Report - dfiles.eu/files/dwijtgwns/Subnautica

Report Overview

Submitted URL
dfiles.eu/files/dwijtgwns/Subnautica_41147.exe
IP
91.226.124.76
ASN
#35415 Webzilla B.V.
Submitted
2023-01-31 10:15:08
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
18

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-13T07:57:11Z	429 B	165 kB	216.58.211.3
1842fc94dc.109c957fb6.com	unknown	2023-01-28T04:32:05Z	2023-02-02T01:25:07Z	1.2 kB	320 B	45.133.44.25
cdn.unblockia.com	20316	2019-12-02T14:45:53Z	2023-03-13T07:30:34Z	351 B	531 B	54.230.111.125
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
adsbb.dfiles.eu	unknown	2017-03-18T01:40:30Z	2023-03-13T00:32:01Z	4.2 kB	174 kB	91.226.124.76
dominantroute.com	unknown	2022-10-19T12:20:59Z	2023-03-13T08:17:18Z	395 B	140 kB	193.200.64.20
pagead2.googlesyndication.com	101	2021-02-20T16:52:05Z	2023-03-13T08:39:15Z	424 B	51 kB	216.58.207.194
ads.a-static.com	642938	2014-06-15T00:45:46Z	2023-03-13T00:32:02Z	1.1 kB	207 B	46.166.179.118
cdn.barscreative1.com	25648	2021-09-16T13:14:42Z	2023-03-13T08:33:41Z	437 B	386 B	45.133.44.4
www.google.com	7	2015-05-10T13:11:19Z	2023-03-13T06:40:43Z	360 B	1.1 kB	216.58.207.228
simplewebanalysis.com	unknown	2022-02-25T05:06:25Z	2023-03-13T08:33:39Z	1.3 kB	958 B	3.120.47.42
jsc.adskeeper.com	31191	2020-07-04T12:58:29Z	2023-03-13T02:48:04Z	772 B	82 kB	172.64.151.192
js.wpshsdk.com	12130	2021-06-04T15:50:00Z	2023-03-13T08:00:13Z	1.9 kB	57 kB	45.133.44.25
cdn.creative-bars1.com	unknown	2022-11-15T17:46:22Z	2023-03-13T05:15:48Z	2.1 kB	89 kB	172.64.167.9
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	7.8 kB	20 kB	23.36.76.226
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-13T05:21:46Z	1.4 kB	2.9 kB	23.36.77.32
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	350 B	1.0 kB	54.230.245.39
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.39.218.209
97ad8a430e.3841f4b0c4.com	unknown	2023-01-31T06:22:05Z	2023-02-14T02:08:44Z	414 B	36 kB	45.133.44.25
js.wpadmngr.com	25762	2021-06-02T16:43:46Z	2023-03-13T09:03:13Z	366 B	374 B	45.133.44.25
fp.metricswpsh.com	unknown	2022-04-22T13:20:32Z	2023-03-13T06:42:46Z	929 B	774 B	157.90.84.242
dfiles.eu	434493	2012-12-23T12:05:24Z	2023-03-13T00:32:01Z	2.6 kB	10 kB	91.226.124.76
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	2.7 kB	56 kB	34.120.237.76
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	682 B	1.1 kB	93.184.220.29
adserver.adreactor.com	268206	2012-05-22T22:55:13Z	2023-03-13T00:32:01Z	1.5 kB	10 kB	46.166.179.123
sweepfrequencydissolved.com	unknown	2023-01-22T02:45:20Z	2023-02-28T17:55:25Z	450 B	467 B	173.233.137.52
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	477 B	17 kB	142.250.74.35
solemnvine.com	unknown	2023-01-24T03:32:31Z	2023-03-10T23:08:08Z	2.9 kB	36 kB	192.243.59.13
cdn.cloudimagesb.com	23099	2021-02-12T17:15:41Z	2023-03-13T05:15:48Z	415 B	33 kB	45.133.44.10
unseenreport.com	unknown	2022-03-30T16:33:17Z	2023-03-13T05:15:47Z	1.4 kB	846 B	192.243.59.20
sw.wpush.org	78308	2020-02-15T08:54:44Z	2023-03-13T07:47:43Z	738 B	2.5 kB	45.133.44.25
pl16105218.highcpmrevenuenetwork.com	unknown	2022-12-31T00:11:28Z	2023-03-02T18:07:50Z	410 B	14 kB	192.243.59.13
notification.tubecup.net	8210	2019-08-30T11:36:01Z	2023-03-13T08:28:58Z	519 B	320 B	168.119.25.62
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.7 kB	5.6 kB	216.58.211.3
static.depositfiles.com	unknown	2012-05-24T17:07:52Z	2023-03-13T00:32:00Z	7.1 kB	708 kB	91.226.124.77
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-31	medium	cdn.barscreative1.com/sb/au/18/52/6a/18526a6becad408914fcf53d946360f0/1651134763.html	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-31	medium	highcpmrevenuenetwork.com	Sinkholed
2023-01-31	medium	solemnvine.com	Sinkholed
2023-01-31	medium	solemnvine.com	Sinkholed
2023-01-31	medium	sweepfrequencydissolved.com	Sinkholed
2023-01-31	medium	solemnvine.com	Sinkholed
2023-01-31	medium	unseenreport.com	Sinkholed
2023-01-31	medium	unseenreport.com	Sinkholed
2023-01-31	medium	solemnvine.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (71)

	URL	Size	First Seen	Last Seen
	solemnvine.com/c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js	86 kB	2023-03-13	2023-03-13
Pretty URL solemnvine.com/c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:17:40 Last Seen2023-03-13 14:24:41 Times Seen1 Hash 32ee30b7c46af1248329fc6a25f40258 fad6aad7eb9fe3d527470245e846afcdac8f4898 5733719cbfda5db675897c56d621f993d539bb7ab54ad819dd2b77f68b2340f4 Loading...

	adsbb.dfiles.eu/upload/2203/ad27602963634849.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752	256 B	2023-03-07	2023-04-05
Pretty URL adsbb.dfiles.eu/upload/2203/ad27602963634849.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 IP 91.226.124.76 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2023-04-05 02:06:56 Times Seen70 Hash 20704ad7b70a34f815751819ac6ce613 a76a8f02e7fdb6df76de6a7aaa1d34ca3f2ab233 500bac24554cc71a37c7f52274010fc3800d230267fb1e86e92bb076de030fe1 Loading...

	cdn.creative-bars1.com/sb/ssp/utility/live-message/3-2/js/jquery.min.js	90 kB	2023-03-07	2024-04-24
Pretty URL cdn.creative-bars1.com/sb/ssp/utility/live-message/3-2/js/jquery.min.js IP 172.64.167.9 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:04:00 Last Seen2024-04-24 06:57:52 Times Seen3720 Hash 561acb3e541133bbdd2c0c19f8ee35a1 ffd1353cf3f77d25f801c84d8208613eb0d3d548 9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc Loading...

	dfiles.eu/files/dwijtgwns/Subnautica_41147.exe	148 B	2023-03-07	2024-04-24
Pretty URL dfiles.eu/files/dwijtgwns/Subnautica_41147.exe IP 91.226.124.76 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:56 Last Seen2024-04-24 13:33:09 Times Seen594 Hash 39f8fffd2249f3bb9deb92a533243df9 ee75ba64aea887c758cd24407d003bc9494237f3 62cdfe74dd5ba57340776bc53ee95b20c286efbc7c467ece9594d27e24b48dcd Loading...

	dfiles.eu/files/dwijtgwns/Subnautica_41147.exe	781 B	2023-03-07	2024-04-24
Pretty URL dfiles.eu/files/dwijtgwns/Subnautica_41147.exe IP 91.226.124.76 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2024-04-24 13:33:09 Times Seen581 Hash fc579ba1ff4c0c2e22ba979c418178d1 87d25254a57e673bc1a10500c9a7f887d8dfa6a9 455914aff0c5916e2978af037cddc01aca97fe3c14c6cd1b8f2c6dfc557931bc Loading...

	dfiles.eu/files/dwijtgwns/Subnautica_41147.exe	26 B	2023-03-07	2024-04-24
Pretty URL dfiles.eu/files/dwijtgwns/Subnautica_41147.exe IP 91.226.124.76 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2024-04-24 13:33:10 Times Seen594 Hash ed91f0c19cbcd50a62fe290680800145 b42572f05f14b93093f64b146245b32b3d0cbf9e c67d0cfcd4c4e9eb4c73c9ac4c4545d5628603946d522a5fca6f3106749df1e0 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 02:11:53 Times Seen37052711 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	adsbb.dfiles.eu/upload/2203/ad27602963634849.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752	240 B	2023-03-13	2023-03-13
Pretty URL adsbb.dfiles.eu/upload/2203/ad27602963634849.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 IP 91.226.124.76 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:13:32 Last Seen2023-03-13 13:13:36 Times Seen1 Hash 4752865f7ade5b928184243844abc5a8 e6579a8aa3e77a4062e2c80a790df87874b9fd0b ed019724bb1ae7f689dc5daca0556d76c9755f52c8aedfc0460c1a9f4d33d947 Loading...

	adserver.adreactor.com/servlet/view/banner/javascript/ajax/crossdomain/zone?zid=9&pid=8620&uuid=5a282d9e34c1bcf32aaf9cb321e905a9&tagid=avp_1560248483863&viewable=true&txid=13833229&sver=1&pvid=34346219&resolution=728x91&random=46351010&millis=1675160115872&referrer=https%3A%2F%2Fadsbb.dfiles.eu%2Fupload%2F1906%2Fad2708292742b09a.htm%3Fcanp%3Dadv_73b411c406ca38ecadcf742fe6ade752	1.7 kB	2023-03-13	2023-03-13
Pretty URL adserver.adreactor.com/servlet/view/banner/javascript/ajax/crossdomain/zone?zid=9&pid=8620&uuid=5a282d9e34c1bcf32aaf9cb321e905a9&tagid=avp_1560248483863&viewable=true&txid=13833229&sver=1&pvid=34346219&resolution=728x91&random=46351010&millis=1675160115872&referrer=https%3A%2F%2Fadsbb.dfiles.eu%2Fupload%2F1906%2Fad2708292742b09a.htm%3Fcanp%3Dadv_73b411c406ca38ecadcf742fe6ade752 IP 46.166.179.123 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:13:36 Last Seen2023-03-13 13:13:36 Times Seen1 Hash de0d46c6c3c741afd2482c329d727d7d 48ae1bd60c893cdfb871b807ac72ccad1b3bc9f9 b123df577e9c0e9c9ab54d6697250f95d3b471756d757c8ef0b3db8a4cc0bf86 Loading...

	cdn.unblockia.com/h.js	153 kB	2023-03-13	2023-03-13
Pretty URL cdn.unblockia.com/h.js IP 54.230.111.125 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:53:25 Last Seen2023-03-13 13:13:42 Times Seen1 Hash 98fc3bbd88283d1c72f41b1bacfbd6dc 1f8df39d2c287f707a6bf61042d802ae1148c4bb 5b8f4ac8ac022ffc9abd11e72493158e0339888b2d8aaa8fd542f5a016b617b4 Loading...

	dfiles.eu/files/dwijtgwns/Subnautica_41147.exe	418 B	2023-03-08	2023-03-14
Pretty URL dfiles.eu/files/dwijtgwns/Subnautica_41147.exe IP 91.226.124.76 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:01:55 Last Seen2023-03-14 16:35:35 Times Seen1 Hash 932ef900ee1c3c5a6eb49e3d64e82adb a476f0b0db5deb1004d2c064beda5cdc2e61140d d650d6df0f7a4e9511a3acc356dc9317cafe9b18600ac9c889dd5043cfa2e9d9 Loading...

	dfiles.eu/files/dwijtgwns/Subnautica_41147.exe	145 B	2023-03-07	2024-04-24
Pretty URL dfiles.eu/files/dwijtgwns/Subnautica_41147.exe IP 91.226.124.76 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2024-04-24 13:33:10 Times Seen400 Hash 25e8fa0a01ccad8580ab6d3e32224215 1417328ad6c6ec271babbd02e416084732e5fe16 a3c5c8f919fba5ed782546322677dfaf74cad0e631d95787d6e003d127481dfc Loading...

	dfiles.eu/files/dwijtgwns/Subnautica_41147.exe	196 B	2023-03-07	2024-04-24
Pretty URL dfiles.eu/files/dwijtgwns/Subnautica_41147.exe IP 91.226.124.76 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2024-04-24 13:33:10 Times Seen400 Hash 738f0ebda06d4e3be48f4576e83f5bdc e759a55fed96d6755fcfe6ca0e5462661623584c 89f8e0678a1c23c88167b818660ff3ee3177babd1941f25827c17884f0187f52 Loading...

	static.depositfiles.com/js/jquery.validate.js	38 kB	2023-03-07	2024-04-24
Pretty URL static.depositfiles.com/js/jquery.validate.js IP 91.226.124.77 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:56 Last Seen2024-04-24 13:33:10 Times Seen599 Hash d5231b6378847ebdb55f64c77d5a234f eed97aa0b2aa9486b6f6831ed8a85dc729ad6b9c 95434a8a2568a6481a1fbcf5808a75dd58e77348ed6d70b4f7aeda8842e8f0c7 Loading...

	dfiles.eu/files/dwijtgwns/Subnautica_41147.exe	475 B	2023-03-07	2024-04-24
Pretty URL dfiles.eu/files/dwijtgwns/Subnautica_41147.exe IP 91.226.124.76 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2024-04-24 13:33:10 Times Seen594 Hash 7d5b8ae86ab79df757399336af6dc4e6 d80237486fe292a185a576578308234114e302ce bf66c6e0c4ea53d83f6c17058e513aee1ff1c1fd319fe8fca1970ccc2151fed7 Loading...

	jsc.adskeeper.com/d/f/dfiles.eu.1285379.js	2.7 kB	2023-03-13	2023-04-26
Pretty URL jsc.adskeeper.com/d/f/dfiles.eu.1285379.js IP 172.64.151.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:28:26 Last Seen2023-04-26 05:48:31 Times Seen52 Hash 9a2a5f5db695f5e0efdb270198c87937 4903f62672b26ce366be96b53cb374b55b36de6c b88bae5fb3d8ed11603a072399d05b9d61b30df3466165a74120d864fa058ca3 Loading...

	adserver.adreactor.com/js/libcode3.js	27 kB	2023-03-07	2023-04-29
Pretty URL adserver.adreactor.com/js/libcode3.js IP 46.166.179.123 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2023-04-29 04:38:32 Times Seen72 Hash 9f26987138f732e84bf289ba5021da07 f627a749c37eec59f7b0741b86481a340969566a 480aaf97a3fa70af01f32c73e23a2f538b541f3477f8c283829f190d5af0a768 Loading...

	static.depositfiles.com/js/gold_offer.js	9.9 kB	2023-03-07	2024-04-24
Pretty URL static.depositfiles.com/js/gold_offer.js IP 91.226.124.77 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2024-04-24 13:33:10 Times Seen732 Hash 041bdbbe3ac15bc57b14933e164b55f8 790f921426d0b602424fb3077ca900af94b5ad9e a86d8d81e5c254822628c578c40d2d62956ab3060632d1884b5080093365b97b Loading...

	dfiles.eu/files/dwijtgwns/Subnautica_41147.exe	141 B	2023-03-07	2024-04-24
Pretty URL dfiles.eu/files/dwijtgwns/Subnautica_41147.exe IP 91.226.124.76 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2024-04-24 13:33:10 Times Seen405 Hash bba9a3136929bdf22ef7c58444cd035d d8ab7384a7eae0f0cb07f544c4da92fd28a88606 76b819fa6287efa9f226f132c5779e0399810c17f08ce9fa15ddf7e8be521deb Loading...

	dfiles.eu/files/dwijtgwns/Subnautica_41147.exe	124 B	2023-03-07	2024-04-24
Pretty URL dfiles.eu/files/dwijtgwns/Subnautica_41147.exe IP 91.226.124.76 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2024-04-24 13:33:10 Times Seen405 Hash ea56b045449a9a9b583e07a300254601 10f3457ead5193b389e2c5388688f1cfaedece73 292d2666bd7d7b11b87d541c20534f8d3c4ce40ec3bccc57c96d652ec30dcaf9 Loading...

	adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js	85 kB	2023-03-07	2024-04-24
Pretty URL adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js IP 91.226.124.76 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:20 Last Seen2024-04-24 15:59:49 Times Seen3839 Hash b04a3bccd23ddeb7982143707a63ccf9 4a5dc1389aad050a44ee5e81408238a317ab3413 764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b Loading...

	www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js	412 kB	2023-03-13	2023-03-13
Pretty URL www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js IP 216.58.211.3 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:01:06 Last Seen2023-03-13 15:37:41 Times Seen1 Hash 10fa8a547b2ef125150037f815579540 32d80f0b24826584a73c4113d51300b7666282cb a0a04c24a9bdaac0e8aa2d22df95a7ae8c0d744a31b732da3d6e4bb279c79e40 Loading...

	http:blank	1.6 kB	2023-03-08	2023-07-07
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:08:51 Last Seen2023-07-07 17:28:06 Times Seen29 Hash 50a37eda62234723b39a2e2af38318d6 406aadf92259b0950fab2997e85e838adac2a0ef e9f6f6470c290578ac14dcdfdc0d70e9e4df1c83279c6f730a29052b3cc933dd Loading...

	dfiles.eu/files/dwijtgwns/Subnautica_41147.exe	6.4 kB	2023-03-07	2023-05-15
Pretty URL dfiles.eu/files/dwijtgwns/Subnautica_41147.exe IP 91.226.124.76 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32:01 Last Seen2023-05-15 08:01:40 Times Seen25 Hash 937fba6d37ded7ba1d6590c7f8f05c98 94ab91990b60d9bb61d695861be173d302d323fa 91e0a37cceb1ffd8e92ab0905f7d2cf301ac450bbb8a0dc6684352b25ae3229e Loading...

	dfiles.eu/files/dwijtgwns/Subnautica_41147.exe	710 B	2023-03-13	2023-12-04
Pretty URL dfiles.eu/files/dwijtgwns/Subnautica_41147.exe IP 91.226.124.76 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:13:36 Last Seen2023-12-04 19:46:37 Times Seen2 Hash 9cd04c82e2f00431a9dae5d47eb69027 63b6944f5b35f7092697c1b8bf7a38c5d01adde0 990145e1ee52bee75362c526ca33e50d3ff8ebffb358cb60c7b7697d2e8bb906 Loading...

	adsbb.dfiles.eu/upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752	240 B	2023-03-13	2023-03-13
Pretty URL adsbb.dfiles.eu/upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 IP 91.226.124.76 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:13:32 Last Seen2023-03-13 13:13:36 Times Seen1 Hash a6740df7e1c1785cb3fecfdf0cf421a5 3c849ec02b5c6a74b376ae8aaf12a9518fee5f31 c158dc9f2eb981058ddebff4630c0a625cdb56ad371e069afb23ab789bca3423 Loading...

	adsbb.dfiles.eu/upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752	99 B	2023-03-07	2023-04-02
Pretty URL adsbb.dfiles.eu/upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 IP 91.226.124.76 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2023-04-02 21:29:32 Times Seen56 Hash 5853c66ff7f2be817e13aa11e3ad5133 305abee8cfef7908064d01388eff7be16122218d e32e9a1c34600d064c193d254afe07296829222180ea25b043b7c2edf73722a2 Loading...

	ads.a-static.com/0/html/pd/allsize.html?w=728&h=90&ct=http%3A%2F%2Fadserver.adreactor.com%2Fclkz%3Fzid%3D9%26cid%3D18656%26mid%3D14162%26pid%3D8620%26sid%3D19%26uuid%3D5a282d9e34c1bcf32aaf9cb321e905a9%26ip%3D91.90.42.154%26default%3Dfalse%26random%3D46351010%26timestamp%3D20230131051459%26test%3Dfalse%26resolution%3D728x91%26referrer%3Dhttps%253A%252F%252Fadsbb.dfiles.eu%252Fupload%252F1906%252Fad2708292742b09a.htm%253Fcanp%253Dadv_73b411c406ca38ecadcf742fe6ade752%26redirect%3D&rurl=https%3A%2F%2Fwww.gadgetsarena.org%2F%3Futm_source%3Ds-8620%26utm_medium%3Dbanner%26utm_campaign%3Dc-18656&g=NO&b=Firefox&bd=0&b1t=Mobile%20Reviews&b2t=Watch%20Now&b1tc=ffffff&b2tc=000000&b1bc=f90606&b2bc=1ad31d	233 B	2023-03-07	2023-04-02
Pretty URL ads.a-static.com/0/html/pd/allsize.html?w=728&h=90&ct=http%3A%2F%2Fadserver.adreactor.com%2Fclkz%3Fzid%3D9%26cid%3D18656%26mid%3D14162%26pid%3D8620%26sid%3D19%26uuid%3D5a282d9e34c1bcf32aaf9cb321e905a9%26ip%3D91.90.42.154%26default%3Dfalse%26random%3D46351010%26timestamp%3D20230131051459%26test%3Dfalse%26resolution%3D728x91%26referrer%3Dhttps%253A%252F%252Fadsbb.dfiles.eu%252Fupload%252F1906%252Fad2708292742b09a.htm%253Fcanp%253Dadv_73b411c406ca38ecadcf742fe6ade752%26redirect%3D&rurl=https%3A%2F%2Fwww.gadgetsarena.org%2F%3Futm_source%3Ds-8620%26utm_medium%3Dbanner%26utm_campaign%3Dc-18656&g=NO&b=Firefox&bd=0&b1t=Mobile%20Reviews&b2t=Watch%20Now&b1tc=ffffff&b2tc=000000&b1bc=f90606&b2bc=1ad31d IP 46.166.179.118 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2023-04-02 21:29:32 Times Seen31 Hash 208e0ae80d60a1af0eaddd60d0269c3e c936a262c9682433bf4302024ba2fc60a8bd56bc f4365eeff0cba50cb6a3b2546dbc416530a5456c53680ca1ecd115bea9ce1ef5 Loading...

	static.depositfiles.com/js/function.js	35 kB	2023-03-07	2024-04-24
Pretty URL static.depositfiles.com/js/function.js IP 91.226.124.77 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2024-04-24 13:33:10 Times Seen1122 Hash a5779d2f560cd50376dbba372b0fd15b 07b08e35b9254288c1372e37577db8b9e4da01b4 51d26403861d61a7842bc73f518d4a4351a7027c40c9f0347f61421226950b84 Loading...

	dfiles.eu/files/dwijtgwns/Subnautica_41147.exe	139 B	2023-03-07	2024-04-24
Pretty URL dfiles.eu/files/dwijtgwns/Subnautica_41147.exe IP 91.226.124.76 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:56 Last Seen2024-04-24 13:33:10 Times Seen592 Hash 096fbc4b579acc65367920b87875c1f0 53a8d0be557838d6912339a6f684ac434f9cedc0 4a590c7532c8fdd5e2f6fe223990b525091f9412faf8b2971bfdc1e69be03cd2 Loading...

	adsbb.dfiles.eu/upload/2203/ad27602963634849.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752	141 B	2023-03-07	2023-04-05
Pretty URL adsbb.dfiles.eu/upload/2203/ad27602963634849.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 IP 91.226.124.76 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2023-04-05 02:06:56 Times Seen70 Hash ea7bafbce03b9546cee60ff6d393128e 04b1df0124ee6c42e1b441b2d3785168914e7234 fa6fbe9fd0662566750d4f12643e9c61a2cc5f8bf438c3d3f4f2cb373a1b72e2 Loading...

	adserver.adreactor.com/servlet/tagger/25499622/1675160115821	67 B	2023-03-13	2023-03-13
Pretty URL adserver.adreactor.com/servlet/tagger/25499622/1675160115821 IP 46.166.179.123 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:13:36 Last Seen2023-03-13 13:13:36 Times Seen1 Hash 53e2dd794f4762051d48ae68143da0d2 8dbd7dd34ef79852ccbf32bbc9354780ee0a853b 7d60d05bf0c2b590aca23bb3abb910275c3c3729a648c10cd87510cab3b52d8e Loading...

	adsbb.dfiles.eu/upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752	325 B	2023-03-07	2023-04-02
Pretty URL adsbb.dfiles.eu/upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 IP 91.226.124.76 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2023-04-02 21:29:32 Times Seen56 Hash 814fea15f93270df9c1f407679255789 e401b58d6d7133b9e3b9f0116dbc35ef82008ba1 9719e5dd57e2693096fd5e1ed206d3e8fa784a18d01ca2f7e9e30c49dde5ac78 Loading...

	ads.a-static.com/0/html/pd/allsize.html?w=728&h=90&ct=http%3A%2F%2Fadserver.adreactor.com%2Fclkz%3Fzid%3D9%26cid%3D18656%26mid%3D14162%26pid%3D8620%26sid%3D19%26uuid%3D5a282d9e34c1bcf32aaf9cb321e905a9%26ip%3D91.90.42.154%26default%3Dfalse%26random%3D46351010%26timestamp%3D20230131051459%26test%3Dfalse%26resolution%3D728x91%26referrer%3Dhttps%253A%252F%252Fadsbb.dfiles.eu%252Fupload%252F1906%252Fad2708292742b09a.htm%253Fcanp%253Dadv_73b411c406ca38ecadcf742fe6ade752%26redirect%3D&rurl=https%3A%2F%2Fwww.gadgetsarena.org%2F%3Futm_source%3Ds-8620%26utm_medium%3Dbanner%26utm_campaign%3Dc-18656&g=NO&b=Firefox&bd=0&b1t=Mobile%20Reviews&b2t=Watch%20Now&b1tc=ffffff&b2tc=000000&b1bc=f90606&b2bc=1ad31d	4.1 kB	2023-03-07	2023-04-02
Pretty URL ads.a-static.com/0/html/pd/allsize.html?w=728&h=90&ct=http%3A%2F%2Fadserver.adreactor.com%2Fclkz%3Fzid%3D9%26cid%3D18656%26mid%3D14162%26pid%3D8620%26sid%3D19%26uuid%3D5a282d9e34c1bcf32aaf9cb321e905a9%26ip%3D91.90.42.154%26default%3Dfalse%26random%3D46351010%26timestamp%3D20230131051459%26test%3Dfalse%26resolution%3D728x91%26referrer%3Dhttps%253A%252F%252Fadsbb.dfiles.eu%252Fupload%252F1906%252Fad2708292742b09a.htm%253Fcanp%253Dadv_73b411c406ca38ecadcf742fe6ade752%26redirect%3D&rurl=https%3A%2F%2Fwww.gadgetsarena.org%2F%3Futm_source%3Ds-8620%26utm_medium%3Dbanner%26utm_campaign%3Dc-18656&g=NO&b=Firefox&bd=0&b1t=Mobile%20Reviews&b2t=Watch%20Now&b1tc=ffffff&b2tc=000000&b1bc=f90606&b2bc=1ad31d IP 46.166.179.118 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2023-04-02 21:29:32 Times Seen31 Hash 0589a168e4e265783302967b7fc927a2 384130887c476c7fd9af63ea8892c2bed719283f 15a04fe75928ad8b453c832f6693f3658c6d46d84253a05f33d005f88121e79f Loading...

	static.depositfiles.com/js/download_utils.js	13 kB	2023-03-07	2024-04-24
Pretty URL static.depositfiles.com/js/download_utils.js IP 91.226.124.77 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2024-04-24 13:33:10 Times Seen749 Hash 90a706006bc709cdc974ff3e0e01b34f 89585d2c7cac44c9c03c118bbb38aefba1d8a1e4 16f1515b9938fc7de086c504fe214484d97e237647a5d7fa2cb742a93f00c1ea Loading...

	static.depositfiles.com/js/base2.js	399 kB	2023-03-07	2024-04-24
Pretty URL static.depositfiles.com/js/base2.js IP 91.226.124.77 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:54 Last Seen2024-04-24 13:33:10 Times Seen1091 Hash 2fcae8126c3fd9a626370a701f0bd887 f3496fb7bbe122a9774d7dcfcd68da03a24dc285 d29ab86f64b4fcfbc45b9ef806c147f1e42e37e37d44a559147232288063badc Loading...

	www.google.com/recaptcha/api.js	850 B	2023-03-13	2023-03-13
Pretty URL www.google.com/recaptcha/api.js IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:02:57 Last Seen2023-03-13 15:37:41 Times Seen1 Hash a1dd36c7e009478663c7566f99842331 c8c525f28c3c365989810c70ed2fc201028feb49 798d033ebf2fad984eed199fbcaf69b408342f8cf4b074c8935105062e444f0e Loading...

	pl16105218.highcpmrevenuenetwork.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js	37 kB	2023-03-13	2023-03-13
Pretty URL pl16105218.highcpmrevenuenetwork.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:27:26 Last Seen2023-03-13 13:33:18 Times Seen1 Hash f6ce0a0a2ae3521f2940ab6468c69ac9 35b16f52a22b15f46b0c5ee0d0975c669745a16a 8b7d71f48796527426eb564242b6c8150c62316c0d46c2afa59e3e7540d78a87 Loading...

		Size	First Seen	Last Seen
	#1 Eval - deadc7431ca60c864078c7b1b57b0382	45 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash deadc7431ca60c864078c7b1b57b0382 088b94c9b490d0454434bfafb684c6ef4c3c3d1d d7fff9897aaa9675a3652e7cac1a8c2a3427b896b5cc0ab5ffd628f9bb106e34 Loading...

	#2 Eval - e116d02f42e23573c47a3e5d2a93e2e7	46 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1124 Hash e116d02f42e23573c47a3e5d2a93e2e7 34a847abb13bc8a6607d118069415661c48ffafc e218a1ac15f252350ef2646dead414bf35db450215962e63da301cb7c3f064eb Loading...

	#3 Eval - c4c99d99e150fd4661e8259b8f0baac8	35 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1124 Hash c4c99d99e150fd4661e8259b8f0baac8 77772ffc0d98ada5f46c88c69fd7ba7cc1c3a96d 022ae916a59e1d7cb709a35e757c60e6626bfccd2c1e87c5ad6b432f0f1b1538 Loading...

	#4 Eval - adcadd21e1cc9b9d64a652b7179b929a	45 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash adcadd21e1cc9b9d64a652b7179b929a d4433f6c1d1b07f13e8380cfd95c542b9c2535df e44d38f746ee1fa3b3ef03ed6ea3f298c25e173b6daea3c4505afce8bb869508 Loading...

	#5 Eval - 2dcb806d3e88f26e25e5234aad71f33a	115 B	2023-03-13	2023-12-04
Pretty Observations First Seen2023-03-13 13:13:36 Last Seen2023-12-04 19:46:37 Times Seen2 Hash 2dcb806d3e88f26e25e5234aad71f33a 6ab4e206a0d5e5d6f95e373fec3abc12ce457f97 c5bfa7e27e9ba1a57b8e41faffe67709c113fd2969679213082df81d936a86d1 Loading...

	#6 Eval - 6ae367f7d7c3f08e67a16f4ad82e7dca	42 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 6ae367f7d7c3f08e67a16f4ad82e7dca 81424a630ea828a1b783bedccbe3614e2702c299 2fc752a40595d1d6681e6be3ebd8f44cdda99876ff9ee19fe654647a6a11415e Loading...

	#7 Eval - 6417cc1e9a41402a403a38f10e401182	41 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1124 Hash 6417cc1e9a41402a403a38f10e401182 c0ef1ed95155ccd56c01207ad2e42b9e2edbbd8e 25fde17ee6ee622be6ebf83118c8802af55f2721a375a4017d6dec6edaf3b37b Loading...

	#8 Eval - cef0b78101ef9c4812fae1e6cafda473	21 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1123 Hash cef0b78101ef9c4812fae1e6cafda473 f8fb9a7ff103d095cd4f5a80f5b6f0e2cfce4356 5f7d79033f82e1d81e2e6490b1fe43f241e2889aae35ea6d5f968ca697f5a577 Loading...

	#9 Eval - cb78ba36cac064165e41253b248d1e96	36 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash cb78ba36cac064165e41253b248d1e96 1d1f956853fd2f2d7d4e291b5d615537bb96713f 2d498779a32244d72a8a7d953918ce95c00fab9d3b129b2a1c3125fb263ccb45 Loading...

	#10 Eval - 0e5f4da7554e493ccd00e092e4fd85ff	31 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 0e5f4da7554e493ccd00e092e4fd85ff 78f043bc3bb59baf65185e29f3fa75b5f22d024d fb71685befff6e5c6fb9e2dd5f9bea6c71a2a162b39920f3927ef5ebfcf0134d Loading...

	#11 Eval - b9c95d7df82ab576585babc9b933f844	36 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash b9c95d7df82ab576585babc9b933f844 3855cdde37780e1b763b995bfb977036917f803a a612f8985aebacd5c5fa6b17d16982a29983ae9131bae94403ff9abe1ce2ded2 Loading...

	#12 Eval - c046c71777b1d9ff147a8d04d76771e5	32 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1124 Hash c046c71777b1d9ff147a8d04d76771e5 c3c7716eab0ed9ea66365a6f9f7bac166dfaca94 a535a9a97ed5a801419c63a6e764dd3b24c8456f177155717caf9ba3411ef756 Loading...

	#13 Eval - bcfc797a1fd15c07566cb8930dde093f	41 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash bcfc797a1fd15c07566cb8930dde093f 564385b812a1c00532b2f7e6c66ddd6f8d0d4200 e9d851c02746b7bd4d9207264c143f76480b69aa3552b1cdaa79ee537d83f5ac Loading...

	#14 Eval - 76c4793055e5506049c3d1a3ca7c9961	39 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 76c4793055e5506049c3d1a3ca7c9961 20339a96f3b80e1543d7834aa40915986a6ecb28 aaa8c0ab87c7070701d0a29a610c65a4c1d29153c2d14623602acef3eea646dd Loading...

	#15 Eval - 45ce5d15da1dc1603f56d0399b3399c6	30 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 45ce5d15da1dc1603f56d0399b3399c6 285d4d78fc31669c66f2e463ebe81cc020356b3b 7ceacb36606d6f6599d3ed5454c31152cb4417fb3c02ebb66431c4227a653726 Loading...

	#16 Eval - 308ce9eddcf87856319c6e887a328f7a	28 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 308ce9eddcf87856319c6e887a328f7a e0741915340fd264162316bc3bd1749265d0ec9b 4f6a557989f79654728dcb244539b604c5329db30b964d6e8c524c72517b9fa6 Loading...

	#17 Eval - 4df9c33be035899035ba28356b2bc2c0	22 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 4df9c33be035899035ba28356b2bc2c0 e438d9658895c6c7a57a5eda1bb97d3715360ccf c624a79f9c72c617d0ed1ad3207a67a39f6243071e14c4ebeace5dcff97313a3 Loading...

	#18 Eval - 3dd772ed2472872392d0a81700b9ccca	28 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 3dd772ed2472872392d0a81700b9ccca b070cf82068fd167e47ef731788cb29ef6f85516 fca3cd5a7ca3a44b75f81e0c169fe599fb48741835c83b5616e304b3f722522b Loading...

	#19 Eval - 282b4cc68a675357c3ca24fe28d8ab04	19 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 282b4cc68a675357c3ca24fe28d8ab04 c8b868fb5effed4b8596709293518ce4caf64131 67909fba812519f6eced963d195970a41923b591290d48f96704719fc6b74ec5 Loading...

	#20 Eval - 27eea290f34428348ba312ac7e6a9427	114 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 07:35:46 Last Seen2023-03-13 18:53:31 Times Seen1 Hash 27eea290f34428348ba312ac7e6a9427 e9b8c68da439db613145885bb162f3717dff72de e8b06ec78125908b8a811fff3d823111ef27d379fbfbc37bb6e9fa338c979b97 Loading...

	#21 Eval - 1fedf6baa87d9b256a83e8e3e1b65056	35 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 1fedf6baa87d9b256a83e8e3e1b65056 0263fde258ce38794a920a672a854204bd618bcc 7013ec5264e02f54f3b42e05b51fd1ad0f180fa3870b71acd2f1a384cc81d601 Loading...

	#22 Eval - 88d55cacec67fdda96068949334b0499	25 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 88d55cacec67fdda96068949334b0499 78575799753ceb53d79fd7ce691b691adfbcddcd cfd8889f26f46323b63c7766e414faf4a4171cc959c4c2b2e6a64c0ec3edf13f Loading...

	#23 Eval - aa4b04f82e6a9ea00c22ad12c62ae537	31 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash aa4b04f82e6a9ea00c22ad12c62ae537 43b5422f1f6b61b34e126bdf039b8cbc6f0d697c 0408d20a8555f96ab5cced9f89880c477f78d4ade576e5618b04094f034fb081 Loading...

	#24 Eval - 3f22c207dbad59397f7a3414ecfa6587	43 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 3f22c207dbad59397f7a3414ecfa6587 8509ea5b1d728f5be0f7eae7548d3593f98c5402 0220aceb9c3413632235ce2598b94dd7a130a95558114c04ad41f9386b69777b Loading...

	#25 Eval - 77c872a879b679ddb8628ee5ac827690	26 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 77c872a879b679ddb8628ee5ac827690 895799a91a5f4cac4be6c5b5de261dccc02cf157 59d45abada49f5b514521b527330402a2d826ae3f0dab2199c58c38f1e511777 Loading...

	#26 Eval - da9b396eb92f6b099e8d0e01044e253d	19 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1124 Hash da9b396eb92f6b099e8d0e01044e253d 929359434c1f79501f2dd778c5a9a6af9034476b 631bd9a13534679ce526b007d4fc8352793377d89bcc321392b01ecf075c4101 Loading...

	#27 Eval - 4e70865b8eb7f390c3e82cb023ec718e	39 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 4e70865b8eb7f390c3e82cb023ec718e 2242a0ee3b512687bd55789854529cb4f2106e20 04f881dff1163e4e36943700ddbcf25667dfe7e0b154d21e181a771955264d60 Loading...

	#28 Eval - 1877f709235efe3edcf15b14afba4ca2	35 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 1877f709235efe3edcf15b14afba4ca2 b2b3bc3c703e869ae5f190981b0354bbd8abbbf6 41aae560d6dd4b675e6e45d30c1572db537659e580ac434c4b89b76e4f3dc5ac Loading...

	#29 Eval - 4e96dc12176baffec5f6c2b824b8b037	21 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1124 Hash 4e96dc12176baffec5f6c2b824b8b037 cbffdfa5e083b9ff6d40f059aed02ad96cdcd77d 37ceb2a749341c51c7b8c25daaa71dc167b4aba7485c9b398b8ab004b685e492 Loading...

	#30 Eval - 97976045385267c941449d1ba56a276e	33 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 97976045385267c941449d1ba56a276e 3ffc8cc59740faafcf3b0f0efb3f12f6b689dc90 92cc9c48ca7d897742a37b1578ba7c99e9d9c405fced233bb9a3270ef84fddfc Loading...

		Size	First Seen	Last Seen
	#1 Write - e6ea7de4321e2fed42fa328bcb4b21d9	96 B	2023-03-13	2023-12-04
Pretty Observations First Seen2023-03-13 13:13:36 Last Seen2023-12-04 19:46:37 Times Seen2 Hash e6ea7de4321e2fed42fa328bcb4b21d9 4d73c1f1aacefab75b9a4c61e04251d04b4812f6 6ac0c26cc1ed86e13969f7df6ba882045fb614a6e65e1796e5742b1199011818 Loading...

	#2 Write - 3bc42f03b3f1761ea9f95a335ab2bbba	77 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 01:26:57 Last Seen2024-04-24 13:33:10 Times Seen581 Hash 3bc42f03b3f1761ea9f95a335ab2bbba 4ab15b6c153a542425f02baadcc1ed4867078b8d 1f8c7edef8c37d8821755ee623f481f29d6584195b327d15ac5abe6d243d8ec0 Loading...

	#3 Write - 42d5f5d6d58215463d412d2fd3745a5f	965 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 13:13:36 Last Seen2023-03-13 13:13:36 Times Seen1 Hash 42d5f5d6d58215463d412d2fd3745a5f 52a6132f7a7a3c123b0109e7a2b5ec0510d7e69c cd983a46069d12285c6b0f24aafc0890b967b1d51839d98cc91521838a9ca565 Loading...

HTTP Transactions (120)

URL IP Response Size

dfiles.eu/files/dwijtgwns/Subnautica_41147.exe

91.226.124.76

302 Moved Temporarily

138 B

URL HTTP/1.1
dfiles.eu/files/dwijtgwns/Subnautica_41147.exe
IP
91.226.124.76:0
ASN
#35415 Webzilla B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
138 B (138 bytes)
Hash
aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0

HTTP Headers

GET /files/dwijtgwns/Subnautica_41147.exe HTTP/1.1
Host: dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 31 Jan 2023 10:14:57 GMT
Content-Type: text/html
Content-Length: 138
Connection: close
Location: https://dfiles.eu/files/dwijtgwns/Subnautica_41147.exe

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4549
Expires: Tue, 31 Jan 2023 11:30:46 GMT
Date: Tue, 31 Jan 2023 10:14:57 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4192
Expires: Tue, 31 Jan 2023 11:24:49 GMT
Date: Tue, 31 Jan 2023 10:14:57 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 09:35:52 GMT
content-type: application/json
age: 2345
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12672
Expires: Tue, 31 Jan 2023 13:46:09 GMT
Date: Tue, 31 Jan 2023 10:14:57 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ef3d52b137dd128e1378c2643fec2e87
5a91fd1509de79d2cd9c7896981a8fa2fb399f3c
a0c12557d9a7afb57b3db0ddf3e4b2fcfa1da23661c1bd1e0e800483ebf845d6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0C12557D9A7AFB57B3DB0DDF3E4B2FCFA1DA23661C1BD1E0E800483EBF845D6"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12106
Expires: Tue, 31 Jan 2023 13:36:43 GMT
Date: Tue, 31 Jan 2023 10:14:57 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: /rYPICyXnJdVS2HNaUNKHtr1HpJ17VBUoEzr5UBIMF2yrPjZ7mS4S6xcGxy8dlNpiFMkG+40crk=
x-amz-request-id: KF89TZPKRW2EPR35
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 09:22:09 GMT
age: 3168
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

dfiles.eu/files/dwijtgwns/Subnautica_41147.exe

91.226.124.76

200 OK

9.1 kB

URL HTTP/1.1
dfiles.eu/files/dwijtgwns/Subnautica_41147.exe
IP
91.226.124.76:0
ASN
#35415 Webzilla B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6441), with CRLF, CR, LF line terminators
Size
9.1 kB (9117 bytes)
Hash
f547dc0dc43974a5b3a64a9738234ca2
cd06a500d4bd9e9adad8b067dd4ea0917e67867e
1465353246e5446ee3cd7d0ae6b1cd352316132355cf6d6cdc4e571d7172074a

HTTP Headers

GET /files/dwijtgwns/Subnautica_41147.exe HTTP/1.1
Host: dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 10:14:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: uprand=89aeb1ecb6da72215d0b4bdc34f602e3; path=/; domain=.dfiles.eu
last_file=dwijtgwns; path=/; domain=.dfiles.eu
lang_current=en; expires=Wed, 31-Jan-2024 10:14:57 GMT; Max-Age=31536000; path=/; domain=.dfiles.eu; secure
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 10:14:57 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
840948e57a644c2ac8f1e653a4587ba7
43a1d90bcf03fabb6278c55e348b2842eca87c4c
e12b77f9ac8e2dab43186d6fa83e7fbbed8582432f81fc58e355f5ffdbf80ce5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E12B77F9AC8E2DAB43186D6FA83E7FBBED8582432F81FC58E355F5FFDBF80CE5"
Last-Modified: Tue, 31 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8989
Expires: Tue, 31 Jan 2023 12:44:47 GMT
Date: Tue, 31 Jan 2023 10:14:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
840948e57a644c2ac8f1e653a4587ba7
43a1d90bcf03fabb6278c55e348b2842eca87c4c
e12b77f9ac8e2dab43186d6fa83e7fbbed8582432f81fc58e355f5ffdbf80ce5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E12B77F9AC8E2DAB43186D6FA83E7FBBED8582432F81FC58E355F5FFDBF80CE5"
Last-Modified: Tue, 31 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8989
Expires: Tue, 31 Jan 2023 12:44:47 GMT
Date: Tue, 31 Jan 2023 10:14:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
840948e57a644c2ac8f1e653a4587ba7
43a1d90bcf03fabb6278c55e348b2842eca87c4c
e12b77f9ac8e2dab43186d6fa83e7fbbed8582432f81fc58e355f5ffdbf80ce5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E12B77F9AC8E2DAB43186D6FA83E7FBBED8582432F81FC58E355F5FFDBF80CE5"
Last-Modified: Tue, 31 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8989
Expires: Tue, 31 Jan 2023 12:44:47 GMT
Date: Tue, 31 Jan 2023 10:14:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
840948e57a644c2ac8f1e653a4587ba7
43a1d90bcf03fabb6278c55e348b2842eca87c4c
e12b77f9ac8e2dab43186d6fa83e7fbbed8582432f81fc58e355f5ffdbf80ce5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E12B77F9AC8E2DAB43186D6FA83E7FBBED8582432F81FC58E355F5FFDBF80CE5"
Last-Modified: Tue, 31 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8989
Expires: Tue, 31 Jan 2023 12:44:47 GMT
Date: Tue, 31 Jan 2023 10:14:58 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2ac1bcdceabf1fc4e07017906aa8a815
ba00b737325fc50b35af8d851ced0fe13d1cba22
c6c54f5dbbfc40b454b9c67a7972827f500d83b10a1594f7cb56c69158278c08

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 10:14:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

static.depositfiles.com/js/download_utils.js

91.226.124.77

200 OK

13 kB

URL HTTP/1.1
static.depositfiles.com/js/download_utils.js
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
ASCII text, with very long lines (2250)
Size
13 kB (13383 bytes)
Hash
90a706006bc709cdc974ff3e0e01b34f
89585d2c7cac44c9c03c118bbb38aefba1d8a1e4
16f1515b9938fc7de086c504fe214484d97e237647a5d7fa2cb742a93f00c1ea

HTTP Headers

GET /js/download_utils.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 10:14:58 GMT
Content-Type: application/javascript
Content-Length: 13383
Last-Modified: Thu, 28 Apr 2022 10:40:27 GMT
Connection: keep-alive
ETag: "626a6f1b-3447"
Expires: Tue, 31 Jan 2023 10:19:58 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes

static.depositfiles.com/js/gold_offer.js

91.226.124.77

200 OK

9.9 kB

URL HTTP/1.1
static.depositfiles.com/js/gold_offer.js
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
HTML document text\012- HTML document, ASCII text
Size
9.9 kB (9887 bytes)
Hash
041bdbbe3ac15bc57b14933e164b55f8
790f921426d0b602424fb3077ca900af94b5ad9e
a86d8d81e5c254822628c578c40d2d62956ab3060632d1884b5080093365b97b

HTTP Headers

GET /js/gold_offer.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 10:14:58 GMT
Content-Type: application/javascript
Content-Length: 9887
Last-Modified: Thu, 28 Apr 2022 10:40:27 GMT
Connection: keep-alive
ETag: "626a6f1b-269f"
Expires: Tue, 31 Jan 2023 10:19:58 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes

www.google.com/recaptcha/api.js

216.58.207.228

200 OK

556 B

URL HTTP/2
www.google.com/recaptcha/api.js
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (850), with no line terminators
Size
556 B (556 bytes)
Hash
f678bcfbe98b4039961065c12543bfd0
31a000bba532f910d036c24c795ef3636450e4c3
1dabb56e42c7b0a90264a0e7d8884e4111eed0e1b6321cab5f6e26440d63da8d

HTTP Headers

GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Tue, 31 Jan 2023 10:14:58 GMT
date: Tue, 31 Jan 2023 10:14:58 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 556
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.depositfiles.com/js/jquery.validate.js

91.226.124.77

200 OK

38 kB

URL HTTP/1.1
static.depositfiles.com/js/jquery.validate.js
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
Unicode text, UTF-8 text, with very long lines (1238)
Size
38 kB (38269 bytes)
Hash
d5231b6378847ebdb55f64c77d5a234f
eed97aa0b2aa9486b6f6831ed8a85dc729ad6b9c
95434a8a2568a6481a1fbcf5808a75dd58e77348ed6d70b4f7aeda8842e8f0c7

HTTP Headers

GET /js/jquery.validate.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 10:14:58 GMT
Content-Type: application/javascript
Content-Length: 38269
Last-Modified: Thu, 28 Apr 2022 10:40:27 GMT
Connection: keep-alive
ETag: "626a6f1b-957d"
Expires: Tue, 31 Jan 2023 10:19:58 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes

static.depositfiles.com/js/function.js

91.226.124.77

200 OK

35 kB

URL HTTP/1.1
static.depositfiles.com/js/function.js
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
ASCII text, with very long lines (4240)
Size
35 kB (34915 bytes)
Hash
a5779d2f560cd50376dbba372b0fd15b
07b08e35b9254288c1372e37577db8b9e4da01b4
51d26403861d61a7842bc73f518d4a4351a7027c40c9f0347f61421226950b84

HTTP Headers

GET /js/function.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 10:14:58 GMT
Content-Type: application/javascript
Content-Length: 34915
Last-Modified: Thu, 28 Apr 2022 10:40:27 GMT
Connection: keep-alive
ETag: "626a6f1b-8863"
Expires: Tue, 31 Jan 2023 10:19:58 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes

static.depositfiles.com/css/main.css

91.226.124.77

200 OK

47 kB

URL HTTP/1.1
static.depositfiles.com/css/main.css
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
ASCII text, with very long lines (332)
Size
47 kB (46819 bytes)
Hash
cea03c07a2dcdd9444f5f6de6a3f6c64
89307ec85eb1fa31aa0b0d759e13f78970b0375b
5ecd5842291f787ca0d39182e73ab7992ed55dccce2aaeb7cfc4e10ba3917634

HTTP Headers

GET /css/main.css HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 10:14:58 GMT
Content-Type: text/css
Last-Modified: Thu, 28 Apr 2022 10:40:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"626a6f19-2f719"
Expires: Tue, 31 Jan 2023 10:19:58 GMT
Cache-Control: max-age=300
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 10:14:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a60a0ff8d4e4f355f6555c0150b6ebcd
96fbae8d157869b4a36ea7e90f58298c2e23dd36
f70a5e302b2ae8a358cd4601202e9646067b8d3f11fd51f1ca9ff38a64a72c7d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F70A5E302B2AE8A358CD4601202E9646067B8D3F11FD51F1CA9FF38A64A72C7D"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5625
Expires: Tue, 31 Jan 2023 11:48:43 GMT
Date: Tue, 31 Jan 2023 10:14:58 GMT
Connection: keep-alive

static.depositfiles.com/js/base2.js

91.226.124.77

200 OK

399 kB

URL HTTP/1.1
static.depositfiles.com/js/base2.js
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
Unicode text, UTF-8 text, with very long lines (65481)
Size
399 kB (398927 bytes)
Hash
2fcae8126c3fd9a626370a701f0bd887
f3496fb7bbe122a9774d7dcfcd68da03a24dc285
d29ab86f64b4fcfbc45b9ef806c147f1e42e37e37d44a559147232288063badc

HTTP Headers

GET /js/base2.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 10:14:58 GMT
Content-Type: application/javascript
Content-Length: 398927
Last-Modified: Thu, 28 Apr 2022 10:40:27 GMT
Connection: keep-alive
ETag: "626a6f1b-6164f"
Expires: Tue, 31 Jan 2023 10:19:58 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 09:41:42 GMT
age: 1996
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

pl16105218.highcpmrevenuenetwork.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js

192.243.59.13

200 OK

13 kB

URL HTTP/1.1
pl16105218.highcpmrevenuenetwork.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (37146), with no line terminators
Size
13 kB (13438 bytes)
Hash
e7ad318e41b1c33a6757792332b9e5fa
51b910eda5b2db2f28b452b6748251b55f72d3d6
ffb4f017abdd77c32f15ebdedded61539b77803ed8b28203164fe03b569bc9cc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js HTTP/1.1
Host: pl16105218.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 31 Jan 2023 10:14:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b85eb76062a9b49c353b5e6b01a2b06c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

static.depositfiles.com/images/no.png

91.226.124.77

200 OK

3.1 kB

URL HTTP/1.1
static.depositfiles.com/images/no.png
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
3.1 kB (3146 bytes)
Hash
1724ae7b4437c460dafe40dfe9f96d41
8dc80d5b802f180254a8ee1bf1edf0b843205f1e
9b95b8f24b2b0808d611f4fd9bf5f3c548b352ae6100ab7b298b99a86905db79

HTTP Headers

GET /images/no.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 10:14:58 GMT
Content-Type: image/png
Content-Length: 3146
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-c4a"
Accept-Ranges: bytes

static.depositfiles.com/images/speed_small.gif

91.226.124.77

200 OK

24 kB

URL HTTP/1.1
static.depositfiles.com/images/speed_small.gif
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
GIF image data, version 89a, 200 x 200\012- data
Size
24 kB (23980 bytes)
Hash
5cbc96bbb7230dd17ed38b5dd6e3271c
6ee1f0b9e29ac3e824cccd6e5135d51c8d3aaea1
01edcbb65e514def555b1e999d3a72f118f67e572f628293b91893b3758c6991

HTTP Headers

GET /images/speed_small.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 10:14:58 GMT
Content-Type: image/gif
Content-Length: 23980
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-5dac"
Expires: Sun, 05 Feb 2023 10:14:58 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

static.depositfiles.com/images/yes.png

91.226.124.77

200 OK

3.3 kB

URL HTTP/1.1
static.depositfiles.com/images/yes.png
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
3.3 kB (3275 bytes)
Hash
3055b8489aeb385fb40b27f0bf0a5ae7
4cfbe45a0ba393ab8ad535cc04af30debef0a1ab
b325d6cb153b02050e59230e2abfb01e05f4bda708ad54bd8f6d9693fa9c2dac

HTTP Headers

GET /images/yes.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 10:14:58 GMT
Content-Type: image/png
Content-Length: 3275
Last-Modified: Thu, 28 Apr 2022 10:40:27 GMT
Connection: keep-alive
ETag: "626a6f1b-ccb"
Accept-Ranges: bytes

static.depositfiles.com/images/speed_small_gold.gif

91.226.124.77

200 OK

14 kB

URL HTTP/1.1
static.depositfiles.com/images/speed_small_gold.gif
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
GIF image data, version 89a, 200 x 200\012- data
Size
14 kB (14492 bytes)
Hash
c5f8f0e9ecd16637e267912376c24bed
324567a641d318ecfafe6374dfba86ccb2f90dd7
13678b229b6c4224bcb9578a2f29bc3686958f4bea73af7645eb39af4246e6a9

HTTP Headers

GET /images/speed_small_gold.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 10:14:58 GMT
Content-Type: image/gif
Content-Length: 14492
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-389c"
Expires: Sun, 05 Feb 2023 10:14:58 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18315
Expires: Tue, 31 Jan 2023 15:20:13 GMT
Date: Tue, 31 Jan 2023 10:14:58 GMT
Connection: keep-alive

static.depositfiles.com/images/logo.png

91.226.124.77

200 OK

3.6 kB

URL HTTP/1.1
static.depositfiles.com/images/logo.png
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
PNG image data, 176 x 43, 8-bit/color RGBA, non-interlaced\012- data
Size
3.6 kB (3623 bytes)
Hash
c41fdd84b04e45a91cb17cfdeccb1b38
fec7fffe104c7e169aeb159032078c4b71ff2cdc
7f89eb8ab03684f4db282ca30eb231b1e254bca10c7b511950df5e0eab0a68a0

HTTP Headers

GET /images/logo.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 10:14:58 GMT
Content-Type: image/png
Content-Length: 3623
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-e27"
Accept-Ranges: bytes

static.depositfiles.com/images/upload_btn_bg.gif

91.226.124.77

200 OK

9.0 kB

URL HTTP/1.1
static.depositfiles.com/images/upload_btn_bg.gif
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
GIF image data, version 89a, 209 x 75\012- data
Size
9.0 kB (9010 bytes)
Hash
6f312f0f4ff138758bae76420f6efd78
b40a28f162140fedff9ee5ce0d687868b1f73d17
c667d75c7f916bf8b140b0e1f7ab0c996f76d4642faed85bd9fef3c738f0912b

HTTP Headers

GET /images/upload_btn_bg.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 10:14:58 GMT
Content-Type: image/gif
Content-Length: 9010
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-2332"
Expires: Sun, 05 Feb 2023 10:14:58 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

static.depositfiles.com/images/member_menu_bg.gif

91.226.124.77

200 OK

78 B

URL HTTP/1.1
static.depositfiles.com/images/member_menu_bg.gif
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
GIF image data, version 89a, 1 x 48\012- data
Size
78 B (78 bytes)
Hash
20a24b56dcedf6a71a71ebec771e1f7d
d7bed493d5d4eeaed5dbbf7d30d45107840790a0
6f57f29224d8e9e51ed0839e329055426fba7dcd97ef31e93ed495f93a6063df

HTTP Headers

GET /images/member_menu_bg.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 10:14:58 GMT
Content-Type: image/gif
Content-Length: 78
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-4e"
Expires: Sun, 05 Feb 2023 10:14:58 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

static.depositfiles.com/images/sprite.png

91.226.124.77

200 OK

37 kB

URL HTTP/1.1
static.depositfiles.com/images/sprite.png
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
PNG image data, 102 x 630, 8-bit/color RGBA, non-interlaced\012- data
Size
37 kB (36802 bytes)
Hash
2333675d7e431d5313c6dbb5230a14cd
93c4032e5b8b85793a9cda7167804445d950dd96
b287134a60667ce8e2c3fa1603e3a8f2ffa59c64e746d026d1a13ef19f3f38a0

HTTP Headers

GET /images/sprite.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 10:14:58 GMT
Content-Type: image/png
Content-Length: 36802
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-8fc2"
Accept-Ranges: bytes

static.depositfiles.com/images/flags/lang24.png

91.226.124.77

200 OK

9.2 kB

URL HTTP/1.1
static.depositfiles.com/images/flags/lang24.png
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
PNG image data, 24 x 552, 8-bit/color RGBA, non-interlaced\012- data
Size
9.2 kB (9172 bytes)
Hash
efdcd1ca23d564ddd811f41152a2b83c
0b5aa064e7f8f241363c55fa17eb448f42a5f8df
ce23be242e34c5b420f8ba0390aef20fa50ffc69f700091029616eff524e8f9b

HTTP Headers

GET /images/flags/lang24.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 10:14:58 GMT
Content-Type: image/png
Content-Length: 9172
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-23d4"
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f603f90a435c59a23d9f815333b1f0b7
a8752ef32b4f1156724129cabb80e718c6fd7deb
02b18dd4bb8104124cf19b10c45052036bd3b6ebc8c69a9dd52365e7970931d3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02B18DD4BB8104124CF19B10C45052036BD3B6EBC8C69A9DD52365E7970931D3"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9954
Expires: Tue, 31 Jan 2023 13:00:52 GMT
Date: Tue, 31 Jan 2023 10:14:58 GMT
Connection: keep-alive

static.depositfiles.com/images/sprite64.png

91.226.124.77

200 OK

29 kB

URL HTTP/1.1
static.depositfiles.com/images/sprite64.png
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
PNG image data, 64 x 1088, 8-bit/color RGBA, non-interlaced\012- data
Size
29 kB (28747 bytes)
Hash
e50649ecf6a2094c25da755ea0ea7bd1
e1c3e229a62f049442fa16cf43ec07f384b27362
a9ed59ab3bbcfdf66224664aeb14fa0f0e8f034d8472a58dadcf65cfff17685d

HTTP Headers

GET /images/sprite64.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 10:14:58 GMT
Content-Type: image/png
Content-Length: 28747
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-704b"
Accept-Ranges: bytes

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
89231e8fe1afd89090e6a09d61430e11
11b471e4821cade1ea075b8835c892d455bfdaa2
8c78cce8f98a69e9c1c2bf45d12879b40c784288b4e79dabb296c24f94025c12

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8C78CCE8F98A69E9C1C2BF45D12879B40C784288B4E79DABB296C24F94025C12"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14432
Expires: Tue, 31 Jan 2023 14:15:30 GMT
Date: Tue, 31 Jan 2023 10:14:58 GMT
Connection: keep-alive

static.depositfiles.com/images/sprite16.png

91.226.124.77

200 OK

28 kB

URL HTTP/1.1
static.depositfiles.com/images/sprite16.png
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
PNG image data, 32 x 1072, 8-bit/color RGBA, non-interlaced\012- data
Size
28 kB (28501 bytes)
Hash
2e86fe2d2c2650c5f4663f0fc135ebc1
ba86e14a9abcff0581eda84a307594ef1288b982
604187f8828381a47ae70249f55f21c78c53ab1401d20a5f2230a0d6c9ae50d1

HTTP Headers

GET /images/sprite16.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 10:14:58 GMT
Content-Type: image/png
Content-Length: 28501
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-6f55"
Accept-Ranges: bytes

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
faf1d8a7f1edd1251b55117f41d77161
7e6b55f7968cc7381b7aa4deeed12d2692f135a2
8c27b658d2267f2dd6d138e17751edaec11d04c9e0f6015212dd92fb583533bc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=99391
Date: Tue, 31 Jan 2023 10:14:58 GMT
Etag: "63d7c69b-1d7"
Expires: Wed, 01 Feb 2023 13:51:29 GMT
Last-Modified: Mon, 30 Jan 2023 13:31:07 GMT
Server: ECS (bsa/EB1E)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UGccJnZlsgZ0vJ7szcB5PtzoWItU47oU5kSEv2jquUyE2xCx5jvJbw==
Age: 1222

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
544e9b86a64c966a63f182226bad5bfb
8544bfc506d0f1014dbc5868ae347f6d3f652ac7
12fa7d7e32f71d78f63fe3d4f80d10a8e0664cc6922554f1d7e160a6fa61653a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12FA7D7E32F71D78F63FE3D4F80D10A8E0664CC6922554F1D7E160A6FA61653A"
Last-Modified: Mon, 30 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4651
Expires: Tue, 31 Jan 2023 11:32:29 GMT
Date: Tue, 31 Jan 2023 10:14:58 GMT
Connection: keep-alive

adsbb.dfiles.eu//ad.php?z=56&c=NO

91.226.124.76

303 See Other

0 B

URL HTTP/1.1
adsbb.dfiles.eu//ad.php?z=56&c=NO
IP
91.226.124.76:0
ASN
#35415 Webzilla B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET //ad.php?z=56&c=NO HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: uprand=89aeb1ecb6da72215d0b4bdc34f602e3; last_file=dwijtgwns; lang_current=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site

HTTP/1.1 303 See Other
Server: nginx
Date: Tue, 31 Jan 2023 10:14:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.30-0+deb8u1
Set-Cookie: _nf56=1; expires=Wed, 01-Feb-2023 10:14:58 GMT; Max-Age=86400
Location: /upload/2203/ad27602963634849.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752

adsbb.dfiles.eu//ad.php?z=58&c=NO&g=gateway

91.226.124.76

303 See Other

0 B

URL HTTP/1.1
adsbb.dfiles.eu//ad.php?z=58&c=NO&g=gateway
IP
91.226.124.76:0
ASN
#35415 Webzilla B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET //ad.php?z=58&c=NO&g=gateway HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: uprand=89aeb1ecb6da72215d0b4bdc34f602e3; last_file=dwijtgwns; lang_current=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site

HTTP/1.1 303 See Other
Server: nginx
Date: Tue, 31 Jan 2023 10:14:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.30-0+deb8u1
Set-Cookie: _nf58=1; expires=Wed, 01-Feb-2023 10:14:58 GMT; Max-Age=86400
Location: /upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752

simplewebanalysis.com/stats

3.120.47.42

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
3.120.47.42:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
4a1a8dd7739f782da0d0129e79751801
fea2effb63ba63beaf1f81998394fc099ae51a24
4bcaa1b7707ec766f270f2e76cd6b0647f7ed8f4927c886ab736cf30bf121645

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 10:14:58 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dfiles.eu
access-control-allow-credentials: true
set-cookie: uid_id2=916af95e-3825-4d20-9140-781a3cbf5665:3:1; expires=Fri, 28 Jan 2033 10:14:58 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

dominantroute.com/bens/vinos.js?23701&u=null&a=0.24489872995037487

193.200.64.20

200 OK

140 kB

URL HTTP/1.1
dominantroute.com/bens/vinos.js?23701&u=null&a=0.24489872995037487
IP
193.200.64.20:0
ASN
#6681 Rozetka Sp. z o.o.

File type
ASCII text, with very long lines (727)
Size
140 kB (140149 bytes)
Hash
4120059250d7401efbf79c1e9e5391fe
519f91282bfe53e47ffb34b88c0c315a5f2fd83b
c6e27a1911dcfbd1dc6cea6f20abd497b0c8441f703e3d8ce3b90f1541a16e0a

HTTP Headers

GET /bens/vinos.js?23701&u=null&a=0.24489872995037487 HTTP/1.1
Host: dominantroute.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 10:14:58 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NON DSP COR CURa TIA"
Set-Cookie: uuid=16751600301532635802; expires=Thu, 30-Jan-2025 10:14:58 GMT; Max-Age=63072000; path=/; samesite=None; domain=.dominantroute.com; secure

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ab7c061327e6055c81b5adb4534503e3
e7881809f7bc9e808ebaffb0bf5d74515d3c4798
cace1a6a8ec55404139c82ce8310c6df4f59d6363738167f4e49fe4910086875

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACE1A6A8EC55404139C82CE8310C6DF4F59D6363738167F4E49FE4910086875"
Last-Modified: Sun, 29 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7913
Expires: Tue, 31 Jan 2023 12:26:51 GMT
Date: Tue, 31 Jan 2023 10:14:58 GMT
Connection: keep-alive

adsbb.dfiles.eu/upload/2203/ad27602963634849.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752

91.226.124.76

200 OK

677 B

URL HTTP/1.1
adsbb.dfiles.eu/upload/2203/ad27602963634849.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
IP
91.226.124.76:0
ASN
#35415 Webzilla B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
677 B (677 bytes)
Hash
01eee2db76340ef152ae22d52a541f18
e57b856efecb3f8ace71880bfe5cbbc39ea41b57
d36ca302e9f318862284a0cbc38ddb352c11c148467836b8bdd02ea034676121

HTTP Headers

GET /upload/2203/ad27602963634849.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Connection: keep-alive
Cookie: uprand=89aeb1ecb6da72215d0b4bdc34f602e3; last_file=dwijtgwns; lang_current=en; _nf56=1; _nf58=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 10:14:59 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Last-Modified: Tue, 31 Jan 2023 10:10:01 GMT
Content-Encoding: gzip

adsbb.dfiles.eu/upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752

91.226.124.76

200 OK

887 B

URL HTTP/1.1
adsbb.dfiles.eu/upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
IP
91.226.124.76:0
ASN
#35415 Webzilla B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
887 B (887 bytes)
Hash
0169a37fc147f75a6854b6d6e40c34ae
ace9d639c1d61e04200b40e7634984a4226f353c
124a6fdc4c92199cd337d06e12d8acfe11b7b928434caf36e6708ecc17a9047a

HTTP Headers

GET /upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Connection: keep-alive
Cookie: uprand=89aeb1ecb6da72215d0b4bdc34f602e3; last_file=dwijtgwns; lang_current=en; _nf56=1; _nf58=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 10:14:59 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Last-Modified: Tue, 31 Jan 2023 10:10:01 GMT
Content-Encoding: gzip

push.services.mozilla.com/

52.39.218.209

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.39.218.209:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mYqPOSha1Su8nxDOlrV7Mg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QhqDVBsC9UZbYOlv4VDrBAXrpD0=

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
89231e8fe1afd89090e6a09d61430e11
11b471e4821cade1ea075b8835c892d455bfdaa2
8c78cce8f98a69e9c1c2bf45d12879b40c784288b4e79dabb296c24f94025c12

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8C78CCE8F98A69E9C1C2BF45D12879B40C784288B4E79DABB296C24F94025C12"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14431
Expires: Tue, 31 Jan 2023 14:15:30 GMT
Date: Tue, 31 Jan 2023 10:14:59 GMT
Connection: keep-alive

97ad8a430e.3841f4b0c4.com/75bf6bb558cb3e61c272c8297a9e0a37.js

45.133.44.25

200 OK

36 kB

URL HTTP/2
97ad8a430e.3841f4b0c4.com/75bf6bb558cb3e61c272c8297a9e0a37.js
IP
45.133.44.25:0
ASN
#39572 DataWeb Global Group B.V.

File type
data
Size
36 kB (35787 bytes)
Hash
920d87a86c3eda2789a5efc6d561d7a2
fd176086cf53c44756b56ea7ea380e5b41b19d83
d116df4e7ecb2649dc9d26b38e162068eb480f5e7eeb17e98561babe4dcfab6c

HTTP Headers

GET /75bf6bb558cb3e61c272c8297a9e0a37.js HTTP/1.1
Host: 97ad8a430e.3841f4b0c4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 10:14:58 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 13 Jan 2023 14:07:40 GMT
etag: W/"63c165ac-188ee"
content-encoding: gzip
expires: Tue, 31 Jan 2023 10:19:58 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9004ba4b34f1ae3498b3afeccc240e8c
ee465f20e9365246ef0e90b5349df5d0ec7afc31
e75b585711a65a09bb8188ef1a592d6c8708bfb3f1fa395befa9643974b0a680

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E75B585711A65A09BB8188EF1A592D6C8708BFB3F1FA395BEFA9643974B0A680"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8624
Expires: Tue, 31 Jan 2023 12:38:43 GMT
Date: Tue, 31 Jan 2023 10:14:59 GMT
Connection: keep-alive

js.wpadmngr.com/npc/sdk/wp-banners.js

45.133.44.25

200 OK

0 B

URL HTTP/2
js.wpadmngr.com/npc/sdk/wp-banners.js
IP
45.133.44.25:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 10:14:59 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Tue, 31 Jan 2023 10:19:59 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js

91.226.124.76

200 OK

85 kB

URL HTTP/1.1
adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
IP
91.226.124.76:0
ASN
#35415 Webzilla B.V.

File type
Unicode text, UTF-8 text, with very long lines (65168)
Size
85 kB (85260 bytes)
Hash
b04a3bccd23ddeb7982143707a63ccf9
4a5dc1389aad050a44ee5e81408238a317ab3413
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b

HTTP Headers

GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2203/ad27602963634849.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=89aeb1ecb6da72215d0b4bdc34f602e3; last_file=dwijtgwns; lang_current=en; _nf56=1; _nf58=1; u_count=%5B0%2C0%5D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 10:14:59 GMT
Content-Type: application/javascript
Content-Length: 85260
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes

solemnvine.com/c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js

192.243.59.13

200 OK

29 kB

URL HTTP/1.1
solemnvine.com/c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Size
29 kB (28775 bytes)
Hash
acc5da787af8f584d55ee53c6161e119
f53da9634bf441b210213d3769c051e736e69aab
7f710f4c0e0df5526212b379daf2041fe069143f95ddcbdd976b645c65e2ede8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js HTTP/1.1
Host: solemnvine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 31 Jan 2023 10:14:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 40e3fd1ef5ad83d346b4547e5fb57077
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js

91.226.124.76

200 OK

85 kB

URL HTTP/1.1
adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
IP
91.226.124.76:0
ASN
#35415 Webzilla B.V.

File type
Unicode text, UTF-8 text, with very long lines (65168)
Size
85 kB (85260 bytes)
Hash
b04a3bccd23ddeb7982143707a63ccf9
4a5dc1389aad050a44ee5e81408238a317ab3413
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b

HTTP Headers

GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=89aeb1ecb6da72215d0b4bdc34f602e3; last_file=dwijtgwns; lang_current=en; _nf56=1; _nf58=1; u_count=%5B0%2C0%5D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 10:14:59 GMT
Content-Type: application/javascript
Content-Length: 85260
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes

static.depositfiles.com/images/favicon.ico

91.226.124.77

200 OK

318 B

URL HTTP/1.1
static.depositfiles.com/images/favicon.ico
IP
91.226.124.77:0
ASN
#35415 Webzilla B.V.

File type
MS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel\012- data
Size
318 B (318 bytes)
Hash
0f0b975ee529197ec75780ebc2de5907
59688c6aafca5606e388ba9a44fc9dc25fc32cd3
28a0b52229f05b66354ca38b6b813d2281af3efb7e8b0a424ef8b4c68b9e583c

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 10:14:59 GMT
Content-Type: image/x-icon
Content-Length: 318
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-13e"
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 10:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
e2776b3ff7517c47c9d9f7f49b251496
85c3157036be6de50d53dbe345ba947510904438
97176f60aa940c44a36c91e6405c41bc05a7dd2a64f0455a9c2712f990a5cbab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 520
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 10:14:59 GMT
Etag: "63d89f07-117"
Last-Modified: Tue, 31 Jan 2023 10:06:19 GMT
Server: ECS (amb/6B7B)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 10:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adsbb.dfiles.eu/view.gif?c=2963&z=56&b=2760&u=63d8e8f948ff612646485716901523

91.226.124.76

200 OK

43 B

URL HTTP/1.1
adsbb.dfiles.eu/view.gif?c=2963&z=56&b=2760&u=63d8e8f948ff612646485716901523
IP
91.226.124.76:0
ASN
#35415 Webzilla B.V.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

HTTP Headers

GET /view.gif?c=2963&z=56&b=2760&u=63d8e8f948ff612646485716901523 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2203/ad27602963634849.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=89aeb1ecb6da72215d0b4bdc34f602e3; last_file=dwijtgwns; lang_current=en; _nf56=1; _nf58=1; u_count=%5B0%2C0%5D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 10:14:59 GMT
Content-Type: image/gif
Content-Length: 43
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes

simplewebanalysis.com/stats

3.120.47.42

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
3.120.47.42:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
4a1a8dd7739f782da0d0129e79751801
fea2effb63ba63beaf1f81998394fc099ae51a24
4bcaa1b7707ec766f270f2e76cd6b0647f7ed8f4927c886ab736cf30bf121645

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: uid_id2=916af95e-3825-4d20-9140-781a3cbf5665:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 10:14:59 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dfiles.eu
access-control-allow-credentials: true
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js

216.58.211.3

200 OK

164 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (771)
Size
164 kB (163774 bytes)
Hash
57c909ab73fc27ec24f737bbf1cb1de8
89b2c02e9e7a9a764518fca545d3eec2044fd6d9
7e407e2b00bb7c238c71d96472f7ab030de4e610b1048f0f77b25cb85c2d166b

HTTP Headers

GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 17:09:34 GMT
expires: Tue, 30 Jan 2024 17:09:34 GMT
cache-control: public, max-age=31536000
age: 61525
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

jsc.adskeeper.com/d/f/dfiles.eu.1285379.js

172.64.151.192

200 OK

1.0 kB

URL HTTP/2
jsc.adskeeper.com/d/f/dfiles.eu.1285379.js
IP
172.64.151.192:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2664)
Size
1.0 kB (1016 bytes)
Hash
87d3d2734efc01588e9fda0feff398a3
cd1b31208f32084d92c789ddc61976b1bac0d54b
64a74dca6ec6a7c104787a3c76dc4556dd7288961fca9d751dd549cd41932576

HTTP Headers

GET /d/f/dfiles.eu.1285379.js HTTP/1.1
Host: jsc.adskeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 10:14:59 GMT
content-type: text/javascript
content-length: 1016
x-amz-id-2: fp0dy33B/d04n3/44syaTFK4kKHZR5HDMFxeC9v4rP5fYeKQIdp1+VTB9AQywH3O0w2qM3AVKGk=
x-amz-request-id: P626AEYPNZAD9BP7
last-modified: Wed, 18 Jan 2023 10:19:44 GMT
etag: "87d3d2734efc01588e9fda0feff398a3"
content-encoding: gzip
x-amz-version-id: F3Eqze46tsKiyNYC2VnDER9h40CwqTSs
cf-cache-status: HIT
age: 4212
expires: Tue, 31 Jan 2023 14:14:59 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7921aefd6f4c0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 10:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test_adblock=true

216.58.207.194

200 OK

50 kB

URL HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test_adblock=true
IP
216.58.207.194:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3649)
Size
50 kB (49976 bytes)
Hash
39e62918cfa6ec870edc94d1736039f5
5e80b8b155b54a4a9d817ace3fc88db2b18ae75f
7a2c65eb3d1e17cb0d1a69b792f0cb5b6dd4f279d018a2c647dec40e14c79a01

HTTP Headers

GET /pagead/js/adsbygoogle.js?test_adblock=true HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 31 Jan 2023 10:14:59 GMT
expires: Tue, 31 Jan 2023 10:14:59 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 15420878457496351877
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49976
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

jsc.adskeeper.com/d/f/dfiles.eu.1285379.es6.js

172.64.151.192

200 OK

80 kB

URL HTTP/2
jsc.adskeeper.com/d/f/dfiles.eu.1285379.es6.js
IP
172.64.151.192:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document, ASCII text, with very long lines (31911)
Size
80 kB (79607 bytes)
Hash
37bb8c788d3409695f6e5066d2d5141a
3e465696eb3efe3588cae18d8b9096394e73a345
afb37d889c9317ec136c7b9200617477be76ee98419d860338fa7bd0802674ad

HTTP Headers

GET /d/f/dfiles.eu.1285379.es6.js HTTP/1.1
Host: jsc.adskeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 10:14:59 GMT
content-type: text/javascript
content-length: 79607
x-amz-id-2: PuNhLW/I0fS3XbmhXTFPExklQojt09Gmiauy3e18zaG8FIc4AGViQ+wnbDZg76Z01wGj8Wm+o04=
x-amz-request-id: CFZCKTE4SRAWFN65
last-modified: Wed, 18 Jan 2023 10:19:44 GMT
etag: "37bb8c788d3409695f6e5066d2d5141a"
content-encoding: gzip
x-amz-version-id: ixox.Qpz6pAh5mcbYbSUHjl3njRxWO1B
cf-cache-status: HIT
age: 4211
expires: Tue, 31 Jan 2023 14:14:59 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7921aefd9f780afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
e2776b3ff7517c47c9d9f7f49b251496
85c3157036be6de50d53dbe345ba947510904438
97176f60aa940c44a36c91e6405c41bc05a7dd2a64f0455a9c2712f990a5cbab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 520
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 10:14:59 GMT
Last-Modified: Tue, 31 Jan 2023 10:06:19 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 10:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adserver.adreactor.com/js/libcode3.js

46.166.179.123

200 OK

7.7 kB

URL HTTP/1.1
adserver.adreactor.com/js/libcode3.js
IP
46.166.179.123:0
ASN
#43350 NForce Entertainment B.V.

File type
HTML document text\012- C source, ASCII text, with very long lines (27061), with no line terminators
Size
7.7 kB (7675 bytes)
Hash
02a8b86bce420a8a54223b74fa0d265e
a92561d8f1c6a43e23b0301db815d1cfca1995c6
d58e205115e1054fe89459992256a3ac8264bf821550ccc60fb01623f9b91c41

HTTP Headers

GET /js/libcode3.js HTTP/1.1
Host: adserver.adreactor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 10:14:59 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=86400
Expires: Wed, 01 Feb 2023 10:14:58 GMT
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Tue, 15 Mar 2022 21:49:26 GMT
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5c3039f23e984d102bba4850070fd282
b24cab5a7ca3211377b0e84c8ee0c69226538289
118fb04cb13eae332f2786842e1bd6a1b96b015e132ce43e9631493f46d78fd3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "118FB04CB13EAE332F2786842E1BD6A1B96B015E132CE43E9631493F46D78FD3"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10048
Expires: Tue, 31 Jan 2023 13:02:27 GMT
Date: Tue, 31 Jan 2023 10:14:59 GMT
Connection: keep-alive

adserver.adreactor.com/servlet/tagger/25499622/1675160115821

46.166.179.123

200 OK

81 B

URL HTTP/1.1
adserver.adreactor.com/servlet/tagger/25499622/1675160115821
IP
46.166.179.123:0
ASN
#43350 NForce Entertainment B.V.

File type
ASCII text
Size
81 B (81 bytes)
Hash
12b2960d181800d054466786f2fb476d
56c4d1518a4f21337564980474785606eb9fa1bf
cb156d3042ee00bf0c142b2688c74e50925b6d65f802b2c2e7ba138215280c1d

HTTP Headers

GET /servlet/tagger/25499622/1675160115821 HTTP/1.1
Host: adserver.adreactor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 10:14:59 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, no-store
Pragma: no-cache
Expires: Thu, 31 Dec 1998 11:59:59 GMT
X-Robots-Tag: none
P3P: CP="NOI DSP COR NID"
Set-Cookie: ADRUID=5a282d9e34c1bcf32aaf9cb321e905a9; Expires=Wed, 31-Jan-2024 10:14:59 GMT; Path=/; Secure; HttpOnly; SameSite=None
Content-Encoding: gzip

adserver.adreactor.com/servlet/view/banner/javascript/ajax/crossdomain/zone?zid=9&pid=8620&uuid=5a282d9e34c1bcf32aaf9cb321e905a9&tagid=avp_1560248483863&viewable=true&txid=13833229&sver=1&pvid=34346219&resolution=728x91&random=46351010&millis=1675160115872&referrer=https%3A%2F%2Fadsbb.dfiles.eu%2Fupload%2F1906%2Fad2708292742b09a.htm%3Fcanp%3Dadv_73b411c406ca38ecadcf742fe6ade752

46.166.179.123

200 OK

896 B

URL HTTP/1.1
adserver.adreactor.com/servlet/view/banner/javascript/ajax/crossdomain/zone?zid=9&pid=8620&uuid=5a282d9e34c1bcf32aaf9cb321e905a9&tagid=avp_1560248483863&viewable=true&txid=13833229&sver=1&pvid=34346219&resolution=728x91&random=46351010&millis=1675160115872&referrer=https%3A%2F%2Fadsbb.dfiles.eu%2Fupload%2F1906%2Fad2708292742b09a.htm%3Fcanp%3Dadv_73b411c406ca38ecadcf742fe6ade752
IP
46.166.179.123:0
ASN
#43350 NForce Entertainment B.V.

File type
ASCII text, with very long lines (1008)
Size
896 B (896 bytes)
Hash
616906aa64315bc55d1700ea7cc7d448
8685eb163e27a3b943046a64c70e194ca0925c0d
ab88d932db8d2ab15a7bde130e7c2e41dbd94e3bed07d2ecdcd5e041de771828

HTTP Headers

GET /servlet/view/banner/javascript/ajax/crossdomain/zone?zid=9&pid=8620&uuid=5a282d9e34c1bcf32aaf9cb321e905a9&tagid=avp_1560248483863&viewable=true&txid=13833229&sver=1&pvid=34346219&resolution=728x91&random=46351010&millis=1675160115872&referrer=https%3A%2F%2Fadsbb.dfiles.eu%2Fupload%2F1906%2Fad2708292742b09a.htm%3Fcanp%3Dadv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adserver.adreactor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 10:14:59 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, no-store
Pragma: no-cache
Expires: Thu, 31 Dec 1998 11:59:59 GMT
X-Robots-Tag: none
P3P: CP="NOI DSP COR NID"
Set-Cookie: ADRUID=5a282d9e34c1bcf32aaf9cb321e905a9; Expires=Wed, 31-Jan-2024 10:14:59 GMT; Path=/; Secure; HttpOnly; SameSite=None
Content-Encoding: gzip

solemnvine.com/sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6

192.243.59.13

200 OK

4.3 kB

URL HTTP/1.1
solemnvine.com/sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
JSON data\012- , ASCII text, with very long lines (6053), with no line terminators
Size
4.3 kB (4309 bytes)
Hash
2f5d5e945252d364369df22eb7f897f1
03001b91de89e4a3e6ee8a5632eb79334131dafe
2d61fc855615e695fd15c6ff3c872b5efd0eb96f41e1bb72febdb1eaa9a95c16

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6 HTTP/1.1
Host: solemnvine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 31 Jan 2023 10:14:59 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://dfiles.eu
Access-Control-Allow-Origin: https://dfiles.eu
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16004719; expires=Wed, 01 Feb 2023 10:14:59 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 01 Feb 2023 10:14:59 GMT; secure; SameSite=None
uncs=1; expires=Wed, 01 Feb 2023 10:14:59 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 01 Feb 2023 10:14:59 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 01 Feb 2023 10:14:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fd4d63ea9c7d7be1a29a0f48a1ccef9c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

sweepfrequencydissolved.com/pixel/purst?dl=0&th=0&sc=0&rs=1856&rd=1856&fd=576&bv=22.10.v.10&tmpl=136

173.233.137.52

200 OK

0 B

URL HTTP/1.1
sweepfrequencydissolved.com/pixel/purst?dl=0&th=0&sc=0&rs=1856&rd=1856&fd=576&bv=22.10.v.10&tmpl=136
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1856&rd=1856&fd=576&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: sweepfrequencydissolved.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 31 Jan 2023 10:14:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

simplewebanalysis.com/stats

3.120.47.42

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
3.120.47.42:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
4a1a8dd7739f782da0d0129e79751801
fea2effb63ba63beaf1f81998394fc099ae51a24
4bcaa1b7707ec766f270f2e76cd6b0647f7ed8f4927c886ab736cf30bf121645

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: uid_id2=916af95e-3825-4d20-9140-781a3cbf5665:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 10:14:59 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dfiles.eu
access-control-allow-credentials: true
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
78ab2d5cc6d61c3c29944777767ccefe
a5380ce83cea0350b0ea550ac99d36b0093d220a
5901f2549eee80f63d44390d2c6de7ed62ce5e63b842dc366d58a367a6be9303

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5901F2549EEE80F63D44390D2C6DE7ED62CE5E63B842DC366D58A367A6BE9303"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14337
Expires: Tue, 31 Jan 2023 14:13:56 GMT
Date: Tue, 31 Jan 2023 10:14:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
989c2e722def6d256d940940146841e3
41978c5b59ec1ca5ae0d4db11e7854bedfc41520
131ab188b648269533a30fcf64a3674d3a77ab97f821aff76840004d02e48366

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "131AB188B648269533A30FCF64A3674D3A77AB97F821AFF76840004D02E48366"
Last-Modified: Mon, 30 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2621
Expires: Tue, 31 Jan 2023 10:58:41 GMT
Date: Tue, 31 Jan 2023 10:15:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48237dc866d6f2387b67ad0ba335689d
766b9034cf7cb4d04ce8cb76107834772611cdfa
f7e4b65ebd6a99bcd51f95bd777025d00fe3947654a3c58ac06708ecf9f53f03

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7E4B65EBD6A99BCD51F95BD777025D00FE3947654A3C58AC06708ECF9F53F03"
Last-Modified: Mon, 30 Jan 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18666
Expires: Tue, 31 Jan 2023 15:26:06 GMT
Date: Tue, 31 Jan 2023 10:15:00 GMT
Connection: keep-alive

solemnvine.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv28jRRuevbvvK4DmgAYJkCUakJCza6%2FtmBQnwhEUcSTh7iAS3fxaZ%2FDszmpm1%2BtEFBEnoWuQTAXl5nFyEXBCd38AEtrQoFQxBaQgdAjRgqiRHUuGV5p532eet3ied95PDvIL4iOn51vvmD2lNV1q1f3ay9sqEaZwtY27tcCv%2Byu1bZW0w5XacHrZwWuB36r7r9Tekrxvlhp%2B4PuBH9TWlJWRGS7NWKj0YTeod%2F162KgHrRBD%2B1%2Fscg%2BOehCDC%2FI0lJj8b%2BeHx1C8QhI%2FuildPzPpq2%2FGuaaZsRiI4%2FeSfmKKBPGijKyHKDmed8O4CSFfXIFJjucOYAaHUwdgakK8nwKw5HguE2xwdKmUacgETDyJYlBB6gqKVuDmHpQ4IwAX2NhEEj%2FYMLagu5csnbITcu3vP6GKCbn2y7NI4m9WtRrW7hidZ8okDsOohBpWUL0KaX6CbM%2BDKk7As4%2BhBEESl1CinLlWqoKKKmg5AnUe8ulRHvLIQ556iMV5jba6ke93IhY1m8sh57zZ5Ly13BYt0QyXIx85n8oaIUtH4HoEbveR2n301Qg2%2Fw5up4QTHlw2Id67%2BxiIEoUkKBxBQQkKRVBkBMWgPBLaNVz5QGiXs2CeG%2FPcLMcm6x3QI5P1ZEIO0gtyfTaPv9oGfXleazRCKkIahCxkQYsHnUY7ijp%2BS%2FJ2pyFpG06VUO7KzOqeOnsmRarOnnoejJ7A6RNwdR00fwG0GHcaPujOOFz2sZc8EjI1TmWR0tLVuYkhTIk0u4Zs1zvQF%2BS5mY7ub%2F%2BH5Kc3Pv9089cV8QG4LZHaEh%2Bq7wl6%2Bv74tinI4W1TOPJ4M81UrPbo9M%2FuZDSTV796W%2B4Wxor1m2705et8SkzLh3ely27RRKik58jXq0oIadeM5ZJ8u%2B62JdvK3c5qbpM8vbX1xtp6nFrpnDJJBarO3v8IXE3IE7Y%2F28YXf1%2BDshVsXiLOT8k8oEwFnu7DpQv1zhBYvehhqYciL8e2wRaPWhFoucCUlXD%2FwmxRH7j76FkPNLs328GBLTHQJageweVXx1lqT2%2F82JwFmPbGTFvvkGmrP7scrVPnNdmK%2FEj6DcmiLos61BfdKOwy2g1kh7VogMxN%2BM9%2FvPQPAAAA%2F%2F8BAAD%2F%2FyJeDpVlBAAA

192.243.59.13

200 OK

7 B

URL HTTP/1.1
solemnvine.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv28jRRuevbvvK4DmgAYJkCUakJCza6%2FtmBQnwhEUcSTh7iAS3fxaZ%2FDszmpm1%2BtEFBEnoWuQTAXl5nFyEXBCd38AEtrQoFQxBaQgdAjRgqiRHUuGV5p532eet3ied95PDvIL4iOn51vvmD2lNV1q1f3ay9sqEaZwtY27tcCv%2Byu1bZW0w5XacHrZwWuB36r7r9Tekrxvlhp%2B4PuBH9TWlJWRGS7NWKj0YTeod%2F162KgHrRBD%2B1%2Fscg%2BOehCDC%2FI0lJj8b%2BeHx1C8QhI%2FuildPzPpq2%2FGuaaZsRiI4%2FeSfmKKBPGijKyHKDmed8O4CSFfXIFJjucOYAaHUwdgakK8nwKw5HguE2xwdKmUacgETDyJYlBB6gqKVuDmHpQ4IwAX2NhEEj%2FYMLagu5csnbITcu3vP6GKCbn2y7NI4m9WtRrW7hidZ8okDsOohBpWUL0KaX6CbM%2BDKk7As4%2BhBEESl1CinLlWqoKKKmg5AnUe8ulRHvLIQ556iMV5jba6ke93IhY1m8sh57zZ5Ly13BYt0QyXIx85n8oaIUtH4HoEbveR2n301Qg2%2Fw5up4QTHlw2Id67%2BxiIEoUkKBxBQQkKRVBkBMWgPBLaNVz5QGiXs2CeG%2FPcLMcm6x3QI5P1ZEIO0gtyfTaPv9oGfXleazRCKkIahCxkQYsHnUY7ijp%2BS%2FJ2pyFpG06VUO7KzOqeOnsmRarOnnoejJ7A6RNwdR00fwG0GHcaPujOOFz2sZc8EjI1TmWR0tLVuYkhTIk0u4Zs1zvQF%2BS5mY7ub%2F%2BH5Kc3Pv9089cV8QG4LZHaEh%2Bq7wl6%2Bv74tinI4W1TOPJ4M81UrPbo9M%2FuZDSTV796W%2B4Wxor1m2705et8SkzLh3ely27RRKik58jXq0oIadeM5ZJ8u%2B62JdvK3c5qbpM8vbX1xtp6nFrpnDJJBarO3v8IXE3IE7Y%2F28YXf1%2BDshVsXiLOT8k8oEwFnu7DpQv1zhBYvehhqYciL8e2wRaPWhFoucCUlXD%2FwmxRH7j76FkPNLs328GBLTHQJageweVXx1lqT2%2F82JwFmPbGTFvvkGmrP7scrVPnNdmK%2FEj6DcmiLos61BfdKOwy2g1kh7VogMxN%2BM9%2FvPQPAAAA%2F%2F8BAAD%2F%2FyJeDpVlBAAA
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSv28jRRuevbvvK4DmgAYJkCUakJCza6%2FtmBQnwhEUcSTh7iAS3fxaZ%2FDszmpm1%2BtEFBEnoWuQTAXl5nFyEXBCd38AEtrQoFQxBaQgdAjRgqiRHUuGV5p532eet3ied95PDvIL4iOn51vvmD2lNV1q1f3ay9sqEaZwtY27tcCv%2Byu1bZW0w5XacHrZwWuB36r7r9Tekrxvlhp%2B4PuBH9TWlJWRGS7NWKj0YTeod%2F162KgHrRBD%2B1%2Fscg%2BOehCDC%2FI0lJj8b%2BeHx1C8QhI%2FuildPzPpq2%2FGuaaZsRiI4%2FeSfmKKBPGijKyHKDmed8O4CSFfXIFJjucOYAaHUwdgakK8nwKw5HguE2xwdKmUacgETDyJYlBB6gqKVuDmHpQ4IwAX2NhEEj%2FYMLagu5csnbITcu3vP6GKCbn2y7NI4m9WtRrW7hidZ8okDsOohBpWUL0KaX6CbM%2BDKk7As4%2BhBEESl1CinLlWqoKKKmg5AnUe8ulRHvLIQ556iMV5jba6ke93IhY1m8sh57zZ5Ly13BYt0QyXIx85n8oaIUtH4HoEbveR2n301Qg2%2Fw5up4QTHlw2Id67%2BxiIEoUkKBxBQQkKRVBkBMWgPBLaNVz5QGiXs2CeG%2FPcLMcm6x3QI5P1ZEIO0gtyfTaPv9oGfXleazRCKkIahCxkQYsHnUY7ijp%2BS%2FJ2pyFpG06VUO7KzOqeOnsmRarOnnoejJ7A6RNwdR00fwG0GHcaPujOOFz2sZc8EjI1TmWR0tLVuYkhTIk0u4Zs1zvQF%2BS5mY7ub%2F%2BH5Kc3Pv9089cV8QG4LZHaEh%2Bq7wl6%2Bv74tinI4W1TOPJ4M81UrPbo9M%2FuZDSTV796W%2B4Wxor1m2705et8SkzLh3ely27RRKik58jXq0oIadeM5ZJ8u%2B62JdvK3c5qbpM8vbX1xtp6nFrpnDJJBarO3v8IXE3IE7Y%2F28YXf1%2BDshVsXiLOT8k8oEwFnu7DpQv1zhBYvehhqYciL8e2wRaPWhFoucCUlXD%2FwmxRH7j76FkPNLs328GBLTHQJageweVXx1lqT2%2F82JwFmPbGTFvvkGmrP7scrVPnNdmK%2FEj6DcmiLos61BfdKOwy2g1kh7VogMxN%2BM9%2FvPQPAAAA%2F%2F8BAAD%2F%2FyJeDpVlBAAA HTTP/1.1
Host: solemnvine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 31 Jan 2023 10:14:59 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 975278dde470a1daa6c46896b4f4d950
Strict-Transport-Security: max-age=0; includeSubdomains

1842fc94dc.109c957fb6.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI3MjcxNjI1NTA4NDI0MDEyMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMjEuMSIsInRhZ19pZCI6NDY0NDUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC44OSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiRGVwb3NpdEZpbGVzJTJDRGVwb3NpdEZpbGVzJTJDcHJvdmlkZXMlMkN5b3UlMkN3aXRoJTJDYSUyQ2xlZ2l0aW1hdGUlMkN0ZWNobmljYWwlMkNzb2x1dGlvbiUyQ3doaWNoJTJDZW5hYmxlcyUyQ3lvdSUyQ3RvJTJDdXBsb2FkJTJDc3RvcmUlMkNhY2Nlc3MlMkNhbmQlMkNkb3dubG9hZCUyQ3RleHQlMkNzb2Z0d2FyZSUyQyUyQ3NjcmlwdHMlMkNpbWFnZXMlMkNzb3VuZHMlMkN2aWRlb3MlMkNhbmltYXRpb25zJTJDYW5kJTJDYW55JTJDb3RoZXIlMkNtYXRlcmlhbHMlMkNpbiUyQ2Zvcm0lMkNvZiUyQ29uZSUyQ29yJTJDc2V2ZXJhbCUyQ2VsZWN0cm9uaWMlMkNmaWxlcy4ifQ==

45.133.44.25

200 OK

0 B

URL HTTP/2
1842fc94dc.109c957fb6.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI3MjcxNjI1NTA4NDI0MDEyMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMjEuMSIsInRhZ19pZCI6NDY0NDUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC44OSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiRGVwb3NpdEZpbGVzJTJDRGVwb3NpdEZpbGVzJTJDcHJvdmlkZXMlMkN5b3UlMkN3aXRoJTJDYSUyQ2xlZ2l0aW1hdGUlMkN0ZWNobmljYWwlMkNzb2x1dGlvbiUyQ3doaWNoJTJDZW5hYmxlcyUyQ3lvdSUyQ3RvJTJDdXBsb2FkJTJDc3RvcmUlMkNhY2Nlc3MlMkNhbmQlMkNkb3dubG9hZCUyQ3RleHQlMkNzb2Z0d2FyZSUyQyUyQ3NjcmlwdHMlMkNpbWFnZXMlMkNzb3VuZHMlMkN2aWRlb3MlMkNhbmltYXRpb25zJTJDYW5kJTJDYW55JTJDb3RoZXIlMkNtYXRlcmlhbHMlMkNpbiUyQ2Zvcm0lMkNvZiUyQ29uZSUyQ29yJTJDc2V2ZXJhbCUyQ2VsZWN0cm9uaWMlMkNmaWxlcy4ifQ==
IP
45.133.44.25:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI3MjcxNjI1NTA4NDI0MDEyMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMjEuMSIsInRhZ19pZCI6NDY0NDUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC44OSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiRGVwb3NpdEZpbGVzJTJDRGVwb3NpdEZpbGVzJTJDcHJvdmlkZXMlMkN5b3UlMkN3aXRoJTJDYSUyQ2xlZ2l0aW1hdGUlMkN0ZWNobmljYWwlMkNzb2x1dGlvbiUyQ3doaWNoJTJDZW5hYmxlcyUyQ3lvdSUyQ3RvJTJDdXBsb2FkJTJDc3RvcmUlMkNhY2Nlc3MlMkNhbmQlMkNkb3dubG9hZCUyQ3RleHQlMkNzb2Z0d2FyZSUyQyUyQ3NjcmlwdHMlMkNpbWFnZXMlMkNzb3VuZHMlMkN2aWRlb3MlMkNhbmltYXRpb25zJTJDYW5kJTJDYW55JTJDb3RoZXIlMkNtYXRlcmlhbHMlMkNpbiUyQ2Zvcm0lMkNvZiUyQ29uZSUyQ29yJTJDc2V2ZXJhbCUyQ2VsZWN0cm9uaWMlMkNmaWxlcy4ifQ== HTTP/1.1
Host: 1842fc94dc.109c957fb6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 10:15:00 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

fp.metricswpsh.com/fp?tag_id=46445

157.90.84.242

204 No Content

0 B

URL HTTP/1.1
fp.metricswpsh.com/fp?tag_id=46445
IP
157.90.84.242:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /fp?tag_id=46445 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Tue, 31 Jan 2023 10:15:00 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://dfiles.eu
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
c0d79787c5ee0933b2b39a9630793f94
47468efa1fa4c08f2d595fc8948d3bc462341bfe
91d589a2248c35896d7c6da948899edba959056aabcf8e41b4f3feebf3f0d9e2

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "91D589A2248C35896D7C6DA948899EDBA959056AABCF8E41B4F3FEEBF3F0D9E2"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4887
Expires: Tue, 31 Jan 2023 11:36:27 GMT
Date: Tue, 31 Jan 2023 10:15:00 GMT
Connection: keep-alive

js.wpshsdk.com/npc/sdk/wp-banners.js

45.133.44.25

200 OK

0 B

URL HTTP/2
js.wpshsdk.com/npc/sdk/wp-banners.js
IP
45.133.44.25:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 10:15:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Tue, 31 Jan 2023 10:20:00 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/utility/live-message/3-2/img/close.png

172.64.167.9

200 OK

6.0 kB

URL HTTP/2
cdn.creative-bars1.com/sb/ssp/utility/live-message/3-2/img/close.png
IP
172.64.167.9:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Size
6.0 kB (5982 bytes)
Hash
c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd

HTTP Headers

GET /sb/ssp/utility/live-message/3-2/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 10:15:00 GMT
content-type: image/png
content-length: 5982
last-modified: Thu, 28 Apr 2022 08:29:14 GMT
etag: "626a505a-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4942384
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3pNALjbye0F3mTYeNNYYfrx14V3tnKk3yfdgBlRxHYSdFToGhV%2FTy6Sy9NhfF1HZjbnKpTBh3tUFDVEGWCvYt%2Fo%2F%2BvmiWLbp3x0k5KIrX5NIb59OswSZrCcAC35zQXmnXdZ1jrxynkwj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7921af024f4d23cf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fp.metricswpsh.com/fp?tag_id=46445

157.90.84.242

200 OK

28 B

URL HTTP/1.1
fp.metricswpsh.com/fp?tag_id=46445
IP
157.90.84.242:0
ASN
#24940 Hetzner Online GmbH

File type
JSON data\012- , ASCII text
Size
28 B (28 bytes)
Hash
e3af49472d683a217237a6ebaf79bcb7
378db4d7e6171a2676ee15c80b4475d7f5ec9742
7714898d715fb8b1ce7a1de73e0e7c9f6394acc8a08cf1a3b342a7829d4de84a

HTTP Headers

POST /fp?tag_id=46445 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22286
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 31 Jan 2023 10:15:00 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 28
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://dfiles.eu
Set-Cookie: id=9776793341024631299; Expires=Wed, 31 Jan 2024 10:15:00 GMT; Secure; SameSite=None
Vary: Origin

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
c0d79787c5ee0933b2b39a9630793f94
47468efa1fa4c08f2d595fc8948d3bc462341bfe
91d589a2248c35896d7c6da948899edba959056aabcf8e41b4f3feebf3f0d9e2

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "91D589A2248C35896D7C6DA948899EDBA959056AABCF8E41B4F3FEEBF3F0D9E2"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4887
Expires: Tue, 31 Jan 2023 11:36:27 GMT
Date: Tue, 31 Jan 2023 10:15:00 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 10:15:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ee545433fc455bd9987f628755305a60
26d861ed51e2e4d864cbf51f59f8553a7936fe76
73918e35ea537c5e5422872d19580ae0b1a71311052ba4ea5a97a7acda546665

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73918E35EA537C5E5422872D19580AE0B1A71311052BA4EA5A97A7ACDA546665"
Last-Modified: Sun, 29 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10351
Expires: Tue, 31 Jan 2023 13:07:31 GMT
Date: Tue, 31 Jan 2023 10:15:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ee545433fc455bd9987f628755305a60
26d861ed51e2e4d864cbf51f59f8553a7936fe76
73918e35ea537c5e5422872d19580ae0b1a71311052ba4ea5a97a7acda546665

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73918E35EA537C5E5422872D19580AE0B1A71311052BA4EA5A97A7ACDA546665"
Last-Modified: Sun, 29 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10351
Expires: Tue, 31 Jan 2023 13:07:31 GMT
Date: Tue, 31 Jan 2023 10:15:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4350
Expires: Tue, 31 Jan 2023 11:27:30 GMT
Date: Tue, 31 Jan 2023 10:15:00 GMT
Connection: keep-alive

dfiles.eu/ps/QW13h0.js

91.226.124.76

200 OK

48 B

URL HTTP/1.1
dfiles.eu/ps/QW13h0.js
IP
91.226.124.76:0
ASN
#35415 Webzilla B.V.

File type
Java source, ASCII text
Size
48 B (48 bytes)
Hash
b215ecc0d708a2fb5464f5e8d65d2d4e
d8c0da4fd6cd8c2a3b36cb6a7d21ce620810ccc0
eb4333e919f16aa3042235966e790e430e0faecf66ee95bb387b147e168b8ee5

HTTP Headers

GET /ps/QW13h0.js HTTP/1.1
Host: dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uprand=89aeb1ecb6da72215d0b4bdc34f602e3; last_file=dwijtgwns; lang_current=en; u_count=%5B0%2C0%5D; sb_page_224ad4a14b4b15c1726ff705ec672ea6=1; sb_onpage_224ad4a14b4b15c1726ff705ec672ea6=1; sb_main_224ad4a14b4b15c1726ff705ec672ea6=1; sb_count_224ad4a14b4b15c1726ff705ec672ea6=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=916af95e-3825-4d20-9140-781a3cbf5665%3A3%3A1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=solemnvine.com; ppu_idelay_c22dc50dc2bbe4422c7f68d26ab95eb9=1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 10:15:00 GMT
Content-Type: application/javascript
Content-Length: 48
Last-Modified: Fri, 21 Oct 2022 18:16:45 GMT
Connection: close
ETag: "6352e20d-30"
Accept-Ranges: bytes

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (9987 bytes)
Hash
2c4934be94898028e2ab696561b51462
6cf734e2d29938688913daacfb75506d8e004a94
239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9987
x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flYlPF9uIAMFXMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hDjKAMYoVwHdCqS8t08PrWyfQQLiWaosXbi3FOJY8BeV0yAFCGziGw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:58:16 GMT
age: 29804
etag: "6cf734e2d29938688913daacfb75506d8e004a94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/utility/live-message/3-2/js/jquery.min.js

172.64.167.9

200 OK

38 kB

URL HTTP/2
cdn.creative-bars1.com/sb/ssp/utility/live-message/3-2/js/jquery.min.js
IP
172.64.167.9:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65451)
Size
38 kB (38444 bytes)
Hash
b724af7dcf4e9523822b87e4265aa290
5f56570eff4dfe467327aa98ec573c0e88ff04d1
1f19a37725be3a1bb20b69fcf1160706b808b138d739892a27498f52ae249f3f

HTTP Headers

GET /sb/ssp/utility/live-message/3-2/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 10:15:00 GMT
content-type: application/javascript
last-modified: Thu, 28 Apr 2022 08:29:17 GMT
etag: W/"626a505d-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4942384
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iu0li1MFDyNtk5iJ9xOcipYmgh3hmnp5bgx8XuYQ%2FmE4QavFDhWmsMQ4ZvIMKl3Ezcr53MYV8XdNt79j%2Fbku6AOVxvC%2FUQOAYsti9wnArJQYFb8P%2FR4qNgaMvTYRu%2BtYAZvK1TDAG1C7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7921af024f6023cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9600 bytes)
Hash
3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: v9Wphg34UGE5kkZ9RKBcphcpPuCn54oVyepzTW5rZ3J9nkL9J501PA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 22:03:23 GMT
age: 43897
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10898 bytes)
Hash
4a2d26da68a313cc65958fc2692351c2
798c3538f3147ca77d317676ddd1bf040bd0f93b
76ce30224803d680c0115e987a712ce5552b2760beadf796a96b17439fb20797

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10898
x-amzn-requestid: e29f8dfc-07d4-4136-afaf-e1e067eea2ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zxGshIAMFw5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-5e87d2a44722af9e4e86c3d4;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: djoQmYTv7Rlq9tKKkJ5U1J3YeVSIs5yzSts_xRN3bdi27Ra8UfM6OQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:44:45 GMT
age: 45015
etag: "798c3538f3147ca77d317676ddd1bf040bd0f93b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6844 bytes)
Hash
976dda397f9292a498ca9db5599c0378
dad9e9c3462907a2475046aee36d57f8309cd44e
7ed9ccf2ff75ca53f5ba56a1d2127e0f09b0ae941cad8b042e8df01ad01e614b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6844
x-amzn-requestid: 0542cf46-5045-459f-a35f-f6c0d3f5f7b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flZsxH0YIAMF9ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86feb-692d50f710a131df2ee49aa8;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6bbFjAsd03GN8zzBnAFBm7xA8igZ_xHJsOHzw7nwNgRxiWUDLPGjpQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:53:29 GMT
age: 30091
etag: "dad9e9c3462907a2475046aee36d57f8309cd44e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 10:15:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde9a2197-1d4c-4aad-a76e-04d2a1f77b60.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12991 bytes)
Hash
c400859d7b0e7bf4d60b6b72da0d3b5a
edcc70016fce38a4ad14c3737712685ae1d282f2
45f69c6dcc83120058b731e39103cb1a2a40414eed2da633b43bdccc021665cd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde9a2197-1d4c-4aad-a76e-04d2a1f77b60.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12991
x-amzn-requestid: a5b71869-0509-443a-ada0-2f7a7cfb8166
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj4AEncoAMF_LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e699-24b0a146699561100a8d592f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7ssAFEDfDB-_QvsQ5x_WJRH6Jwn-nJaG32DTw8_H2fYUpJ6kBWowXw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 22:56:43 GMT
age: 40697
etag: "edcc70016fce38a4ad14c3737712685ae1d282f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/utility/live-message/3-2/css/style.css

172.64.167.9

200 OK

34 kB

URL HTTP/2
cdn.creative-bars1.com/sb/ssp/utility/live-message/3-2/css/style.css
IP
172.64.167.9:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
34 kB (34360 bytes)
Hash
20640d1ee5779dd6e1e8dd6ed9d2fdd7
4eb40921b6c1127514fed3e8232555e590a4a187
d88762504a5c0cc0446d08382a273a8a2e3ba8a0cef279f1829ef83065baf06d

HTTP Headers

GET /sb/ssp/utility/live-message/3-2/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 10:15:00 GMT
content-type: text/css
last-modified: Thu, 28 Apr 2022 08:29:13 GMT
etag: W/"626a5059-22dc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1880276
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWsuN5w7DLRSoMZyV0zjQ%2FjlU6Hv6Ce9Iln4ylF4WCRC5wGGL53qnEKI%2BX5GzXzGTbiXnTSWyeGPkuLHMGcnUwJAUjvRceJK1rRNhjK0uJyKAnI%2FUOMi%2FRCyHZBTg14ErU9pu8a0VT5i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7921af01fecb23cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/d8/9e/7e/d89e7e93f9084c1603a4d5c5eb150bd5/1667590681.png

45.133.44.10

200 OK

32 kB

URL HTTP/2
cdn.cloudimagesb.com/si/d8/9e/7e/d89e7e93f9084c1603a4d5c5eb150bd5/1667590681.png
IP
45.133.44.10:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
32 kB (32483 bytes)
Hash
b849d6fec2795f05895691bebbaaf6e8
5bfd0781ebb28abf8bfe3afd2557a6290985eeea
394300ca7334229a7fee43d05aa2fc53d5e5acfea953c3852ecc9420abd9005c

HTTP Headers

GET /si/d8/9e/7e/d89e7e93f9084c1603a4d5c5eb150bd5/1667590681.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 10:15:00 GMT
content-type: image/png
content-length: 32483
server: nginx/1.17.6
last-modified: Fri, 04 Nov 2022 19:38:09 GMT
etag: "63656a21-7ee3"
expires: Thu, 02 Feb 2023 10:15:00 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ba712b809d1107138674cd304e041068
cb7ed5692720084e2b66e724712685d1d56dbe94
1624708856cbcf339b6acc2d31268b693af742aa1b0c699391dddbb09c493347

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1624708856CBCF339B6ACC2D31268B693AF742AA1B0C699391DDDBB09C493347"
Last-Modified: Sat, 28 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10926
Expires: Tue, 31 Jan 2023 13:17:06 GMT
Date: Tue, 31 Jan 2023 10:15:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
efe2987e73eb290b5361f34e7396cb67
73fdd5972f7341ef84a1953d8f5409dd1a406083
4df592276cef5d667743880f6b3a940364edbef912f3d036c72110aa7e0fcfe0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4DF592276CEF5D667743880F6B3A940364EDBEF912F3D036C72110AA7E0FCFE0"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15140
Expires: Tue, 31 Jan 2023 14:27:20 GMT
Date: Tue, 31 Jan 2023 10:15:00 GMT
Connection: keep-alive

js.wpshsdk.com/npc/sdk/common/config.js

45.133.44.25

200 OK

19 B

URL HTTP/2
js.wpshsdk.com/npc/sdk/common/config.js
IP
45.133.44.25:0
ASN
#39572 DataWeb Global Group B.V.

File type
JSON data\012- , ASCII text, with no line terminators
Size
19 B (19 bytes)
Hash
67fc2c9421e21f4a3707c7fabc8e9f33
0d311fbfaea3d64122b4c5e575a5c3fbea11f718
b93ed3f9c6f2c27004ef57a9fa8f11248af5bd9848cc56a1c215db36d4ecc1bb

HTTP Headers

GET /npc/sdk/common/config.js HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 10:15:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 19
server: nginx/1.18.0
last-modified: Thu, 26 Jan 2023 12:22:57 GMT
etag: "63d270a1-13"
expires: Tue, 31 Jan 2023 10:20:00 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=916af95e-3825-4d20-9140-781a3cbf5665&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10

192.243.59.20

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=916af95e-3825-4d20-9140-781a3cbf5665&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=916af95e-3825-4d20-9140-781a3cbf5665&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 31 Jan 2023 10:15:00 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: be8e146a8527c88c45f53918e7dcbc55
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=916af95e-3825-4d20-9140-781a3cbf5665&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10

192.243.59.20

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=916af95e-3825-4d20-9140-781a3cbf5665&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=916af95e-3825-4d20-9140-781a3cbf5665&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 31 Jan 2023 10:15:00 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 273006b153bea8b344c63435e4c65b34
Strict-Transport-Security: max-age=0; includeSubdomains

js.wpshsdk.com/npc/sdk/common/core.js

45.133.44.25

200 OK

55 kB

URL HTTP/2
js.wpshsdk.com/npc/sdk/common/core.js
IP
45.133.44.25:0
ASN
#39572 DataWeb Global Group B.V.

File type
data
Size
55 kB (54784 bytes)
Hash
e2f4451fd612e360ba4fef1175c9dbdb
04795d46949d33e6b69de45fb777e11a07c92ddb
94e92cb9ee71eefa4b5c4d165aca572bd7631507e7a672514eb788b5eb5f1727

HTTP Headers

GET /npc/sdk/common/core.js HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 10:15:00 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 26 Jan 2023 12:22:57 GMT
etag: W/"63d270a1-1bf5c"
content-encoding: gzip
expires: Tue, 31 Jan 2023 10:20:00 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 13:09:06 GMT
expires: Wed, 24 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 594354
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

sw.wpush.org/ps/sw.js

45.133.44.25

200 OK

1.8 kB

URL HTTP/2
sw.wpush.org/ps/sw.js
IP
45.133.44.25:0
ASN
#39572 DataWeb Global Group B.V.

File type
data
Size
1.8 kB (1808 bytes)
Hash
f0bbdd19d4a3a9ca9f873f60fad257aa
bddc24d04c4fa162ce0e2444e3b5a04aca544887
501714ddcfa0619d655d899207df7f4289b8c34deee6e33cd1ec092957287756

HTTP Headers

GET /ps/sw.js HTTP/1.1
Host: sw.wpush.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Jan 2023 10:15:00 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 26 Jan 2023 12:22:57 GMT
etag: W/"63d270a1-158c"
content-encoding: gzip
expires: Tue, 31 Jan 2023 10:20:00 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

solemnvine.com/pixel/sbs?c=1

192.243.59.13

200 OK

0 B

URL HTTP/1.1
solemnvine.com/pixel/sbs?c=1
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: solemnvine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 31 Jan 2023 10:15:00 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.creative-bars1.com/sb/ssp/utility/live-message/3-2/css/animate.css

172.64.167.9

200 OK

6.0 kB

URL HTTP/2
cdn.creative-bars1.com/sb/ssp/utility/live-message/3-2/css/animate.css
IP
172.64.167.9:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
6.0 kB (6010 bytes)
Hash
38b71b5886757e7cdbc7909460646839
07609c315b10d0a04eb67fa7c409fc5b14797fdf
2c7d75955eb4803e72abab5c014101d49e6aef36ea06b20bc8129a34e8efcea4

HTTP Headers

GET /sb/ssp/utility/live-message/3-2/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 10:15:00 GMT
content-type: text/css
last-modified: Thu, 28 Apr 2022 08:29:13 GMT
etag: W/"626a5059-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 412121
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2BnS8xsgZvVsFHI5aghPOS3WA1NIGCrc3jKvXHlViP1WT2vDN64QDJ3p%2F%2BR4QSqg33drqEG5vfvLakG9nyX7ljV8i92euS9UVD92ifDNq4M56RTyj6kQMhJU1CEp2wbGXT%2Bm%2BTQNkTpO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7921af01fed823cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

dfiles.eu/ps/QW13h0.js

91.226.124.76

304 Not Modified

0 B

URL HTTP/1.1
dfiles.eu/ps/QW13h0.js
IP
91.226.124.76:0
ASN
#35415 Webzilla B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ps/QW13h0.js HTTP/1.1
Host: dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uprand=89aeb1ecb6da72215d0b4bdc34f602e3; last_file=dwijtgwns; lang_current=en; u_count=%5B0%2C0%5D; sb_page_224ad4a14b4b15c1726ff705ec672ea6=1; sb_onpage_224ad4a14b4b15c1726ff705ec672ea6=1; sb_main_224ad4a14b4b15c1726ff705ec672ea6=1; sb_count_224ad4a14b4b15c1726ff705ec672ea6=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=916af95e-3825-4d20-9140-781a3cbf5665%3A3%3A1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=solemnvine.com; ppu_idelay_c22dc50dc2bbe4422c7f68d26ab95eb9=1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-Modified-Since: Fri, 21 Oct 2022 18:16:45 GMT
If-None-Match: "6352e20d-30"
Cache-Control: max-age=0

HTTP/1.1 304 Not Modified
Server: nginx
Date: Tue, 31 Jan 2023 10:15:01 GMT
Last-Modified: Fri, 21 Oct 2022 18:16:45 GMT
Connection: close
ETag: "6352e20d-30"

notification.tubecup.net/in/subscription-offers?href=https%3A%2F%2Fdfiles.eu%2Ffiles%2Fdwijtgwns%2FSubnautica_41147.exe&tcid=0&spot_id=13971&site=tcpublisher&source_id=0

168.119.25.62

200 OK

0 B

URL HTTP/2
notification.tubecup.net/in/subscription-offers?href=https%3A%2F%2Fdfiles.eu%2Ffiles%2Fdwijtgwns%2FSubnautica_41147.exe&tcid=0&spot_id=13971&site=tcpublisher&source_id=0
IP
168.119.25.62:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/subscription-offers?href=https%3A%2F%2Fdfiles.eu%2Ffiles%2Fdwijtgwns%2FSubnautica_41147.exe&tcid=0&spot_id=13971&site=tcpublisher&source_id=0 HTTP/1.1
Host: notification.tubecup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 31 Jan 2023 10:15:01 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

js.wpshsdk.com/npc/sdk/push/styles.css

45.133.44.25

200 OK

0 B

URL HTTP/2
js.wpshsdk.com/npc/sdk/push/styles.css
IP
45.133.44.25:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /npc/sdk/push/styles.css HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 10:15:01 GMT
content-type: text/css
server: nginx/1.18.0
last-modified: Tue, 30 Aug 2022 09:15:33 GMT
etag: W/"630dd535-10f4"
content-encoding: gzip
expires: Tue, 31 Jan 2023 10:20:01 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.unblockia.com/h.js

54.230.111.125

200 OK

0 B

URL HTTP/2
cdn.unblockia.com/h.js
IP
54.230.111.125:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /h.js HTTP/1.1
Host: cdn.unblockia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 30 Jan 2023 12:36:49 GMT
last-modified: Mon, 30 Jan 2023 12:36:41 GMT
etag: W/"98fc3bbd88283d1c72f41b1bacfbd6dc"
x-amz-version-id: dpuRlA4rBfi4UXIX.2bc8GkhcTke_.nu
server: AmazonS3
content-encoding: br
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YXnYbdq4JiGvIeyeFLkzgnZi5t_C51cnQZN_ZlHOEaBAfMndhERmEw==
age: 77890
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

ads.a-static.com/0/html/pd/allsize.html?w=728&h=90&ct=http%3A%2F%2Fadserver.adreactor.com%2Fclkz%3Fzid%3D9%26cid%3D18656%26mid%3D14162%26pid%3D8620%26sid%3D19%26uuid%3D5a282d9e34c1bcf32aaf9cb321e905a9%26ip%3D91.90.42.154%26default%3Dfalse%26random%3D46351010%26timestamp%3D20230131051459%26test%3Dfalse%26resolution%3D728x91%26referrer%3Dhttps%253A%252F%252Fadsbb.dfiles.eu%252Fupload%252F1906%252Fad2708292742b09a.htm%253Fcanp%253Dadv_73b411c406ca38ecadcf742fe6ade752%26redirect%3D&rurl=https%3A%2F%2Fwww.gadgetsarena.org%2F%3Futm_source%3Ds-8620%26utm_medium%3Dbanner%26utm_campaign%3Dc-18656&g=NO&b=Firefox&bd=0&b1t=Mobile%20Reviews&b2t=Watch%20Now&b1tc=ffffff&b2tc=000000&b1bc=f90606&b2bc=1ad31d

46.166.179.118

200 OK

0 B

URL HTTP/2
ads.a-static.com/0/html/pd/allsize.html?w=728&h=90&ct=http%3A%2F%2Fadserver.adreactor.com%2Fclkz%3Fzid%3D9%26cid%3D18656%26mid%3D14162%26pid%3D8620%26sid%3D19%26uuid%3D5a282d9e34c1bcf32aaf9cb321e905a9%26ip%3D91.90.42.154%26default%3Dfalse%26random%3D46351010%26timestamp%3D20230131051459%26test%3Dfalse%26resolution%3D728x91%26referrer%3Dhttps%253A%252F%252Fadsbb.dfiles.eu%252Fupload%252F1906%252Fad2708292742b09a.htm%253Fcanp%253Dadv_73b411c406ca38ecadcf742fe6ade752%26redirect%3D&rurl=https%3A%2F%2Fwww.gadgetsarena.org%2F%3Futm_source%3Ds-8620%26utm_medium%3Dbanner%26utm_campaign%3Dc-18656&g=NO&b=Firefox&bd=0&b1t=Mobile%20Reviews&b2t=Watch%20Now&b1tc=ffffff&b2tc=000000&b1bc=f90606&b2bc=1ad31d
IP
46.166.179.118:0
ASN
#43350 NForce Entertainment B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /0/html/pd/allsize.html?w=728&h=90&ct=http%3A%2F%2Fadserver.adreactor.com%2Fclkz%3Fzid%3D9%26cid%3D18656%26mid%3D14162%26pid%3D8620%26sid%3D19%26uuid%3D5a282d9e34c1bcf32aaf9cb321e905a9%26ip%3D91.90.42.154%26default%3Dfalse%26random%3D46351010%26timestamp%3D20230131051459%26test%3Dfalse%26resolution%3D728x91%26referrer%3Dhttps%253A%252F%252Fadsbb.dfiles.eu%252Fupload%252F1906%252Fad2708292742b09a.htm%253Fcanp%253Dadv_73b411c406ca38ecadcf742fe6ade752%26redirect%3D&rurl=https%3A%2F%2Fwww.gadgetsarena.org%2F%3Futm_source%3Ds-8620%26utm_medium%3Dbanner%26utm_campaign%3Dc-18656&g=NO&b=Firefox&bd=0&b1t=Mobile%20Reviews&b2t=Watch%20Now&b1tc=ffffff&b2tc=000000&b1bc=f90606&b2bc=1ad31d HTTP/1.1
Host: ads.a-static.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 10:14:56 GMT
content-type: text/html
last-modified: Thu, 09 Jul 2020 13:20:22 GMT
etag: W/"5f071996-11e2"
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.barscreative1.com/sb/au/18/52/6a/18526a6becad408914fcf53d946360f0/1651134763.html

45.133.44.4

200 OK

0 B

URL HTTP/2
cdn.barscreative1.com/sb/au/18/52/6a/18526a6becad408914fcf53d946360f0/1651134763.html
IP
45.133.44.4:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sb/au/18/52/6a/18526a6becad408914fcf53d946360f0/1651134763.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 10:15:00 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Sat, 07 May 2022 03:21:27 GMT
etag: W/"6275e5b7-616"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Tue, 31 Jan 2023 11:15:00 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

js.wpshsdk.com/npc/sdk/push.m.js?v=1

45.133.44.25

200 OK

0 B

URL HTTP/2
js.wpshsdk.com/npc/sdk/push.m.js?v=1
IP
45.133.44.25:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /npc/sdk/push.m.js?v=1 HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 10:15:00 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 26 Jan 2023 12:22:57 GMT
etag: W/"63d270a1-f96f"
content-encoding: gzip
expires: Tue, 31 Jan 2023 10:20:00 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

sw.wpush.org/ps/sw.js

45.133.44.24

200 OK

0 B

URL HTTP/2
sw.wpush.org/ps/sw.js
IP
45.133.44.24:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ps/sw.js HTTP/1.1
Host: sw.wpush.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 10:15:01 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 26 Jan 2023 12:22:57 GMT
etag: W/"63d270a1-158c"
content-encoding: gzip
expires: Tue, 31 Jan 2023 10:20:01 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/utility/live-message/3-2/js/script.js

172.64.167.9

200 OK

0 B

URL HTTP/2
cdn.creative-bars1.com/sb/ssp/utility/live-message/3-2/js/script.js
IP
172.64.167.9:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/ssp/utility/live-message/3-2/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 10:15:00 GMT
content-type: application/javascript
last-modified: Thu, 28 Apr 2022 08:29:16 GMT
etag: W/"626a505c-495"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 383592
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nH3VngoTprhVUZjyVVCOKBLRdpcqIv%2BjPLBba8oVMnb6kakZmjCT0tWKjcT%2B2ggC6XsHqHjLqH9eDv%2BQa9tYrHITLPCW5ryQCFg1GHsD9nI6k%2BQlwEaPwPB6YaaottapndT%2BSby2ByWo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7921af02e88523cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (71)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL