58:15 GMT
Date: Thu, 23 Mar 2023 14:01:09 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Mar 2023 13:15:05 GMT
content-type: application/json
age: 2764
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: LHznYlmv30TsKX+hJYNen/vTJeyfUUIZir3KgjfEDnIJbfhZ/Q1vy3J0Neniq1Te5Eo5b12hO2Y=
x-amz-request-id: 2JGST6H0DWQ7FFSK
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Mar 2023 13:54:04 GMT
age: 425
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d33d45343cc86263f1af04d3ac723ed
274c881828f6a146cc675a5999b4bf9a3511b4a9
35711846cc9738cb4dee2357ca88cc8ea3199037e981ae388d1531216f9fc3f6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35711846CC9738CB4DEE2357CA88CC8EA3199037E981AE388D1531216F9FC3F6"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5037
Expires: Thu, 23 Mar 2023 15:25:06 GMT
Date: Thu, 23 Mar 2023 14:01:09 GMT
Connection: keep-alive

dfiles.eu/files/h6xnapy8v/COD4MW-remaster.exe

91.226.124.80

200 OK

6.3 kB

URL HTTP/1.1
dfiles.eu/files/h6xnapy8v/COD4MW-remaster.exe
IP
91.226.124.80:0
ASN
#35415 Webzilla B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (746), with CRLF, CR, LF line terminators
Size
6.3 kB (6282 bytes)
Hash
304079f951008554af7af58882236c7d
54180f74b051c9c4ddb59da4afdab2f8f43e8417
124b95a24103a03ce06c5864c318c82b3362cca2527ea1b8db38c9b939d2fc1a

HTTP Headers

GET /files/h6xnapy8v/COD4MW-remaster.exe HTTP/1.1
Host: dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 14:01:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: uprand=338016fa2efa8025a4573f92ddc020a8; path=/; domain=.dfiles.eu
last_file=h6xnapy8v; path=/; domain=.dfiles.eu
lang_current=en; expires=Fri, 22-Mar-2024 14:01:09 GMT; Max-Age=31536000; path=/; domain=.dfiles.eu; secure
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 14:01:09 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
23c054d3aee551b6fdc42a5a472a7040
b1a46c12ac7d65c979fd1998bdb243f3dba8f956
9e8b91ab91da9ea20dfb5f90c1c06239d2872b0eb80785534d0c59c3b51de404

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 14:01:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
78815ec28cdd11dab4f66f2eaab35658
c6fd7f2a657d87c6e7641be6fc69913c427cd26a
f99b9d279c7ddfe7916dde9c7390be1f225e330ffa662bd7ae603ceed76e44c3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 14:01:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
435b3556ae37169146d5b17cc8daa61f
045b105a71bb10b1415ca45a887e95fda83548fc
8e2adddda597d358f61ae1bc6200e6b4c2f9137f18097f5e69de22ca2ef3858c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E2ADDDDA597D358F61AE1BC6200E6B4C2F9137F18097F5E69DE22CA2EF3858C"
Last-Modified: Wed, 22 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20006
Expires: Thu, 23 Mar 2023 19:34:35 GMT
Date: Thu, 23 Mar 2023 14:01:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9a8c4c04730200933fa84f6f90f12f29
c66b839385fd66c2ff47d87049c887c03347bac4
59cf22bcacd147988e6c2002472e84f12c6052ae5e26438c4247616ee1970d4d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59CF22BCACD147988E6C2002472E84F12C6052AE5E26438C4247616EE1970D4D"
Last-Modified: Tue, 21 Mar 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1488
Expires: Thu, 23 Mar 2023 14:25:57 GMT
Date: Thu, 23 Mar 2023 14:01:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9a8c4c04730200933fa84f6f90f12f29
c66b839385fd66c2ff47d87049c887c03347bac4
59cf22bcacd147988e6c2002472e84f12c6052ae5e26438c4247616ee1970d4d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59CF22BCACD147988E6C2002472E84F12C6052AE5E26438C4247616EE1970D4D"
Last-Modified: Tue, 21 Mar 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1488
Expires: Thu, 23 Mar 2023 14:25:57 GMT
Date: Thu, 23 Mar 2023 14:01:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9a8c4c04730200933fa84f6f90f12f29
c66b839385fd66c2ff47d87049c887c03347bac4
59cf22bcacd147988e6c2002472e84f12c6052ae5e26438c4247616ee1970d4d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59CF22BCACD147988E6C2002472E84F12C6052AE5E26438C4247616EE1970D4D"
Last-Modified: Tue, 21 Mar 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1488
Expires: Thu, 23 Mar 2023 14:25:57 GMT
Date: Thu, 23 Mar 2023 14:01:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9a8c4c04730200933fa84f6f90f12f29
c66b839385fd66c2ff47d87049c887c03347bac4
59cf22bcacd147988e6c2002472e84f12c6052ae5e26438c4247616ee1970d4d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59CF22BCACD147988E6C2002472E84F12C6052AE5E26438C4247616EE1970D4D"
Last-Modified: Tue, 21 Mar 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1488
Expires: Thu, 23 Mar 2023 14:25:57 GMT
Date: Thu, 23 Mar 2023 14:01:09 GMT
Connection: keep-alive

www.google.com/recaptcha/api.js

216.58.207.228

200 OK

554 B

URL HTTP/2
www.google.com/recaptcha/api.js
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (850), with no line terminators
Size
554 B (554 bytes)
Hash
7a61332e081c1df94aee6da79ccab5cf
9a1b52aef388542cfa62d685399669420b8998ee
3edecdbe2c8dbe6ff85c45d382f9f608ed30a6618fa62b18282e03d866dc6dd7

HTTP Headers

GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Thu, 23 Mar 2023 14:01:09 GMT
date: Thu, 23 Mar 2023 14:01:09 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 554
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.depositfiles.com/js/gold_offer.js

91.226.124.77

200 OK

9.9 kB

URL HTTP/1.1
static.depositfiles.com/js/gold_offer.js
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
HTML document text\012- HTML document, ASCII text
Size
9.9 kB (9887 bytes)
Hash
041bdbbe3ac15bc57b14933e164b55f8
790f921426d0b602424fb3077ca900af94b5ad9e
a86d8d81e5c254822628c578c40d2d62956ab3060632d1884b5080093365b97b

HTTP Headers

GET /js/gold_offer.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 14:01:09 GMT
Content-Type: application/javascript
Content-Length: 9887
Last-Modified: Thu, 28 Apr 2022 10:40:27 GMT
Connection: keep-alive
ETag: "626a6f1b-269f"
Expires: Thu, 23 Mar 2023 14:06:09 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes

static.depositfiles.com/js/download_utils.js

91.226.124.77

200 OK

13 kB

URL HTTP/1.1
static.depositfiles.com/js/download_utils.js
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
ASCII text, with very long lines (2250)
Size
13 kB (13383 bytes)
Hash
90a706006bc709cdc974ff3e0e01b34f
89585d2c7cac44c9c03c118bbb38aefba1d8a1e4
16f1515b9938fc7de086c504fe214484d97e237647a5d7fa2cb742a93f00c1ea

HTTP Headers

GET /js/download_utils.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 14:01:09 GMT
Content-Type: application/javascript
Content-Length: 13383
Last-Modified: Thu, 28 Apr 2022 10:40:27 GMT
Connection: keep-alive
ETag: "626a6f1b-3447"
Expires: Thu, 23 Mar 2023 14:06:09 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes

www.googletagmanager.com/gtag/js?id=G-BL9163LYG1

142.250.74.72

200 OK

84 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-BL9163LYG1
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (30589)
Size
84 kB (83800 bytes)
Hash
a2771367c322c25f52dfd0b3cfffb420
dd16b77158fa18f3e07c14af142442c1c932d3d7
e5fc5ce6e64a2e2bd1076f5d5e2724a36d453b80e3dcec628773c6f98a1b5ed6

HTTP Headers

GET /gtag/js?id=G-BL9163LYG1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 23 Mar 2023 14:01:09 GMT
expires: Thu, 23 Mar 2023 14:01:09 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 83800
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.depositfiles.com/js/function.js

91.226.124.77

200 OK

35 kB

URL HTTP/1.1
static.depositfiles.com/js/function.js
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
ASCII text, with very long lines (4240)
Size
35 kB (34915 bytes)
Hash
a5779d2f560cd50376dbba372b0fd15b
07b08e35b9254288c1372e37577db8b9e4da01b4
51d26403861d61a7842bc73f518d4a4351a7027c40c9f0347f61421226950b84

HTTP Headers

GET /js/function.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 14:01:09 GMT
Content-Type: application/javascript
Content-Length: 34915
Last-Modified: Thu, 28 Apr 2022 10:40:27 GMT
Connection: keep-alive
ETag: "626a6f1b-8863"
Expires: Thu, 23 Mar 2023 14:06:09 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes

static.depositfiles.com/js/jquery.validate.js

91.226.124.77

200 OK

38 kB

URL HTTP/1.1
static.depositfiles.com/js/jquery.validate.js
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
Unicode text, UTF-8 text, with very long lines (1238)
Size
38 kB (38269 bytes)
Hash
d5231b6378847ebdb55f64c77d5a234f
eed97aa0b2aa9486b6f6831ed8a85dc729ad6b9c
95434a8a2568a6481a1fbcf5808a75dd58e77348ed6d70b4f7aeda8842e8f0c7

HTTP Headers

GET /js/jquery.validate.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 14:01:09 GMT
Content-Type: application/javascript
Content-Length: 38269
Last-Modified: Thu, 28 Apr 2022 10:40:27 GMT
Connection: keep-alive
ETag: "626a6f1b-957d"
Expires: Thu, 23 Mar 2023 14:06:09 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9f0607231b4674d2bfb5a6798b0b4093
6c14f5c952e413365703144951b09b7126ff8e2d
869816689cb9507d294d69f953e8ea33452a177d405816ad86f729b123ceaa98

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 14:01:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

static.depositfiles.com/js/base2.js

91.226.124.77

200 OK

399 kB

URL HTTP/1.1
static.depositfiles.com/js/base2.js
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
Unicode text, UTF-8 text, with very long lines (65481)
Size
399 kB (398927 bytes)
Hash
2fcae8126c3fd9a626370a701f0bd887
f3496fb7bbe122a9774d7dcfcd68da03a24dc285
d29ab86f64b4fcfbc45b9ef806c147f1e42e37e37d44a559147232288063badc

HTTP Headers

GET /js/base2.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 14:01:09 GMT
Content-Type: application/javascript
Content-Length: 398927
Last-Modified: Thu, 28 Apr 2022 10:40:27 GMT
Connection: keep-alive
ETag: "626a6f1b-6164f"
Expires: Thu, 23 Mar 2023 14:06:09 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
23c054d3aee551b6fdc42a5a472a7040
b1a46c12ac7d65c979fd1998bdb243f3dba8f956
9e8b91ab91da9ea20dfb5f90c1c06239d2872b0eb80785534d0c59c3b51de404

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 14:01:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Mar 2023 13:17:23 GMT
age: 2626
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bf586cca50330623e1f2d9463ea261b7
b3222f48ed731ab0d5313cb83b907ea43d3f45ad
c2adbc6a670407b418484e5f6dd585a7fb6442dfd333b4f7864eeb54f1cdec82

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2ADBC6A670407B418484E5F6DD585A7FB6442DFD333B4F7864EEB54F1CDEC82"
Last-Modified: Thu, 23 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1645
Expires: Thu, 23 Mar 2023 14:28:35 GMT
Date: Thu, 23 Mar 2023 14:01:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
050ca4dc2182e0a27573b0d9f32b7834
bec14dc5af0d0b32210470673511acd8db404308
b6129b9d1848f75265dca4446c5399927bdaf15c7b49c083765847b0fe276eaf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B6129B9D1848F75265DCA4446C5399927BDAF15C7B49C083765847B0FE276EAF"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13430
Expires: Thu, 23 Mar 2023 17:45:00 GMT
Date: Thu, 23 Mar 2023 14:01:10 GMT
Connection: keep-alive

pl16105218.highrevenuegate.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js

173.233.137.36

200 OK

13 kB

URL HTTP/1.1
pl16105218.highrevenuegate.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (37152), with no line terminators
Size
13 kB (13436 bytes)
Hash
015242b362e964bbfc08c06acf004cf7
415364276e86b4da1d365551c022718581163e70
869bcd8c63ed1e93669f9465e67351ec697f542c2b18807b7e998bd8de764750

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js HTTP/1.1
Host: pl16105218.highrevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 23 Mar 2023 14:01:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 85fbe6e5c2c8ebbd863a9f7fce3be4a3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

static.depositfiles.com/images/speed_small_gold.gif

91.226.124.77

200 OK

14 kB

URL HTTP/1.1
static.depositfiles.com/images/speed_small_gold.gif
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
GIF image data, version 89a, 200 x 200\012- data
Size
14 kB (14492 bytes)
Hash
c5f8f0e9ecd16637e267912376c24bed
324567a641d318ecfafe6374dfba86ccb2f90dd7
13678b229b6c4224bcb9578a2f29bc3686958f4bea73af7645eb39af4246e6a9

HTTP Headers

GET /images/speed_small_gold.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 14:01:10 GMT
Content-Type: image/gif
Content-Length: 14492
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-389c"
Expires: Tue, 28 Mar 2023 14:01:10 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

static.depositfiles.com/images/yes.png

91.226.124.77

200 OK

3.3 kB

URL HTTP/1.1
static.depositfiles.com/images/yes.png
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
3.3 kB (3275 bytes)
Hash
3055b8489aeb385fb40b27f0bf0a5ae7
4cfbe45a0ba393ab8ad535cc04af30debef0a1ab
b325d6cb153b02050e59230e2abfb01e05f4bda708ad54bd8f6d9693fa9c2dac

HTTP Headers

GET /images/yes.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 14:01:10 GMT
Content-Type: image/png
Content-Length: 3275
Last-Modified: Thu, 28 Apr 2022 10:40:27 GMT
Connection: keep-alive
ETag: "626a6f1b-ccb"
Accept-Ranges: bytes

static.depositfiles.com/images/no.png

91.226.124.77

200 OK

3.1 kB

URL HTTP/1.1
static.depositfiles.com/images/no.png
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
3.1 kB (3146 bytes)
Hash
1724ae7b4437c460dafe40dfe9f96d41
8dc80d5b802f180254a8ee1bf1edf0b843205f1e
9b95b8f24b2b0808d611f4fd9bf5f3c548b352ae6100ab7b298b99a86905db79

HTTP Headers

GET /images/no.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 14:01:10 GMT
Content-Type: image/png
Content-Length: 3146
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-c4a"
Accept-Ranges: bytes

static.depositfiles.com/images/speed_small.gif

91.226.124.77

200 OK

24 kB

URL HTTP/1.1
static.depositfiles.com/images/speed_small.gif
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
GIF image data, version 89a, 200 x 200\012- data
Size
24 kB (23980 bytes)
Hash
5cbc96bbb7230dd17ed38b5dd6e3271c
6ee1f0b9e29ac3e824cccd6e5135d51c8d3aaea1
01edcbb65e514def555b1e999d3a72f118f67e572f628293b91893b3758c6991

HTTP Headers

GET /images/speed_small.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 14:01:10 GMT
Content-Type: image/gif
Content-Length: 23980
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-5dac"
Expires: Tue, 28 Mar 2023 14:01:10 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

static.depositfiles.com/images/logo.png

91.226.124.77

200 OK

3.6 kB

URL HTTP/1.1
static.depositfiles.com/images/logo.png
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
PNG image data, 176 x 43, 8-bit/color RGBA, non-interlaced\012- data
Size
3.6 kB (3623 bytes)
Hash
c41fdd84b04e45a91cb17cfdeccb1b38
fec7fffe104c7e169aeb159032078c4b71ff2cdc
7f89eb8ab03684f4db282ca30eb231b1e254bca10c7b511950df5e0eab0a68a0

HTTP Headers

GET /images/logo.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 14:01:10 GMT
Content-Type: image/png
Content-Length: 3623
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-e27"
Accept-Ranges: bytes

static.depositfiles.com/images/sprite.png

91.226.124.77

200 OK

37 kB

URL HTTP/1.1
static.depositfiles.com/images/sprite.png
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
PNG image data, 102 x 630, 8-bit/color RGBA, non-interlaced\012- data
Size
37 kB (36802 bytes)
Hash
2333675d7e431d5313c6dbb5230a14cd
93c4032e5b8b85793a9cda7167804445d950dd96
b287134a60667ce8e2c3fa1603e3a8f2ffa59c64e746d026d1a13ef19f3f38a0

HTTP Headers

GET /images/sprite.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 14:01:10 GMT
Content-Type: image/png
Content-Length: 36802
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-8fc2"
Accept-Ranges: bytes

static.depositfiles.com/images/member_menu_bg.gif

91.226.124.77

200 OK

78 B

URL HTTP/1.1
static.depositfiles.com/images/member_menu_bg.gif
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
GIF image data, version 89a, 1 x 48\012- data
Size
78 B (78 bytes)
Hash
20a24b56dcedf6a71a71ebec771e1f7d
d7bed493d5d4eeaed5dbbf7d30d45107840790a0
6f57f29224d8e9e51ed0839e329055426fba7dcd97ef31e93ed495f93a6063df

HTTP Headers

GET /images/member_menu_bg.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 14:01:10 GMT
Content-Type: image/gif
Content-Length: 78
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-4e"
Expires: Tue, 28 Mar 2023 14:01:10 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

static.depositfiles.com/images/flags/lang24.png

91.226.124.77

200 OK

9.2 kB

URL HTTP/1.1
static.depositfiles.com/images/flags/lang24.png
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
PNG image data, 24 x 552, 8-bit/color RGBA, non-interlaced\012- data
Size
9.2 kB (9172 bytes)
Hash
efdcd1ca23d564ddd811f41152a2b83c
0b5aa064e7f8f241363c55fa17eb448f42a5f8df
ce23be242e34c5b420f8ba0390aef20fa50ffc69f700091029616eff524e8f9b

HTTP Headers

GET /images/flags/lang24.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 14:01:10 GMT
Content-Type: image/png
Content-Length: 9172
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-23d4"
Accept-Ranges: bytes

static.depositfiles.com/images/upload_btn_bg.gif

91.226.124.77

200 OK

9.0 kB

URL HTTP/1.1
static.depositfiles.com/images/upload_btn_bg.gif
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
GIF image data, version 89a, 209 x 75\012- data
Size
9.0 kB (9010 bytes)
Hash
6f312f0f4ff138758bae76420f6efd78
b40a28f162140fedff9ee5ce0d687868b1f73d17
c667d75c7f916bf8b140b0e1f7ab0c996f76d4642faed85bd9fef3c738f0912b

HTTP Headers

GET /images/upload_btn_bg.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 14:01:10 GMT
Content-Type: image/gif
Content-Length: 9010
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-2332"
Expires: Tue, 28 Mar 2023 14:01:10 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

static.depositfiles.com/images/sprite16.png

91.226.124.77

200 OK

28 kB

URL HTTP/1.1
static.depositfiles.com/images/sprite16.png
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
PNG image data, 32 x 1072, 8-bit/color RGBA, non-interlaced\012- data
Size
28 kB (28501 bytes)
Hash
2e86fe2d2c2650c5f4663f0fc135ebc1
ba86e14a9abcff0581eda84a307594ef1288b982
604187f8828381a47ae70249f55f21c78c53ab1401d20a5f2230a0d6c9ae50d1

HTTP Headers

GET /images/sprite16.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 14:01:10 GMT
Content-Type: image/png
Content-Length: 28501
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-6f55"
Accept-Ranges: bytes

static.depositfiles.com/images/sprite64.png

91.226.124.77

200 OK

29 kB

URL HTTP/1.1
static.depositfiles.com/images/sprite64.png
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
PNG image data, 64 x 1088, 8-bit/color RGBA, non-interlaced\012- data
Size
29 kB (28747 bytes)
Hash
e50649ecf6a2094c25da755ea0ea7bd1
e1c3e229a62f049442fa16cf43ec07f384b27362
a9ed59ab3bbcfdf66224664aeb14fa0f0e8f034d8472a58dadcf65cfff17685d

HTTP Headers

GET /images/sprite64.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 14:01:10 GMT
Content-Type: image/png
Content-Length: 28747
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-704b"
Accept-Ranges: bytes

push.services.mozilla.com/

52.42.182.211

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.42.182.211:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qM+DspJUf9LMH0OL99pMvQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JPaGkPAvUz2ocE11mSiiA+IbUgM=

js.wpadmngr.com/npc/sdk/wp-banners.js

45.133.44.25

200 OK

0 B

URL HTTP/2
js.wpadmngr.com/npc/sdk/wp-banners.js
IP
45.133.44.25:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 23 Mar 2023 14:01:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Thu, 23 Mar 2023 14:06:10 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

adsbb.dfiles.eu//ad.php?z=56&c=NO

91.226.124.80

303 See Other

0 B

URL HTTP/1.1
adsbb.dfiles.eu//ad.php?z=56&c=NO
IP
91.226.124.80:0
ASN
#35415 Webzilla B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET //ad.php?z=56&c=NO HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: uprand=338016fa2efa8025a4573f92ddc020a8; last_file=h6xnapy8v; lang_current=en; _ga_BL9163LYG1=GS1.1.1679580077.1.0.1679580077.0.0.0; _ga=GA1.1.2136197100.1679580078
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site

HTTP/1.1 303 See Other
Server: nginx
Date: Thu, 23 Mar 2023 14:01:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.30-0+deb8u1
Set-Cookie: _nf56=1; expires=Fri, 24-Mar-2023 14:01:10 GMT; Max-Age=86400
Location: /upload/2203/ad27602963634849.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752

adsbb.dfiles.eu//ad.php?z=58&c=NO&g=gateway

91.226.124.80

303 See Other

0 B

URL HTTP/1.1
adsbb.dfiles.eu//ad.php?z=58&c=NO&g=gateway
IP
91.226.124.80:0
ASN
#35415 Webzilla B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET //ad.php?z=58&c=NO&g=gateway HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: uprand=338016fa2efa8025a4573f92ddc020a8; last_file=h6xnapy8v; lang_current=en; _ga_BL9163LYG1=GS1.1.1679580077.1.0.1679580077.0.0.0; _ga=GA1.1.2136197100.1679580078
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site

HTTP/1.1 303 See Other
Server: nginx
Date: Thu, 23 Mar 2023 14:01:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.30-0+deb8u1
Set-Cookie: _nf58=1; expires=Fri, 24-Mar-2023 14:01:10 GMT; Max-Age=86400
Location: /upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752

ocsp.r2m01.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
408e5e3019d3a14451bc72de4059268f
43593f0f7c57f188d239efed89adc3e71a264008
e5d9d7dc91d8a926a40e5a5f42664ab5812224f3f6359b50f3db1551768ddeec

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=97185
Date: Thu, 23 Mar 2023 14:01:10 GMT
Etag: "641b2d57-1d7"
Expires: Fri, 24 Mar 2023 17:00:55 GMT
Last-Modified: Wed, 22 Mar 2023 16:31:19 GMT
Server: ECAcc (nya/79D9)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jCn0NZPZqU54538p-3K_t5JuUMMMz_HDFPMEaCadzJRyFF6mmaZd4w==
Age: 1776

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4ae679a0521b5d664ac928ecef5056e0
c4bdf344af95a7e973269c437935cf3acd133970
9ff4297e1d461f01410fb4a8369789d5e9280eff74771941ac79a7734d7f6371

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9FF4297E1D461F01410FB4A8369789D5E9280EFF74771941AC79A7734D7F6371"
Last-Modified: Tue, 21 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20321
Expires: Thu, 23 Mar 2023 19:39:51 GMT
Date: Thu, 23 Mar 2023 14:01:10 GMT
Connection: keep-alive

region1.google-analytics.com/g/collect?v=2&tid=G-BL9163LYG1&gtm=45je33k0&_p=827334996&cid=2136197100.1679580078&ul=en-us&sr=1280x1024&_s=1&sid=1679580077&sct=1&seg=0&dl=https%3A%2F%2Fdfiles.eu%2Ffiles%2Fh6xnapy8v%2FCOD4MW-remaster.exe&dt=DepositFiles&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-BL9163LYG1&gtm=45je33k0&_p=827334996&cid=2136197100.1679580078&ul=en-us&sr=1280x1024&_s=1&sid=1679580077&sct=1&seg=0&dl=https%3A%2F%2Fdfiles.eu%2Ffiles%2Fh6xnapy8v%2FCOD4MW-remaster.exe&dt=DepositFiles&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BL9163LYG1&gtm=45je33k0&_p=827334996&cid=2136197100.1679580078&ul=en-us&sr=1280x1024&_s=1&sid=1679580077&sct=1&seg=0&dl=https%3A%2F%2Fdfiles.eu%2Ffiles%2Fh6xnapy8v%2FCOD4MW-remaster.exe&dt=DepositFiles&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://dfiles.eu
date: Thu, 23 Mar 2023 14:01:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

3.123.95.62

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
3.123.95.62:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
0d3c0a9606bb577f1939ee4f9fb9b8bb
f781588dcd1b50ef1aa643442c0620e195cc3d9d
f2d418c740fcdabeb680f521f1e192af7e1ab3b7deecb9df336c82f448215fa4

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 23 Mar 2023 14:01:10 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dfiles.eu
access-control-allow-credentials: true
set-cookie: uid_id2=49003438-2210-4c43-8afe-08db9f21af74:1:1; expires=Sun, 20 Mar 2033 14:01:10 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a63cf85a8c2a25296dfd6cbbb65a8686
d9b3364b8396c299bfa976e87e8efa033554ef5c
5417a390a3b69a7852a1107173a4ca3653ae5499c01d11de9d56f842b5cd5e7a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5417A390A3B69A7852A1107173A4CA3653AE5499C01D11DE9D56F842B5CD5E7A"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19301
Expires: Thu, 23 Mar 2023 19:22:51 GMT
Date: Thu, 23 Mar 2023 14:01:10 GMT
Connection: keep-alive

adsbb.dfiles.eu/upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752

91.226.124.80

200 OK

887 B

URL HTTP/1.1
adsbb.dfiles.eu/upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
IP
91.226.124.80:0
ASN
#35415 Webzilla B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
887 B (887 bytes)
Hash
3c2b3cca1c94fa35b1ea30b349d991bf
2822ab5dbc00b6ec768042d534e59dda168fa6ec
6d926df3bb14423dca3391bd07925f19c7f51da5ae7e966016247c56966e9f67

HTTP Headers

GET /upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Connection: keep-alive
Cookie: uprand=338016fa2efa8025a4573f92ddc020a8; last_file=h6xnapy8v; lang_current=en; _ga_BL9163LYG1=GS1.1.1679580077.1.0.1679580077.0.0.0; _ga=GA1.1.2136197100.1679580078; _nf56=1; _nf58=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 14:01:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Last-Modified: Thu, 23 Mar 2023 14:00:01 GMT
Content-Encoding: gzip

adsbb.dfiles.eu/upload/2203/ad27602963634849.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752

91.226.124.80

200 OK

678 B

URL HTTP/1.1
adsbb.dfiles.eu/upload/2203/ad27602963634849.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
IP
91.226.124.80:0
ASN
#35415 Webzilla B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
678 B (678 bytes)
Hash
f19e25ab03fa802d8039e2099190125a
716f52b2cc18bd99a0a4f028cb8548298c4f2b9c
d4effc3c982902a4c0e71c5a51e8e64350c81eef37f9a0d13924aa2085506a1b

HTTP Headers

GET /upload/2203/ad27602963634849.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Connection: keep-alive
Cookie: uprand=338016fa2efa8025a4573f92ddc020a8; last_file=h6xnapy8v; lang_current=en; _ga_BL9163LYG1=GS1.1.1679580077.1.0.1679580077.0.0.0; _ga=GA1.1.2136197100.1679580078; _nf56=1; _nf58=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 14:01:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Last-Modified: Thu, 23 Mar 2023 14:00:01 GMT
Content-Encoding: gzip

na.nawpush.com/tags/46445?version_name=a

45.133.44.24

200 OK

507 B

URL HTTP/2
na.nawpush.com/tags/46445?version_name=a
IP
45.133.44.24:0
ASN
#39572 DataWeb Global Group B.V.

File type
JSON data\012- , ASCII text, with very long lines (507), with no line terminators
Size
507 B (507 bytes)
Hash
9b0dfb0875ac2474a2c4896d2bff37d4
f625a55b3df26d26f59c630411f742d04bec9955
3671f995aa78e269ff9229247ca35d625984e0b8f6d039795f0e125ae03d766e

HTTP Headers

GET /tags/46445?version_name=a HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 23 Mar 2023 14:01:10 GMT
content-type: application/json
content-length: 507
server: nginx/1.18.0
cache-control: max-age=300, public
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

static.depositfiles.com/images/favicon.ico

91.226.124.77

200 OK

318 B

URL HTTP/1.1
static.depositfiles.com/images/favicon.ico
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
MS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel\012- data
Size
318 B (318 bytes)
Hash
0f0b975ee529197ec75780ebc2de5907
59688c6aafca5606e388ba9a44fc9dc25fc32cd3
28a0b52229f05b66354ca38b6b813d2281af3efb7e8b0a424ef8b4c68b9e583c

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 14:01:10 GMT
Content-Type: image/x-icon
Content-Length: 318
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-13e"
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
097d447e049e3b41f92a4695b1b0c3c7
f39c9ef8d22bee41d940bf719c75b2cfae9291d5
459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 14:01:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d09ed5b5ccfa429cf3ded7d6634ce586
e1d26f666c2b0ecf75aa847b3ee907c41514b588
b5536c7e81811b1a5ffeb8dcc80a08f14b4c5ed5ddb2c53b4b52f84c721beeed

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 14:01:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js

216.58.211.3

200 OK

165 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (576)
Size
165 kB (164678 bytes)
Hash
f22f07ee02fbeed3958345c90b52b818
2aa44ea19d580589c06c2170103b4d0505e18cdb
dc1eadf37f70bef92766d0c316d1da7af283b84e5c309a4732d8ed35d7bbfb84

HTTP Headers

GET /recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 164678
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 08:21:26 GMT
expires: Thu, 21 Mar 2024 08:21:26 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 13 Mar 2023 02:02:14 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 106784
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
097d447e049e3b41f92a4695b1b0c3c7
f39c9ef8d22bee41d940bf719c75b2cfae9291d5
459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 14:01:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js

91.226.124.80

200 OK

85 kB

URL HTTP/1.1
adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
IP
91.226.124.80:0
ASN
#35415 Webzilla B.V.

File type
Unicode text, UTF-8 text, with very long lines (65168)
Size
85 kB (85260 bytes)
Hash
b04a3bccd23ddeb7982143707a63ccf9
4a5dc1389aad050a44ee5e81408238a317ab3413
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b

HTTP Headers

GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=338016fa2efa8025a4573f92ddc020a8; last_file=h6xnapy8v; lang_current=en; _ga_BL9163LYG1=GS1.1.1679580077.1.0.1679580077.0.0.0; _ga=GA1.1.2136197100.1679580078; _nf56=1; _nf58=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 14:01:10 GMT
Content-Type: application/javascript
Content-Length: 85260
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes

nannyamplify.com/c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js

173.233.137.52

200 OK

29 kB

URL HTTP/1.1
nannyamplify.com/c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Size
29 kB (28767 bytes)
Hash
c13b3eca0710007af4b6afedf5a546cc
9db2d6a411430baf17a5e008920b7255b2c77c18
67bd5feba5b391f3479c9039e7e5f4244e67f7a256485a5ba16c7555f66924e5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js HTTP/1.1
Host: nannyamplify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 23 Mar 2023 14:01:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 400ac56e3a005c587ee7d60ec9a8e647
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d09ed5b5ccfa429cf3ded7d6634ce586
e1d26f666c2b0ecf75aa847b3ee907c41514b588
b5536c7e81811b1a5ffeb8dcc80a08f14b4c5ed5ddb2c53b4b52f84c721beeed

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 14:01:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js

91.226.124.80

200 OK

85 kB

URL HTTP/1.1
adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
IP
91.226.124.80:0
ASN
#35415 Webzilla B.V.

File type
Unicode text, UTF-8 text, with very long lines (65168)
Size
85 kB (85260 bytes)
Hash
b04a3bccd23ddeb7982143707a63ccf9
4a5dc1389aad050a44ee5e81408238a317ab3413
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b

HTTP Headers

GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2203/ad27602963634849.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=338016fa2efa8025a4573f92ddc020a8; last_file=h6xnapy8v; lang_current=en; _ga_BL9163LYG1=GS1.1.1679580077.1.0.1679580077.0.0.0; _ga=GA1.1.2136197100.1679580078; _nf56=1; _nf58=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 14:01:10 GMT
Content-Type: application/javascript
Content-Length: 85260
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes

adsbb.dfiles.eu/view.gif?c=2927&z=58&b=2708&u=641c5b6121cd13314975177137276

91.226.124.80

200 OK

43 B

URL HTTP/1.1
adsbb.dfiles.eu/view.gif?c=2927&z=58&b=2708&u=641c5b6121cd13314975177137276
IP
91.226.124.80:0
ASN
#35415 Webzilla B.V.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

HTTP Headers

GET /view.gif?c=2927&z=58&b=2708&u=641c5b6121cd13314975177137276 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=338016fa2efa8025a4573f92ddc020a8; last_file=h6xnapy8v; lang_current=en; _ga_BL9163LYG1=GS1.1.1679580077.1.0.1679580077.0.0.0; _ga=GA1.1.2136197100.1679580078; _nf56=1; _nf58=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 14:01:10 GMT
Content-Type: image/gif
Content-Length: 43
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b79d0f97dc86cb44f219bd4a67e5c6f0
979bc55681df1a4d1eb3d5e0ee387b6391c9b8e2
970f0f35e8cdf8ae20295ffaa360313c9d6a47fe5b8b78863be1c500f8afb151

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "970F0F35E8CDF8AE20295FFAA360313C9D6A47FE5B8B78863BE1C500F8AFB151"
Last-Modified: Wed, 22 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6509
Expires: Thu, 23 Mar 2023 15:49:39 GMT
Date: Thu, 23 Mar 2023 14:01:10 GMT
Connection: keep-alive

jsc.adskeeper.com/d/f/dfiles.eu.1285379.js

104.18.8.46

200 OK

1.0 kB

URL HTTP/2
jsc.adskeeper.com/d/f/dfiles.eu.1285379.js
IP
104.18.8.46:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2664)
Size
1.0 kB (1016 bytes)
Hash
87d3d2734efc01588e9fda0feff398a3
cd1b31208f32084d92c789ddc61976b1bac0d54b
64a74dca6ec6a7c104787a3c76dc4556dd7288961fca9d751dd549cd41932576

HTTP Headers

GET /d/f/dfiles.eu.1285379.js HTTP/1.1
Host: jsc.adskeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 23 Mar 2023 14:01:10 GMT
content-type: text/javascript
content-length: 1016
x-amz-id-2: fp0dy33B/d04n3/44syaTFK4kKHZR5HDMFxeC9v4rP5fYeKQIdp1+VTB9AQywH3O0w2qM3AVKGk=
x-amz-request-id: P626AEYPNZAD9BP7
last-modified: Wed, 18 Jan 2023 10:19:44 GMT
etag: "87d3d2734efc01588e9fda0feff398a3"
content-encoding: gzip
x-amz-version-id: F3Eqze46tsKiyNYC2VnDER9h40CwqTSs
cf-cache-status: HIT
age: 14
expires: Thu, 23 Mar 2023 18:01:10 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac7347388cdb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

adserver.adreactor.com/js/libcode3.js

46.166.179.121

200 OK

7.7 kB

URL HTTP/1.1
adserver.adreactor.com/js/libcode3.js
IP
46.166.179.121:0
ASN
#43350 NForce Entertainment B.V.

File type
HTML document text\012- C source, ASCII text, with very long lines (27061), with no line terminators
Size
7.7 kB (7675 bytes)
Hash
02a8b86bce420a8a54223b74fa0d265e
a92561d8f1c6a43e23b0301db815d1cfca1995c6
d58e205115e1054fe89459992256a3ac8264bf821550ccc60fb01623f9b91c41

HTTP Headers

GET /js/libcode3.js HTTP/1.1
Host: adserver.adreactor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 14:01:11 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=86400
Expires: Fri, 24 Mar 2023 14:01:10 GMT
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Tue, 15 Mar 2022 21:49:26 GMT
Content-Encoding: gzip

adsbb.dfiles.eu/view.gif?c=2963&z=56&b=2760&u=641c5b612536c7212603394717146

91.226.124.80

200 OK

43 B

URL HTTP/1.1
adsbb.dfiles.eu/view.gif?c=2963&z=56&b=2760&u=641c5b612536c7212603394717146
IP
91.226.124.80:0
ASN
#35415 Webzilla B.V.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

HTTP Headers

GET /view.gif?c=2963&z=56&b=2760&u=641c5b612536c7212603394717146 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2203/ad27602963634849.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=338016fa2efa8025a4573f92ddc020a8; last_file=h6xnapy8v; lang_current=en; _ga_BL9163LYG1=GS1.1.1679580077.1.0.1679580077.0.0.0; _ga=GA1.1.2136197100.1679580078; _nf56=1; _nf58=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 14:01:11 GMT
Content-Type: image/gif
Content-Length: 43
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes

adserver.adreactor.com/servlet/tagger/33986835/1679580079130

46.166.179.121

200 OK

79 B

URL HTTP/1.1
adserver.adreactor.com/servlet/tagger/33986835/1679580079130
IP
46.166.179.121:0
ASN
#43350 NForce Entertainment B.V.

File type
ASCII text
Size
79 B (79 bytes)
Hash
60b918c033fa434b118c4f3bbe4fc337
8d29393b583eea533a2e1a5cc883e8992e7f5dfc
2b538b18af7bdb58846021d593338e1b30cbec5184c58b04138074864a757761

HTTP Headers

GET /servlet/tagger/33986835/1679580079130 HTTP/1.1
Host: adserver.adreactor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 14:01:11 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, no-store
Pragma: no-cache
Expires: Thu, 31 Dec 1998 11:59:59 GMT
X-Robots-Tag: none
P3P: CP="NOI DSP COR NID"
Set-Cookie: ADRUID=545a49b97cf5dcb9e5a7a0a29fb97c75; Expires=Fri, 22-Mar-2024 14:01:11 GMT; Path=/; Secure; HttpOnly; SameSite=None
Content-Encoding: gzip

notification.tubecup.net/tags?tag_id=46445&timezone_olson=UTC&version_name=a

78.47.199.210

204 No Content

0 B

URL HTTP/2
notification.tubecup.net/tags?tag_id=46445&timezone_olson=UTC&version_name=a
IP
78.47.199.210:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tags?tag_id=46445&timezone_olson=UTC&version_name=a HTTP/1.1
Host: notification.tubecup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx/1.18.0
date: Thu, 23 Mar 2023 14:01:11 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

adserver.adreactor.com/servlet/view/banner/javascript/ajax/crossdomain/zone?zid=9&pid=8620&uuid=545a49b97cf5dcb9e5a7a0a29fb97c75&tagid=avp_1560248483863&viewable=true&txid=56339106&sver=1&pvid=84746919&resolution=728x91&random=19123239&millis=1679580079168&referrer=https%3A%2F%2Fadsbb.dfiles.eu%2Fupload%2F1906%2Fad2708292742b09a.htm%3Fcanp%3Dadv_73b411c406ca38ecadcf742fe6ade752

46.166.179.121

200 OK

874 B

URL HTTP/1.1
adserver.adreactor.com/servlet/view/banner/javascript/ajax/crossdomain/zone?zid=9&pid=8620&uuid=545a49b97cf5dcb9e5a7a0a29fb97c75&tagid=avp_1560248483863&viewable=true&txid=56339106&sver=1&pvid=84746919&resolution=728x91&random=19123239&millis=1679580079168&referrer=https%3A%2F%2Fadsbb.dfiles.eu%2Fupload%2F1906%2Fad2708292742b09a.htm%3Fcanp%3Dadv_73b411c406ca38ecadcf742fe6ade752
IP
46.166.179.121:0
ASN
#43350 NForce Entertainment B.V.

File type
ASCII text, with very long lines (1013)
Size
874 B (874 bytes)
Hash
e8d64eadcfc041bdaa7b401926d4027c
95311ce4382d4268cde114533d8589a30dc6b9ea
73c404f07a07c1641188c793f57416cabad41392e31ae449d3382c5029924b25

HTTP Headers

GET /servlet/view/banner/javascript/ajax/crossdomain/zone?zid=9&pid=8620&uuid=545a49b97cf5dcb9e5a7a0a29fb97c75&tagid=avp_1560248483863&viewable=true&txid=56339106&sver=1&pvid=84746919&resolution=728x91&random=19123239&millis=1679580079168&referrer=https%3A%2F%2Fadsbb.dfiles.eu%2Fupload%2F1906%2Fad2708292742b09a.htm%3Fcanp%3Dadv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adserver.adreactor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 14:01:11 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, no-store
Pragma: no-cache
Expires: Thu, 31 Dec 1998 11:59:59 GMT
X-Robots-Tag: none
P3P: CP="NOI DSP COR NID"
Set-Cookie: ADRUID=545a49b97cf5dcb9e5a7a0a29fb97c75; Expires=Fri, 22-Mar-2024 14:01:11 GMT; Path=/; Secure; HttpOnly; SameSite=None
Content-Encoding: gzip

fp.metricswpsh.com/fp?tag_id=46445

157.90.84.242

204 No Content

0 B

URL HTTP/1.1
fp.metricswpsh.com/fp?tag_id=46445
IP
157.90.84.242:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /fp?tag_id=46445 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Thu, 23 Mar 2023 14:01:11 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://dfiles.eu
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

nannyamplify.com/sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6&uuid=49003438-2210-4c43-8afe-08db9f21af74%3A1%3A1

173.233.137.52

200 OK

3.5 kB

URL HTTP/1.1
nannyamplify.com/sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6&uuid=49003438-2210-4c43-8afe-08db9f21af74%3A1%3A1
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type
JSON data\012- , ASCII text, with very long lines (6151), with no line terminators
Size
3.5 kB (3511 bytes)
Hash
0dfdb63df4362f709cedf0c5bf507420
a4852f6f991d34af19dcf942f2c65f89ecc7df8a
ffb54e3dd8571a38771b56b0abf858af8775b41433d8e5e6f80aac7f9ba03651

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6&uuid=49003438-2210-4c43-8afe-08db9f21af74%3A1%3A1 HTTP/1.1
Host: nannyamplify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 23 Mar 2023 14:01:11 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://dfiles.eu
Access-Control-Allow-Origin: https://dfiles.eu
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16004719; expires=Fri, 24 Mar 2023 14:01:10 GMT; secure; SameSite=None
uid_id2=49003438-2210-4c43-8afe-08db9f21af74:1:1; expires=Thu, 30 Mar 2023 14:01:10 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 24 Mar 2023 14:01:11 GMT; secure; SameSite=None
uncs=1; expires=Fri, 24 Mar 2023 14:01:11 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 24 Mar 2023 14:01:11 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 24 Mar 2023 14:01:11 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b634de86f3252afdcefe297af1645337
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a19f815eedd6c30b039ad166708ba8c6
692edfd33cdfe924604664ec4613d2fcaaa0a4a0
dff91da36f9bdcf8a5cdf00afd9cc96873e7c0b4c7d0ee35b3e9a92e512fb2e5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFF91DA36F9BDCF8A5CDF00AFD9CC96873E7C0B4C7D0EE35B3E9A92E512FB2E5"
Last-Modified: Tue, 21 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2207
Expires: Thu, 23 Mar 2023 14:37:58 GMT
Date: Thu, 23 Mar 2023 14:01:11 GMT
Connection: keep-alive

fp.metricswpsh.com/fp?tag_id=46445

157.90.84.242

200 OK

28 B

URL HTTP/1.1
fp.metricswpsh.com/fp?tag_id=46445
IP
157.90.84.242:0
ASN
#24940 Hetzner Online GmbH

File type
JSON data\012- , ASCII text
Size
28 B (28 bytes)
Hash
e3af49472d683a217237a6ebaf79bcb7
378db4d7e6171a2676ee15c80b4475d7f5ec9742
7714898d715fb8b1ce7a1de73e0e7c9f6394acc8a08cf1a3b342a7829d4de84a

HTTP Headers

POST /fp?tag_id=46445 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22286
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 23 Mar 2023 14:01:11 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 28
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://dfiles.eu
Set-Cookie: id=1446710593217456340; Expires=Fri, 22 Mar 2024 14:01:11 GMT; Secure; SameSite=None
Vary: Origin

friendshipmale.com/sfp.js

172.64.167.29

200 OK

27 kB

URL HTTP/2
friendshipmale.com/sfp.js
IP
172.64.167.29:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
27 kB (27119 bytes)
Hash
249d5bb8f8d5fd948efc1354d88c6817
7c912d3b06643207404fedefff09fafa13366c0d
f3bfe89639b988ecb00f0cfee2f14749541d67e96bd6b6308d6e934031db1352

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 23 Mar 2023 14:01:10 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: c0c3e864f1d3f94ad2f8218ccf4bfda6
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 23 Mar 2023 14:01:10 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8uYKuz7c34OL32rup0Rd%2FoDdOWx1Rc30L7bjiMr42rdrn%2BAZJfJB%2B%2B9%2F9c4wEP65BA5RaDJFuQvCuhTLlswLjIFhd8qkU3iHSemBnFsGQquKlS13vm%2BY%2BYM%2F9q%2FWULVrVX1nrUo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac734703e47240b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9387
Expires: Thu, 23 Mar 2023 16:37:38 GMT
Date: Thu, 23 Mar 2023 14:01:11 GMT
Connection: keep-alive

js.wpadmngr.com/static/adManager.m.js

45.133.44.25

200 OK

37 kB

URL HTTP/2
js.wpadmngr.com/static/adManager.m.js
IP
45.133.44.25:0
ASN
#39572 DataWeb Global Group B.V.

File type
data
Size
37 kB (37338 bytes)
Hash
bc2d804a87d52a81b3a4435f6d8e64c3
41fb96b2d131daefa8ba9fa5fbfb027b8bb894ae
46ed539e4c99d23ecaa99f55393cef9c329ca8a214fbbc443e47d330885bbddd

HTTP Headers

GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 23 Mar 2023 14:01:10 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 23 Mar 2023 13:47:19 GMT
etag: W/"641c5867-19c2f"
content-encoding: gzip
expires: Thu, 23 Mar 2023 14:06:10 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9387
Expires: Thu, 23 Mar 2023 16:37:38 GMT
Date: Thu, 23 Mar 2023 14:01:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9387
Expires: Thu, 23 Mar 2023 16:37:38 GMT
Date: Thu, 23 Mar 2023 14:01:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9387
Expires: Thu, 23 Mar 2023 16:37:38 GMT
Date: Thu, 23 Mar 2023 14:01:11 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6692 bytes)
Hash
c05bfdf1411a931d8ea9adc64b07bc74
156ef59e53564a4f2b27002b2695fafecd578d82
15d17c0df2d2b0625ecf5f576a7ff630ae8b923b28be354ad23aec6a284a801a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6692
x-amzn-requestid: 3a0f6a8d-89b1-43f4-8a15-8749bdbc047b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM9d9FcOoAMFaFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b75f2-3540256d6be3d4f85bba65ea;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:41:06 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Jj5lAwItWYm45j5kLqQnd3fhsiGsiuSiSVtrBUOolyHvPAmCc0S71A==
via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 07:54:24 GMT
age: 22007
etag: "156ef59e53564a4f2b27002b2695fafecd578d82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10480 bytes)
Hash
6f0b9e85381489dcf646c251722b21d4
5f7ea91288a2170bcabdca6be296718c4191eacd
911f803271ad9053ebac3787bdde9b75ec604acc6aa28692cc8e4c5c4fb61483

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10480
x-amzn-requestid: 58aa8272-4b4e-4a2f-9d6e-d47f70891c49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJptHG7JoAMFSwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2320-2fd6502b1271d5c13b4ebbe9;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: pFCYGtd2b7lK7OBFHjCsgqqLfhtMAQDB0vyYFyf1sv-3CkSHbEh3mA==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:59:52 GMT
age: 57679
etag: "5f7ea91288a2170bcabdca6be296718c4191eacd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5556 bytes)
Hash
c831201ad81f55c63c1b101ce854a810
0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5
c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5556
x-amzn-requestid: 6b050645-14aa-47f7-b4a5-2e27abbe5115
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM69eHE3IAMF0Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b71ef-6ab2948e2bf2578f29798372;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:23:59 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: CgU9j02Bnw0UdIwQ3sRCDvJoPitHIAUTRDhLH_PMXYlAPoAwSbv6Iw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 05:35:55 GMT
age: 30316
etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4912 bytes)
Hash
f4a771935927950222124e14b56046df
d07fe53e4ac41048497b2732c017f6666c3eda9e
4e8388626074646c2336711be0a170ceab367c343648a32d2389dd87640251d0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4912
x-amzn-requestid: d8fcf495-12af-42ae-ad69-0ea07b1a8669
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM8H3Fl1IAMFYgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b73cb-01cbd1981a57e53b3d3cde93;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:31:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: soxgrR0B6Rz79QysB7qbMTsNYmkYfG8doOMPpTEd9uLlrE6WTcDKdw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:47:44 GMT
age: 58407
etag: "d07fe53e4ac41048497b2732c017f6666c3eda9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10284 bytes)
Hash
4e89d0b1281259e7399294fb5fa19d2b
5035ed41f497c97faefae9cdaf42dc07ab468557
f404d286deab5b4759be6e554e6488faab3b4f7988a86eb57520dac4e0d6a192

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10284
x-amzn-requestid: e4d2c324-d0b0-436d-9739-29269e62aed0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM6hjEqtIAMFvXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b713c-5a5bd6b60c1f52ab580f1757;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:21:00 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Pv-MA9gQ4PmXuY3EWSC77_g2fn_C9-bYUQ4azcrxLNvtwY6CZZg1nA==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 07:55:01 GMT
age: 21970
etag: "5035ed41f497c97faefae9cdaf42dc07ab468557"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6cff797b-5560-422b-9907-7a2fbe8dd123.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7424 bytes)
Hash
05c7970e81559904d05b6e8cf693f085
709b01a360624eceafb1876f56378824aa4936b3
a4fd80c9bdce27961560d7c31e216706e9e32d42d1edd883e283c149505b3db0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6cff797b-5560-422b-9907-7a2fbe8dd123.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7424
x-amzn-requestid: 9a2bd57a-40d2-4bc0-b4ca-183e9a928bdc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM-3aGPzoAMFj6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b782f-0dc56e4a7c4aaeb45b45c75b;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:50:39 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 8mTKClr9GKzzrm1TtEmMeBnOQfMLTO4dBuAO-fE4UEfV-SwrFbkjZQ==
via: 1.1 ec27e2bbc77d9805bead471453d2094c.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 02:54:31 GMT
age: 40000
etag: "709b01a360624eceafb1876f56378824aa4936b3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b6cbe3a38c356556eaff8748be85bff
4363b3af7c31a391fad518e4d75d552e248d15a0
dd86c6821112ead9e08c8a1c77b74a3b1795b7c412a28e8f6b9f910b9fb3820b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD86C6821112EAD9E08C8A1C77B74A3B1795B7C412A28E8F6B9F910B9FB3820B"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4879
Expires: Thu, 23 Mar 2023 15:22:30 GMT
Date: Thu, 23 Mar 2023 14:01:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8f1bc8bd989c1c7ce4976d567e7da88e
66caa00fa7a0c349b1adf802dd2d42a1f98d7f85
0e1762bae095e1d575090c493a46317e422dd5d31e6666cb5934ae37ce1eaf6c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E1762BAE095E1D575090C493A46317E422DD5D31E6666CB5934AE37CE1EAF6C"
Last-Modified: Thu, 23 Mar 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19013
Expires: Thu, 23 Mar 2023 19:18:04 GMT
Date: Thu, 23 Mar 2023 14:01:11 GMT
Connection: keep-alive

nannyamplify.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2BtTvK95Osl6kWIMgcPCu5sdU%2FPL3MIxhiJxuySRBf0VF1VPVtOdVdT1T09u3hYDEguwnjSY%2B%2Bb3SxqkOQPEGTWiywIOx5kD6438a7kLDM7MPqB7s%2Fn1fsc3ntVn%2B0Wp4SiYCfr75ltpTVbbdZp7ZUNlQpTutrtezWf1umV2oZKW%2BGV2nD2s4PXfdqs01drb0veN6sB9Sn1qV%2B7oayMzXB1zkJlj7p%2BvUvrYVD3myGG9r%2FYFR4c8yAGp%2BRZKDH93%2BZPT6D4BGny%2BLp0%2Fdxkr72VFJrlxmIgDt5P%2B6kpUyTLMbYe4vRgsQ3jpoR8dQ4mPVg4gBnszRwgUlPi%2FeojSg8WMhEN9s%2BURhoyRST%2Bj3IwgdQTKDYBN%2FehxDEBuMDtNaTJw9vGlmzrjGUzdkouPP0LqpySC789jzT57ppWw9pdo4tcmdRhGFdQwwlUb4KsOES%2B7UGVh%2BD5p1DiZ7L69BbSZG%2FNaQMlTl4Ou5Q2wkZnJQh8uhLysLHSYbFcoR0RdePAZ3E7nEek1AQqnkDLEZjzUMw%2B5aGIPRSZh0Sc1FizG1PajqO40eiEnPNGg%2FNmpyWaohF2YoqCzzyMkGcjcD0CtzvI7A76agRb%2FAC3WcEJDy4nGIgKpSQoHUHJCEpFUOYE5aDaF9oFrnootCsif9GDRW9UY5P3dtm%2ByXsyJbvZKbk0D%2B7vlkFfntSCIGQiZH4YhZHf5H47aMVxmzYlb7UDyVpwqoJy5%2BY2t9XxcxkydfzMZUTsEE4fgqtLYMWLYOW4HVCwzXHYodhOHwuZGafyWGnp6twkEKZCll9AvuXt6lPywlxH94%2BLkPzo6pefr%2F1%2BRXwIbitktsLH6keCnn4wvmNKsnfHlI48WctylahtNrvcuznL5flv3pVbpbHi5nU3%2BvoNPiNm46N70uW3WCpU2nPk22tKCGlvGMsl%2Bf6m25DReuE2rxU2LbJb62%2FeuJlkVjqnTDoBU8cffAKupuSi7c%2Bf7Ut%2FvgNlJ7BFhaQ4IouCMhPwbAcuW6p3hsDq5U6UeSiLamyDaHmoFYGWS8yiCu5fOFrOu%2B4BetYDy%2B8jTSoMbIWBrsD0CK44P84ze3T1l8a8EGlvHGnr7UXa6i%2FOonXqpCabMY0lDWQUd6O4zajoxmE3Yl1ftqMm85G7qbj80cE%2FAAAA%2F%2F8BAAD%2F%2F%2FrULUyOBAAA

173.233.137.52

200 OK

7 B

URL HTTP/1.1
nannyamplify.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2BtTvK95Osl6kWIMgcPCu5sdU%2FPL3MIxhiJxuySRBf0VF1VPVtOdVdT1T09u3hYDEguwnjSY%2B%2Bb3SxqkOQPEGTWiywIOx5kD6438a7kLDM7MPqB7s%2Fn1fsc3ntVn%2B0Wp4SiYCfr75ltpTVbbdZp7ZUNlQpTutrtezWf1umV2oZKW%2BGV2nD2s4PXfdqs01drb0veN6sB9Sn1qV%2B7oayMzXB1zkJlj7p%2BvUvrYVD3myGG9r%2FYFR4c8yAGp%2BRZKDH93%2BZPT6D4BGny%2BLp0%2Fdxkr72VFJrlxmIgDt5P%2B6kpUyTLMbYe4vRgsQ3jpoR8dQ4mPVg4gBnszRwgUlPi%2FeojSg8WMhEN9s%2BURhoyRST%2Bj3IwgdQTKDYBN%2FehxDEBuMDtNaTJw9vGlmzrjGUzdkouPP0LqpySC789jzT57ppWw9pdo4tcmdRhGFdQwwlUb4KsOES%2B7UGVh%2BD5p1DiZ7L69BbSZG%2FNaQMlTl4Ou5Q2wkZnJQh8uhLysLHSYbFcoR0RdePAZ3E7nEek1AQqnkDLEZjzUMw%2B5aGIPRSZh0Sc1FizG1PajqO40eiEnPNGg%2FNmpyWaohF2YoqCzzyMkGcjcD0CtzvI7A76agRb%2FAC3WcEJDy4nGIgKpSQoHUHJCEpFUOYE5aDaF9oFrnootCsif9GDRW9UY5P3dtm%2ByXsyJbvZKbk0D%2B7vlkFfntSCIGQiZH4YhZHf5H47aMVxmzYlb7UDyVpwqoJy5%2BY2t9XxcxkydfzMZUTsEE4fgqtLYMWLYOW4HVCwzXHYodhOHwuZGafyWGnp6twkEKZCll9AvuXt6lPywlxH94%2BLkPzo6pefr%2F1%2BRXwIbitktsLH6keCnn4wvmNKsnfHlI48WctylahtNrvcuznL5flv3pVbpbHi5nU3%2BvoNPiNm46N70uW3WCpU2nPk22tKCGlvGMsl%2Bf6m25DReuE2rxU2LbJb62%2FeuJlkVjqnTDoBU8cffAKupuSi7c%2Bf7Ut%2FvgNlJ7BFhaQ4IouCMhPwbAcuW6p3hsDq5U6UeSiLamyDaHmoFYGWS8yiCu5fOFrOu%2B4BetYDy%2B8jTSoMbIWBrsD0CK44P84ze3T1l8a8EGlvHGnr7UXa6i%2FOonXqpCabMY0lDWQUd6O4zajoxmE3Yl1ftqMm85G7qbj80cE%2FAAAA%2F%2F8BAAD%2F%2F%2FrULUyOBAAA
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2BtTvK95Osl6kWIMgcPCu5sdU%2FPL3MIxhiJxuySRBf0VF1VPVtOdVdT1T09u3hYDEguwnjSY%2B%2Bb3SxqkOQPEGTWiywIOx5kD6438a7kLDM7MPqB7s%2Fn1fsc3ntVn%2B0Wp4SiYCfr75ltpTVbbdZp7ZUNlQpTutrtezWf1umV2oZKW%2BGV2nD2s4PXfdqs01drb0veN6sB9Sn1qV%2B7oayMzXB1zkJlj7p%2BvUvrYVD3myGG9r%2FYFR4c8yAGp%2BRZKDH93%2BZPT6D4BGny%2BLp0%2Fdxkr72VFJrlxmIgDt5P%2B6kpUyTLMbYe4vRgsQ3jpoR8dQ4mPVg4gBnszRwgUlPi%2FeojSg8WMhEN9s%2BURhoyRST%2Bj3IwgdQTKDYBN%2FehxDEBuMDtNaTJw9vGlmzrjGUzdkouPP0LqpySC789jzT57ppWw9pdo4tcmdRhGFdQwwlUb4KsOES%2B7UGVh%2BD5p1DiZ7L69BbSZG%2FNaQMlTl4Ou5Q2wkZnJQh8uhLysLHSYbFcoR0RdePAZ3E7nEek1AQqnkDLEZjzUMw%2B5aGIPRSZh0Sc1FizG1PajqO40eiEnPNGg%2FNmpyWaohF2YoqCzzyMkGcjcD0CtzvI7A76agRb%2FAC3WcEJDy4nGIgKpSQoHUHJCEpFUOYE5aDaF9oFrnootCsif9GDRW9UY5P3dtm%2ByXsyJbvZKbk0D%2B7vlkFfntSCIGQiZH4YhZHf5H47aMVxmzYlb7UDyVpwqoJy5%2BY2t9XxcxkydfzMZUTsEE4fgqtLYMWLYOW4HVCwzXHYodhOHwuZGafyWGnp6twkEKZCll9AvuXt6lPywlxH94%2BLkPzo6pefr%2F1%2BRXwIbitktsLH6keCnn4wvmNKsnfHlI48WctylahtNrvcuznL5flv3pVbpbHi5nU3%2BvoNPiNm46N70uW3WCpU2nPk22tKCGlvGMsl%2Bf6m25DReuE2rxU2LbJb62%2FeuJlkVjqnTDoBU8cffAKupuSi7c%2Bf7Ut%2FvgNlJ7BFhaQ4IouCMhPwbAcuW6p3hsDq5U6UeSiLamyDaHmoFYGWS8yiCu5fOFrOu%2B4BetYDy%2B8jTSoMbIWBrsD0CK44P84ze3T1l8a8EGlvHGnr7UXa6i%2FOonXqpCabMY0lDWQUd6O4zajoxmE3Yl1ftqMm85G7qbj80cE%2FAAAA%2F%2F8BAAD%2F%2F%2FrULUyOBAAA HTTP/1.1
Host: nannyamplify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; uid_id2=49003438-2210-4c43-8afe-08db9f21af74:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 23 Mar 2023 14:01:11 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 96382176297de2e595a95f0b76d90c4f
Strict-Transport-Security: max-age=0; includeSubdomains

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2c1864a8c58f609a345b7068ef562581
a0c9fca1f64817e2120333500c1ac447c18b194f
48ba91cd80d15dc010e2ba367cb2091d64787dd53cefb83fb3ff86b35a533a8f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48BA91CD80D15DC010E2BA367CB2091D64787DD53CEFB83FB3FF86B35A533A8F"
Last-Modified: Wed, 22 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4308
Expires: Thu, 23 Mar 2023 15:12:59 GMT
Date: Thu, 23 Mar 2023 14:01:11 GMT
Connection: keep-alive

js.wpshsdk.com/npc/sdk/wp-banners.js

45.133.44.25

200 OK

0 B

URL HTTP/2
js.wpshsdk.com/npc/sdk/wp-banners.js
IP
45.133.44.25:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 23 Mar 2023 14:01:11 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Thu, 23 Mar 2023 14:06:11 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

19d80f4f97.523d6475f9.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNzE0OTg3OTUzNzUyOTM2NzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjMxLjAiLCJ0YWdfaWQiOjQ2NDQ1LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjEuMSwiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiRGVwb3NpdEZpbGVzJTJDRGVwb3NpdEZpbGVzJTJDcHJvdmlkZXMlMkN5b3UlMkN3aXRoJTJDYSUyQ2xlZ2l0aW1hdGUlMkN0ZWNobmljYWwlMkNzb2x1dGlvbiUyQ3doaWNoJTJDZW5hYmxlcyUyQ3lvdSUyQ3RvJTJDdXBsb2FkJTJDc3RvcmUlMkNhY2Nlc3MlMkNhbmQlMkNkb3dubG9hZCUyQ3RleHQlMkNzb2Z0d2FyZSUyQyUyQ3NjcmlwdHMlMkNpbWFnZXMlMkNzb3VuZHMlMkN2aWRlb3MlMkNhbmltYXRpb25zJTJDYW5kJTJDYW55JTJDb3RoZXIlMkNtYXRlcmlhbHMlMkNpbiUyQ2Zvcm0lMkNvZiUyQ29uZSUyQ29yJTJDc2V2ZXJhbCUyQ2VsZWN0cm9uaWMlMkNmaWxlcy4ifQ==

45.133.44.24

200 OK

0 B

URL HTTP/2
19d80f4f97.523d6475f9.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNzE0OTg3OTUzNzUyOTM2NzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjMxLjAiLCJ0YWdfaWQiOjQ2NDQ1LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjEuMSwiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiRGVwb3NpdEZpbGVzJTJDRGVwb3NpdEZpbGVzJTJDcHJvdmlkZXMlMkN5b3UlMkN3aXRoJTJDYSUyQ2xlZ2l0aW1hdGUlMkN0ZWNobmljYWwlMkNzb2x1dGlvbiUyQ3doaWNoJTJDZW5hYmxlcyUyQ3lvdSUyQ3RvJTJDdXBsb2FkJTJDc3RvcmUlMkNhY2Nlc3MlMkNhbmQlMkNkb3dubG9hZCUyQ3RleHQlMkNzb2Z0d2FyZSUyQyUyQ3NjcmlwdHMlMkNpbWFnZXMlMkNzb3VuZHMlMkN2aWRlb3MlMkNhbmltYXRpb25zJTJDYW5kJTJDYW55JTJDb3RoZXIlMkNtYXRlcmlhbHMlMkNpbiUyQ2Zvcm0lMkNvZiUyQ29uZSUyQ29yJTJDc2V2ZXJhbCUyQ2VsZWN0cm9uaWMlMkNmaWxlcy4ifQ==
IP
45.133.44.24:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNzE0OTg3OTUzNzUyOTM2NzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjMxLjAiLCJ0YWdfaWQiOjQ2NDQ1LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjEuMSwiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiRGVwb3NpdEZpbGVzJTJDRGVwb3NpdEZpbGVzJTJDcHJvdmlkZXMlMkN5b3UlMkN3aXRoJTJDYSUyQ2xlZ2l0aW1hdGUlMkN0ZWNobmljYWwlMkNzb2x1dGlvbiUyQ3doaWNoJTJDZW5hYmxlcyUyQ3lvdSUyQ3RvJTJDdXBsb2FkJTJDc3RvcmUlMkNhY2Nlc3MlMkNhbmQlMkNkb3dubG9hZCUyQ3RleHQlMkNzb2Z0d2FyZSUyQyUyQ3NjcmlwdHMlMkNpbWFnZXMlMkNzb3VuZHMlMkN2aWRlb3MlMkNhbmltYXRpb25zJTJDYW5kJTJDYW55JTJDb3RoZXIlMkNtYXRlcmlhbHMlMkNpbiUyQ2Zvcm0lMkNvZiUyQ29uZSUyQ29yJTJDc2V2ZXJhbCUyQ2VsZWN0cm9uaWMlMkNmaWxlcy4ifQ== HTTP/1.1
Host: 19d80f4f97.523d6475f9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 23 Mar 2023 14:01:11 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
342da587101df62e3e8f03dc4a87f93d
897c40f31b24adf281b804bbca7f0ffba5b86816
f6b8dde2c506c3ec03517324e93c04058e44e345dae5a52e5f49c97d77455aec

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 14:01:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

js.wpshsdk.com/npc/sdk/push.m.js?v=1

45.133.44.25

200 OK

27 kB

URL HTTP/2
js.wpshsdk.com/npc/sdk/push.m.js?v=1
IP
45.133.44.25:0
ASN
#39572 DataWeb Global Group B.V.

File type
data
Size
27 kB (27074 bytes)
Hash
05a5e97f8665a4325d69ecedabb22a75
031bf5ddd0db016cb2037121fe20f7a3e4a37ec1
4013006cbeff466a72f98483255f877cdf67efbe51c34ce16690bf843fb2c478

HTTP Headers

GET /npc/sdk/push.m.js?v=1 HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 23 Mar 2023 14:01:11 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 21 Mar 2023 15:03:14 GMT
etag: W/"6419c732-10327"
content-encoding: gzip
expires: Thu, 23 Mar 2023 14:06:11 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e7464ad4e48253fde290f771e1f45500
50fad111b07ae2b3d0bc6152e5d8b42e90a3daef
bc288d03aad73ff9d8921d2a7bb50f46707d18c5764f6e4c671530dda5c8ab7e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BC288D03AAD73FF9D8921D2A7BB50F46707D18C5764F6E4C671530DDA5C8AB7E"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6473
Expires: Thu, 23 Mar 2023 15:49:04 GMT
Date: Thu, 23 Mar 2023 14:01:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e7464ad4e48253fde290f771e1f45500
50fad111b07ae2b3d0bc6152e5d8b42e90a3daef
bc288d03aad73ff9d8921d2a7bb50f46707d18c5764f6e4c671530dda5c8ab7e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BC288D03AAD73FF9D8921D2A7BB50F46707D18C5764F6E4C671530DDA5C8AB7E"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6473
Expires: Thu, 23 Mar 2023 15:49:04 GMT
Date: Thu, 23 Mar 2023 14:01:11 GMT
Connection: keep-alive

cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/img/close.png

172.64.167.9

200 OK

2.0 kB

URL HTTP/2
cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/img/close.png
IP
172.64.167.9:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data
Size
2.0 kB (2005 bytes)
Hash
2cecae5111d5ff932a996679215ad573
f4c63abb5dc373aba5bc144c3831d98516cc7cc9
31f6aad6a88eca32f245dc6d0e030ef422f306b4f8479855b30e59b6dc134ebc

HTTP Headers

GET /sb/ssp/in-page_push/os/android/2/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 23 Mar 2023 14:01:11 GMT
content-type: image/png
content-length: 2005
last-modified: Wed, 11 May 2022 09:01:03 GMT
etag: "627b7b4f-7d5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 11059712
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6MXCpH3naE0Oy%2Bh5ovvLclx%2BriAtv5WqrYlSKcLgSkRJhpi0Wlqb11a2t6vJa6ZkGif3et0qYhvhhlvc4G7lprWBOb99XH%2BYNFEJ3bSnUlT9xCNRm4EWU%2BnfzBVufKYQRwsSQQ8QGX5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac73479380e75cf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
342da587101df62e3e8f03dc4a87f93d
897c40f31b24adf281b804bbca7f0ffba5b86816
f6b8dde2c506c3ec03517324e93c04058e44e345dae5a52e5f49c97d77455aec

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 14:01:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dbc482c9e68924aca2d3c0b78f9ffa1d
24af8a9ea51600ce0b5824bc64e663838a212be8
fe9a1b3c4fb8bbb1b0df43875b6d563b7967e2d9fc9529dbb6d4865a9faa7752

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE9A1B3C4FB8BBB1B0DF43875B6D563B7967E2D9FC9529DBB6D4865A9FAA7752"
Last-Modified: Wed, 22 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5924
Expires: Thu, 23 Mar 2023 15:39:55 GMT
Date: Thu, 23 Mar 2023 14:01:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c8bc20e509c1c09c4aeac856fb7e73dd
432813ca21835f04c815f49f6c4c66f4454e2977
959fd169e82edf018a8d3c8c887d81224da8ccd92c3c5100a37d4a1dd1ec7f11

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "959FD169E82EDF018A8D3C8C887D81224DA8CCD92C3C5100A37D4A1DD1EC7F11"
Last-Modified: Thu, 23 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1919
Expires: Thu, 23 Mar 2023 14:33:10 GMT
Date: Thu, 23 Mar 2023 14:01:11 GMT
Connection: keep-alive

cdn.cloudimagesb.com/si/89/9f/8a/899f8a5bb7132795d339610f52f16dad/1667589937.png

45.133.44.10

200 OK

33 kB

URL HTTP/2
cdn.cloudimagesb.com/si/89/9f/8a/899f8a5bb7132795d339610f52f16dad/1667589937.png
IP
45.133.44.10:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
33 kB (32763 bytes)
Hash
2cb2500acb00f247ef19403c3a0f89e1
7c57e8b84b2bb0003810ffae7a14e24869155464
7efcd5082673b787603d2a0b8d768fb26807cf2ab79771a69886a916d0cda3ce

HTTP Headers

GET /si/89/9f/8a/899f8a5bb7132795d339610f52f16dad/1667589937.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 23 Mar 2023 14:01:11 GMT
content-type: image/png
content-length: 32763
server: nginx/1.17.6
last-modified: Fri, 04 Nov 2022 19:25:45 GMT
etag: "63656739-7ffb"
expires: Sat, 25 Mar 2023 14:01:11 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

js.wpshsdk.com/npc/sdk/common/config.js

45.133.44.25

200 OK

19 B

URL HTTP/2
js.wpshsdk.com/npc/sdk/common/config.js
IP
45.133.44.25:0
ASN
#39572 DataWeb Global Group B.V.

File type
JSON data\012- , ASCII text, with no line terminators
Size
19 B (19 bytes)
Hash
eb8a14bb951f56cd4db23728e8501715
9a5e002bfa8a179e1b4273d9f3000305868549da
167f3b5447dd6ec4f53c8301121b347810c22eb870ccc8b1f0812a07e518ac57

HTTP Headers

GET /npc/sdk/common/config.js HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 23 Mar 2023 14:01:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 19
server: nginx/1.18.0
last-modified: Tue, 21 Mar 2023 15:03:14 GMT
etag: "6419c732-13"
expires: Thu, 23 Mar 2023 14:06:12 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=49003438-2210-4c43-8afe-08db9f21af74&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=14

192.243.61.225

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=49003438-2210-4c43-8afe-08db9f21af74&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=14
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=49003438-2210-4c43-8afe-08db9f21af74&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=14 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 23 Mar 2023 14:01:12 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 57fd45dc353448a7645c4b5f141d3fce
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=49003438-2210-4c43-8afe-08db9f21af74&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=14

192.243.61.225

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=49003438-2210-4c43-8afe-08db9f21af74&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=14
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=49003438-2210-4c43-8afe-08db9f21af74&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=14 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 23 Mar 2023 14:01:12 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9d69bd0055904ccdad9fee32f0eab775
Strict-Transport-Security: max-age=0; includeSubdomains

js.wpshsdk.com/npc/sdk/common/core.js

45.133.44.25

200 OK

52 kB

URL HTTP/2
js.wpshsdk.com/npc/sdk/common/core.js
IP
45.133.44.25:0
ASN
#39572 DataWeb Global Group B.V.

File type
data
Size
52 kB (52260 bytes)
Hash
38efd52e36eefcc923fc0b81d9897efb
b54524e502ac38d0ed00f0937584568dece27c3d
7efb5d1825b289e6aba8508e08ecda65ae288bc7cdceeafe9e07091da60d2b09

HTTP Headers

GET /npc/sdk/common/core.js HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 23 Mar 2023 14:01:12 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 21 Mar 2023 15:03:14 GMT
etag: W/"6419c732-1a726"
content-encoding: gzip
expires: Thu, 23 Mar 2023 14:06:12 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

142.250.74.3

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 18:05:11 GMT
expires: Thu, 21 Mar 2024 18:05:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
age: 71761
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

sw.wpush.org/ps/sw.js

45.133.44.25

200 OK

1.8 kB

URL HTTP/2
sw.wpush.org/ps/sw.js
IP
45.133.44.25:0
ASN
#39572 DataWeb Global Group B.V.

File type
data
Size
1.8 kB (1808 bytes)
Hash
f0bbdd19d4a3a9ca9f873f60fad257aa
bddc24d04c4fa162ce0e2444e3b5a04aca544887
501714ddcfa0619d655d899207df7f4289b8c34deee6e33cd1ec092957287756

HTTP Headers

GET /ps/sw.js HTTP/1.1
Host: sw.wpush.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 23 Mar 2023 14:01:12 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 21 Mar 2023 15:03:14 GMT
etag: W/"6419c732-158c"
content-encoding: gzip
expires: Thu, 23 Mar 2023 14:06:12 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

nannyamplify.com/pixel/sbs?c=1

173.233.137.52

200 OK

0 B

URL HTTP/1.1
nannyamplify.com/pixel/sbs?c=1
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: nannyamplify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; uid_id2=49003438-2210-4c43-8afe-08db9f21af74:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 23 Mar 2023 14:01:12 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c8bc20e509c1c09c4aeac856fb7e73dd
432813ca21835f04c815f49f6c4c66f4454e2977
959fd169e82edf018a8d3c8c887d81224da8ccd92c3c5100a37d4a1dd1ec7f11

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "959FD169E82EDF018A8D3C8C887D81224DA8CCD92C3C5100A37D4A1DD1EC7F11"
Last-Modified: Thu, 23 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21366
Expires: Thu, 23 Mar 2023 19:57:19 GMT
Date: Thu, 23 Mar 2023 14:01:13 GMT
Connection: keep-alive

dfiles.eu/ps/QW13h0.js

91.226.124.80

304 Not Modified

0 B

URL HTTP/1.1
dfiles.eu/ps/QW13h0.js
IP
91.226.124.80:0
ASN
#35415 Webzilla B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ps/QW13h0.js HTTP/1.1
Host: dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uprand=338016fa2efa8025a4573f92ddc020a8; last_file=h6xnapy8v; lang_current=en; _ga_BL9163LYG1=GS1.1.1679580077.1.0.1679580077.0.0.0; _ga=GA1.1.2136197100.1679580078; dom3ic8zudi28v8lr6fgphwffqoz0j6c=49003438-2210-4c43-8afe-08db9f21af74%3A1%3A1; sb_page_224ad4a14b4b15c1726ff705ec672ea6=1; sb_onpage_224ad4a14b4b15c1726ff705ec672ea6=1; sb_main_224ad4a14b4b15c1726ff705ec672ea6=1; sb_count_224ad4a14b4b15c1726ff705ec672ea6=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=nannyamplify.com; ppu_idelay_c22dc50dc2bbe4422c7f68d26ab95eb9=1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-Modified-Since: Fri, 21 Oct 2022 18:27:48 GMT
If-None-Match: "6352e4a4-30"
Cache-Control: max-age=0

HTTP/1.1 304 Not Modified
Server: nginx
Date: Thu, 23 Mar 2023 14:01:13 GMT
Last-Modified: Fri, 21 Oct 2022 18:27:48 GMT
Connection: close
ETag: "6352e4a4-30"

sw.wpush.org/ps/sw.js

45.133.44.24

200 OK

2.9 kB

URL HTTP/2
sw.wpush.org/ps/sw.js
IP
45.133.44.24:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (8695)
Size
2.9 kB (2896 bytes)
Hash
1671ed5a74ab91bb574274825da4d442
a1572a8eb9d873860688f275bde743eba1f17de9
a2bd956f5ac4ec56f3719bcf1093b79f3ca917937a38911ad10651e960c81738

HTTP Headers

GET /ps/sw.js HTTP/1.1
Host: sw.wpush.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 23 Mar 2023 14:01:13 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 21 Mar 2023 15:03:14 GMT
etag: W/"6419c732-158c"
content-encoding: gzip
expires: Thu, 23 Mar 2023 14:06:13 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

172.217.21.170

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
172.217.21.170:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 23 Mar 2023 14:01:11 GMT
date: Thu, 23 Mar 2023 14:01:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

js.wpadmngr.com/static/adManager.js

45.133.44.25

200 OK

0 B

URL HTTP/2
js.wpadmngr.com/static/adManager.js
IP
45.133.44.25:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/adManager.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 23 Mar 2023 14:01:09 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Mon, 05 Dec 2022 13:37:26 GMT
etag: W/"638df416-4dd"
content-encoding: gzip
expires: Thu, 23 Mar 2023 14:06:09 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.barscreative1.com/sb/au/e1/6f/bb/e16fbbe9f31c82c23d1d57f9726b5fc7/1654616215.html

45.133.44.3

200 OK

0 B

URL HTTP/2
cdn.barscreative1.com/sb/au/e1/6f/bb/e16fbbe9f31c82c23d1d57f9726b5fc7/1654616215.html
IP
45.133.44.3:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/au/e1/6f/bb/e16fbbe9f31c82c23d1d57f9726b5fc7/1654616215.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 23 Mar 2023 14:01:11 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Tue, 07 Jun 2022 15:37:00 GMT
etag: W/"629f709c-40e"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Thu, 23 Mar 2023 15:01:11 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/css/style.css

172.64.167.9

200 OK

0 B

URL HTTP/2
cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/css/style.css
IP
172.64.167.9:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/ssp/in-page_push/os/android/2/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 23 Mar 2023 14:01:11 GMT
content-type: text/css
last-modified: Wed, 11 May 2022 09:01:01 GMT
etag: W/"627b7b4d-126c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 17092
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0RsoyRIUuwv01WfRXfyrBNbLEtD9oxVSO3NcH9Mwt3CyIZmsbb4FQlQtQj47WdoQP22jbZ33SImBiXJFr4unWt1%2BVgku2CTl0ygtYu3JNldWuodpcepndD5MsaxqFRC1nOEsewXO4sI6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac73478dfca71b4-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/js/script.js

172.64.167.9

200 OK

0 B

URL HTTP/2
cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/js/script.js
IP
172.64.167.9:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/ssp/in-page_push/os/android/2/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 23 Mar 2023 14:01:11 GMT
content-type: application/javascript
last-modified: Wed, 11 May 2022 09:01:04 GMT
etag: W/"627b7b50-194"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 17092
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fIGh7AOe23VENaXvYvVmBiJ5h%2FXX5LqtXbgx%2FCmOp4qnxuoYdF9zmeVF2VWfdjKlAjp55u2p1etiR%2F1tBbuE5o5D%2FopJzg6ZhGf7axSZyrGNGEF81teG9kyq7ordtiY3MFUnKKKDRJfg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac73478dfc971b4-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.unblockia.com/h.js

54.230.111.125

200 OK

0 B

URL HTTP/2
cdn.unblockia.com/h.js
IP
54.230.111.125:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /h.js HTTP/1.1
Host: cdn.unblockia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Tue, 14 Feb 2023 17:16:02 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-content-sha256: f8dddb563fa55bce4c5ce2a22cd026fd41942793b4b34e4f2278ec006ba5c324
x-amz-version-id: 28d.r45uCskr6PA6yRigQmOs9rcFOOWB
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:987257285531:build/unblockia-loader-codebuild-project:f3954d10-86c5-48f4-9cfe-10a3246c8276
x-amz-meta-codebuild-content-md5: 2b108ecf60c75434f8c9f42f68ab0d5a
server: AmazonS3
content-encoding: br
date: Wed, 22 Mar 2023 19:14:45 GMT
etag: W/"6f10efbed5fddb7cda8b803fb6d129f4"
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WjaUQo5wqilzAsKrsPdiZ6_hUMHKAYy7I0lXJTRBrF2j6U7le2FPCA==
age: 67585
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (69)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML