| acscdn.com/script/aclib.js |  104.21.11.26 | 200 OK | 40 kB |
URL GET HTTP/2acscdn.com/script/aclib.js IP104.21.11.26:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerGoogle Trust Services LLC Subjectacscdn.com Fingerprint55:5D:7F:12:65:2B:04:EA:49:29:92:63:3B:D1:C2:DF:C7:F6:4B:9E ValiditySat, 27 Apr 2024 13:56:54 GMT - Fri, 26 Jul 2024 13:56:53 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65499), with no line terminators Hash4c2179a619c355d4c2eca1a64f6f3f07 b274e397844067fef7f1ee62031cf1c03d7d0343 23847115b160f47704649f2f6bb3347e31b53c12089d504d98303c18856bc58a
GET /script/aclib.js HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 01:44:14 GMT
content-type: text/javascript
x-goog-generation: 1714389616107910
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 125606
x-goog-hash: crc32c=xTw75w==, md5=TCF5phnDVdTC7KGmT28/Bw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
x-guploader-uploadid: ABPtcPq3WDRiywUXy1I9epsgjBrZr10_kxsxD8tygBTr-xkVVMzaGeOnPwLfQ_UPT0AwhViwE90
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sun, 05 May 2024 02:21:04 GMT
cache-control: public, max-age=3600
age: 874
last-modified: Mon, 29 Apr 2024 11:20:16 GMT
etag: W/"4c2179a619c355d4c2eca1a64f6f3f07"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wxAttNixRom5dD9MQb0f3gsPqHmBCxGgIFonjJXH68PeOvTbP5X5%2FNSGIM2xqXbi%2BNoqoSZ2Wp%2BiVTcFgIIJQ%2FUtXAylhwQMUMCIxyqXS9hzK3FGJqBBw0PRFu0Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ed0b546b62b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/images/yes.png |  91.226.124.125 | 200 OK | 3.3 kB |
URL GET HTTP/2static.depositfiles.com/images/yes.png IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typePNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced Hash3055b8489aeb385fb40b27f0bf0a5ae7 4cfbe45a0ba393ab8ad535cc04af30debef0a1ab b325d6cb153b02050e59230e2abfb01e05f4bda708ad54bd8f6d9693fa9c2dac
GET /images/yes.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/png
date: Sun, 05 May 2024 01:44:14 GMT
etag: "651c240d-ccb"
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 3275
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/images/no.png | 91.226.124.125 | 200 OK | 3.1 kB |
URL GET HTTP/2static.depositfiles.com/images/no.png IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typePNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced Hash1724ae7b4437c460dafe40dfe9f96d41 8dc80d5b802f180254a8ee1bf1edf0b843205f1e 9b95b8f24b2b0808d611f4fd9bf5f3c548b352ae6100ab7b298b99a86905db79
GET /images/no.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/png
date: Sun, 05 May 2024 01:44:14 GMT
etag: "651c240d-c4a"
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 3146
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-BL9163LYG1 |  142.250.74.168 | 200 OK | 102 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-BL9163LYG1 IP142.250.74.168:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size102 kB (102092 bytes) Hash589f66eb0588f7348f70943ca59c762b 23cebf6cedfac8c3ffce4bd141b624b95785a931 c8ed1c8db0803a274b8431e00c3a5e64ae84c576075ef39195b959b4fda5b179
GET /gtag/js?id=G-BL9163LYG1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 May 2024 01:44:14 GMT
expires: Sun, 05 May 2024 01:44:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 102092
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/js/download_utils.js | 91.226.124.125 | 200 OK | 13 kB |
URL GET HTTP/2static.depositfiles.com/js/download_utils.js IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeJavaScript source, ASCII text, with very long lines (2250) Hash90a706006bc709cdc974ff3e0e01b34f 89585d2c7cac44c9c03c118bbb38aefba1d8a1e4 16f1515b9938fc7de086c504fe214484d97e237647a5d7fa2cb742a93f00c1ea
GET /js/download_utils.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=300
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: application/javascript
date: Sun, 05 May 2024 01:44:14 GMT
etag: "651c240d-3447"
expires: Sun, 05 May 2024 01:49:14 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 13383
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/js/gold_offer.js | 91.226.124.125 | 200 OK | 9.9 kB |
URL GET HTTP/2static.depositfiles.com/js/gold_offer.js IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeJavaScript source, ASCII text Hash041bdbbe3ac15bc57b14933e164b55f8 790f921426d0b602424fb3077ca900af94b5ad9e a86d8d81e5c254822628c578c40d2d62956ab3060632d1884b5080093365b97b
GET /js/gold_offer.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=300
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: application/javascript
date: Sun, 05 May 2024 01:44:14 GMT
etag: "651c240d-269f"
expires: Sun, 05 May 2024 01:49:14 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 9887
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/js/jquery.validate.js | 91.226.124.125 | 200 OK | 38 kB |
URL GET HTTP/2static.depositfiles.com/js/jquery.validate.js IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (1238) Hashd5231b6378847ebdb55f64c77d5a234f eed97aa0b2aa9486b6f6831ed8a85dc729ad6b9c 95434a8a2568a6481a1fbcf5808a75dd58e77348ed6d70b4f7aeda8842e8f0c7
GET /js/jquery.validate.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=300
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: application/javascript
date: Sun, 05 May 2024 01:44:14 GMT
etag: "651c240d-957d"
expires: Sun, 05 May 2024 01:49:14 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 38269
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/images/speed_small.gif | 91.226.124.125 | 200 OK | 24 kB |
URL GET HTTP/2static.depositfiles.com/images/speed_small.gif IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeGIF image data, version 89a, 200 x 200 Hash5cbc96bbb7230dd17ed38b5dd6e3271c 6ee1f0b9e29ac3e824cccd6e5135d51c8d3aaea1 01edcbb65e514def555b1e999d3a72f118f67e572f628293b91893b3758c6991
GET /images/speed_small.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=432000
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/gif
date: Sun, 05 May 2024 01:44:14 GMT
etag: "651c240d-5dac"
expires: Fri, 10 May 2024 01:44:14 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 23980
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/images/speed_small_gold.gif | 91.226.124.125 | 200 OK | 14 kB |
URL GET HTTP/2static.depositfiles.com/images/speed_small_gold.gif IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeGIF image data, version 89a, 200 x 200 Hashc5f8f0e9ecd16637e267912376c24bed 324567a641d318ecfafe6374dfba86ccb2f90dd7 13678b229b6c4224bcb9578a2f29bc3686958f4bea73af7645eb39af4246e6a9
GET /images/speed_small_gold.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=432000
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/gif
date: Sun, 05 May 2024 01:44:14 GMT
etag: "651c240d-389c"
expires: Fri, 10 May 2024 01:44:14 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 14492
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/js/function.js | 91.226.124.125 | 200 OK | 35 kB |
URL GET HTTP/2static.depositfiles.com/js/function.js IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeJavaScript source, ASCII text, with very long lines (4240) Hasha5779d2f560cd50376dbba372b0fd15b 07b08e35b9254288c1372e37577db8b9e4da01b4 51d26403861d61a7842bc73f518d4a4351a7027c40c9f0347f61421226950b84
GET /js/function.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=300
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: application/javascript
date: Sun, 05 May 2024 01:44:14 GMT
etag: "651c240d-8863"
expires: Sun, 05 May 2024 01:49:14 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 34915
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/js/962e36ace9b4601f1f51f3e2010e41b9.js | 91.226.124.125 | 200 OK | 166 kB |
URL GET HTTP/2static.depositfiles.com/js/962e36ace9b4601f1f51f3e2010e41b9.js IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeJavaScript source, ASCII text, with very long lines (60311) Size166 kB (165612 bytes) Hash02d50bb775f981faf5ad7b6c2a58399d 65d9757b4467a6199f61f2c2bfa71ba23600e8be 0fd67704d0e0d7480f58a5596d37f5e63b752a083c4e8540b24800d1adb93965
GET /js/962e36ace9b4601f1f51f3e2010e41b9.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=300
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: application/javascript
date: Sun, 05 May 2024 01:44:14 GMT
etag: "660a8714-286ec"
expires: Sun, 05 May 2024 01:49:14 GMT
last-modified: Mon, 01 Apr 2024 10:06:12 GMT
server: nginx
content-length: 165612
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/js/base2.js | 91.226.124.125 | 200 OK | 399 kB |
URL GET HTTP/2static.depositfiles.com/js/base2.js IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65481) Size399 kB (398927 bytes) Hash2fcae8126c3fd9a626370a701f0bd887 f3496fb7bbe122a9774d7dcfcd68da03a24dc285 d29ab86f64b4fcfbc45b9ef806c147f1e42e37e37d44a559147232288063badc
GET /js/base2.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=300
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: application/javascript
date: Sun, 05 May 2024 01:44:14 GMT
etag: "651c240d-6164f"
expires: Sun, 05 May 2024 01:49:14 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 398927
X-Firefox-Spdy: h2
|
|
| subqueriesendedgrounds.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js | 172.240.108.76 | 200 OK | 16 kB |
URL GET HTTP/1.1subqueriesendedgrounds.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js IP172.240.108.76:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectsubqueriesendedgrounds.com Fingerprint5A:B5:1B:3C:B2:E3:E3:20:C8:E4:69:56:9D:59:91:B2:90:31:11:5F ValidityTue, 16 Apr 2024 20:35:30 GMT - Mon, 15 Jul 2024 20:35:29 GMT
File typeJavaScript source, ASCII text, with very long lines (44098), with no line terminators Hash9fab6b20cecb0d5546121d1f80c3d259 89061907a170d01cad1130bb0dc8d32dbd3e3022 91060c8f84dc33f04d0211aab46121d1ac5f5cf176f3f662b669339027dc86cb
GET /22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js HTTP/1.1
Host: subqueriesendedgrounds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 May 2024 01:44:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-3448=0; expires=Wed, 08 May 2024 04:44:15 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 553b17b9c28874def9d79d2949e919ce
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| ocsp.r2m03.amazontrust.com/ | 3.164.222.26 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP3.164.222.26:0
Hash691c3f87e4fe41a736328d3c71e2dbdc fd76f455b38ba18f00a6fb81e3585201eb3c43f6 8ac709de568d48e4c9e64b75afa6cd3fed58e2cf0c21e823af01ab342e6794b9
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sun, 05 May 2024 01:44:15 GMT
Last-Modified: Sun, 05 May 2024 01:43:06 GMT
Server: ECAcc (ska/F7A5)
X-Cache: Miss from cloudfront
Via: 1.1 88ba1d0c348c5f253432165d46a14a82.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN53-P1
X-Amz-Cf-Id: k8-b31sHEVL6BAYGl9_9JR6Sykw2590iRXdD7eBqEsw0XNjb0RNYTA==
Age: 69
|
|
| static.depositfiles.com/images/logo.png | 91.226.124.125 | 200 OK | 3.6 kB |
URL GET HTTP/2static.depositfiles.com/images/logo.png IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typePNG image data, 176 x 43, 8-bit/color RGBA, non-interlaced Hashc41fdd84b04e45a91cb17cfdeccb1b38 fec7fffe104c7e169aeb159032078c4b71ff2cdc 7f89eb8ab03684f4db282ca30eb231b1e254bca10c7b511950df5e0eab0a68a0
GET /images/logo.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/png
date: Sun, 05 May 2024 01:44:15 GMT
etag: "651c240d-e27"
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 3623
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/images/sprite.png | 91.226.124.125 | 200 OK | 37 kB |
URL GET HTTP/2static.depositfiles.com/images/sprite.png IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typePNG image data, 102 x 630, 8-bit/color RGBA, non-interlaced Hash2333675d7e431d5313c6dbb5230a14cd 93c4032e5b8b85793a9cda7167804445d950dd96 b287134a60667ce8e2c3fa1603e3a8f2ffa59c64e746d026d1a13ef19f3f38a0
GET /images/sprite.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/png
date: Sun, 05 May 2024 01:44:15 GMT
etag: "651c240d-8fc2"
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 36802
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats |  18.185.9.67 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.9.67:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashab9ac745b8e0f36688cc19ca9031b0d1 509135d8763916080a65a305d9e2e546fcaa0915 edc152632ab7adb2a26b1847d1bce70e3ab437149701052ff135bc0879f3a7ea
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 01:44:15 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dfiles.eu
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=bb124b52-b612-454e-9a89-df0c6d18f823:2:1; expires=Wed, 03 May 2034 01:44:15 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/images/member_menu_bg.gif | 91.226.124.125 | 200 OK | 78 B |
URL GET HTTP/2static.depositfiles.com/images/member_menu_bg.gif IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeGIF image data, version 89a, 1 x 48 Hash20a24b56dcedf6a71a71ebec771e1f7d d7bed493d5d4eeaed5dbbf7d30d45107840790a0 6f57f29224d8e9e51ed0839e329055426fba7dcd97ef31e93ed495f93a6063df
GET /images/member_menu_bg.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=432000
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/gif
date: Sun, 05 May 2024 01:44:15 GMT
etag: "651c240d-4e"
expires: Fri, 10 May 2024 01:44:15 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 78
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/images/upload_btn_bg.gif | 91.226.124.125 | 200 OK | 9.0 kB |
URL GET HTTP/2static.depositfiles.com/images/upload_btn_bg.gif IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeGIF image data, version 89a, 209 x 75 Hash6f312f0f4ff138758bae76420f6efd78 b40a28f162140fedff9ee5ce0d687868b1f73d17 c667d75c7f916bf8b140b0e1f7ab0c996f76d4642faed85bd9fef3c738f0912b
GET /images/upload_btn_bg.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=432000
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/gif
date: Sun, 05 May 2024 01:44:15 GMT
etag: "651c240d-2332"
expires: Fri, 10 May 2024 01:44:15 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 9010
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/images/flags/lang24.png | 91.226.124.125 | 200 OK | 9.2 kB |
URL GET HTTP/2static.depositfiles.com/images/flags/lang24.png IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typePNG image data, 24 x 552, 8-bit/color RGBA, non-interlaced Hashefdcd1ca23d564ddd811f41152a2b83c 0b5aa064e7f8f241363c55fa17eb448f42a5f8df ce23be242e34c5b420f8ba0390aef20fa50ffc69f700091029616eff524e8f9b
GET /images/flags/lang24.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/png
date: Sun, 05 May 2024 01:44:15 GMT
etag: "651c240d-23d4"
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 9172
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/images/sprite64.png | 91.226.124.125 | 200 OK | 29 kB |
URL GET HTTP/2static.depositfiles.com/images/sprite64.png IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typePNG image data, 64 x 1088, 8-bit/color RGBA, non-interlaced Hashe50649ecf6a2094c25da755ea0ea7bd1 e1c3e229a62f049442fa16cf43ec07f384b27362 a9ed59ab3bbcfdf66224664aeb14fa0f0e8f034d8472a58dadcf65cfff17685d
GET /images/sprite64.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/png
date: Sun, 05 May 2024 01:44:15 GMT
etag: "651c240d-704b"
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 28747
X-Firefox-Spdy: h2
|
|
| adsbb.dfiles.eu//ad.php?z=58&c=NO&g=gateway | 91.226.124.120 | 303 See Other | 503 B |
URL GET HTTP/2adsbb.dfiles.eu//ad.php?z=58&c=NO&g=gateway IP91.226.124.120:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
Hash811166de49cef4bd5b0ed18bc403ab14 de7e6af661e93d6abec8299d2cdba990dfed7eeb 7ec758eab0e79ec60fca82ba3f0431deaa87b61fac98af6707731c2725b28565
GET //ad.php?z=58&c=NO&g=gateway HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: last_file=6nnh1cvkh
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 303 See Other
content-security-policy: frame-ancestors depositfiles.com depositfiles.org dfiles.eu dfiles.com web-301.dfiles.eu web-302.dfiles.eu web-303.dfiles.eu web-304.dfiles.eu, frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: text/html; charset=UTF-8
date: Sun, 05 May 2024 01:44:15 GMT
location: /upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
server: nginx
set-cookie: _nf58=1; expires=Mon, 06-May-2024 01:44:15 GMT; Max-Age=86400
x-powered-by: PHP/5.6.40
X-Firefox-Spdy: h2
|
|
| js.capndr.com/advertising.js | 45.133.44.53 | 200 OK | 0 B |
URL GET HTTP/2js.capndr.com/advertising.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectjs.capndr.com Fingerprint0D:30:A1:FB:7E:A0:EC:89:85:17:27:67:37:21:DA:E0:CB:E3:26:06 ValiditySun, 21 Apr 2024 03:00:41 GMT - Sat, 20 Jul 2024 03:00:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 01:44:16 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Sun, 05 May 2024 01:49:16 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| na.nawpush.com/tags/46445?version_name=c | 45.133.44.25 | 200 OK | 907 B |
URL GET HTTP/2na.nawpush.com/tags/46445?version_name=c IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectna.nawpush.com FingerprintE4:8A:6D:1E:95:BA:50:33:94:D3:16:FE:4C:61:AA:DE:72:B1:70:87 ValidityThu, 28 Mar 2024 03:00:38 GMT - Wed, 26 Jun 2024 03:00:37 GMT
Hasheb813c908d1568074a83e205499809a1 951e6f7b2a7716698c51089b3a2d8a946c8474cf 1ec98d698bc2989743975bd56eca134781f0f1aa2102929869ebacba74c38d68
GET /tags/46445?version_name=c HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 01:44:16 GMT
content-type: application/json
content-length: 907
server: nginx/1.24.0
cache-control: max-age=300, public
x-proxy-cache: EXPIRED
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js | 91.226.124.120 | 200 OK | 85 kB |
URL GET HTTP/2adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js IP91.226.124.120:443
Requested byhttps://adsbb.dfiles.eu/upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65168) Hashb04a3bccd23ddeb7982143707a63ccf9 4a5dc1389aad050a44ee5e81408238a317ab3413 764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: last_file=6nnh1cvkh; _nf56=1; _nf58=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: no-cache, private, no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: application/javascript
date: Sun, 05 May 2024 01:44:16 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
pragma: no-cache
server: nginx
content-length: 85260
X-Firefox-Spdy: h2
|
|
| ransomsection.com/c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js | 192.243.61.227 | 200 OK | 28 kB |
URL GET HTTP/1.1ransomsection.com/c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectransomsection.com Fingerprint84:94:47:11:DF:24:53:02:E1:19:0F:B2:D9:9E:CB:83:86:65:FB:34 ValidityMon, 29 Apr 2024 08:05:40 GMT - Sun, 28 Jul 2024 08:05:39 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash28ed6bf79a3d0602b9108bd3f898b22b edec68dd35d8b7e98f428b088c2d0d85bb09d118 2fe0858e5c1e9a986e01cf1dd21b69a70180494ca58b3dbba343fd5b284a4f6e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js HTTP/1.1
Host: ransomsection.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 May 2024 01:44:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0472e223cf4f628473a3005d90ec8ce2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| pubtrky.com/ut/hb.php?cb=0.6292052472825119&v=1 | 172.67.188.110 | 204 No Content | 0 B |
URL POST HTTP/2pubtrky.com/ut/hb.php?cb=0.6292052472825119&v=1 IP172.67.188.110:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerGoogle Trust Services LLC Subjectpubtrky.com Fingerprint1F:C3:3C:5C:C7:6F:56:DF:E4:18:22:98:6F:C2:B3:96:B2:B4:A6:30 ValidityMon, 18 Mar 2024 09:15:33 GMT - Sun, 16 Jun 2024 09:15:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ut/hb.php?cb=0.6292052472825119&v=1 HTTP/1.1
Host: pubtrky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 1168
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 05 May 2024 01:44:16 GMT
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kn6ZygQXsavEfb9hIH50EFLMR8H6zLEFunctgAPdGoEzusku2Q71MFl67HfanLNsf6g4iD%2BODr5XGjQO0zOUv%2FPqOxFA4CAMbOkoX9FcaQq12pniiXR6GpT26uHYOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed0b5cecd256a8-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js | 91.226.124.120 | 200 OK | 85 kB |
URL GET HTTP/2adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js IP91.226.124.120:443
Requested byhttps://adsbb.dfiles.eu/upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65168) Hashb04a3bccd23ddeb7982143707a63ccf9 4a5dc1389aad050a44ee5e81408238a317ab3413 764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: last_file=6nnh1cvkh; _nf56=1; _nf58=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: no-cache, private, no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: application/javascript
date: Sun, 05 May 2024 01:44:16 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
pragma: no-cache
server: nginx
content-length: 85260
X-Firefox-Spdy: h2
|
|
| jsc.mgid.com/d/e/depositfiles.com.7998.js | 104.19.129.76 | 200 OK | 9.8 kB |
URL GET HTTP/2jsc.mgid.com/d/e/depositfiles.com.7998.js IP104.19.129.76:443
Requested byhttps://adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerLet's Encrypt Subjectmgid.com Fingerprint9C:6C:5A:48:88:44:CB:C2:F4:76:D3:2E:DC:07:0D:D4:CA:6A:25:F5 ValiditySun, 10 Mar 2024 23:31:34 GMT - Sat, 08 Jun 2024 23:31:33 GMT
File typeJavaScript source, ASCII text, with very long lines (6015), with no line terminators Hashee8a64bccca46985837c0efbee795671 105f24b14f2dbec00375702decd7c4884aeb2168 201a429f275c2df31c22e585d91d13cc07b069f6ca4b08aaaaeba8491223b100
GET /d/e/depositfiles.com.7998.js HTTP/1.1
Host: jsc.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 01:44:16 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=6016
etag: W/"d68cc3bbb5e640d3f8a560392421b87e"
last-modified: Wed, 24 Apr 2024 12:46:31 GMT
x-amz-id-2: DvM6Mo9wFgcTWP0mQIoFZtNO+cJqsnVz3h4dAxTgb5lsQvm1IbotL1U6YrutdoIIR5jokdRDSgA=
x-amz-request-id: 499AGJ62Q56QZGQ5
x-amz-server-side-encryption: AES256
x-amz-version-id: PPyEacgqpc35eLhV28DTtPtNlPf5CeqE
cf-cache-status: HIT
age: 1603
expires: Sun, 05 May 2024 04:44:16 GMT
cache-control: public, max-age=10800
set-cookie: __cf_bm=iGdDlF8IY5E6mnQ2tDkj7KepteUJS7TC5SPQ7wskNuc-1714873456-1.0.1.1-PSC3K0FKHfxTN8KZHZYRCGGQxwmMSUoi12LJdyFfH_W27W_8wDy1_rylovcGTiKx_mwy5g5JHQ8305ywpjchuw; path=/; expires=Sun, 05-May-24 02:14:16 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-origin: *
server: cloudflare
cf-ray: 87ed0b5d5f0356c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api.js | 142.250.74.164 | 200 OK | 45 kB |
URL GET HTTP/2www.google.com/recaptcha/api.js IP142.250.74.164:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99 ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT
Hash0aabbb0181f01daac12889fa66a68941 276d164a2f933d4fe983683f395fb6ab10327a54 65e22a466312971965718d1e191fc4a49f28b3a9ce5db0f97d5de671f81d9aae
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Sun, 05 May 2024 01:44:14 GMT
date: Sun, 05 May 2024 01:44:14 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe | 91.226.124.120 | 200 OK | 13 kB |
URL User Request GET HTTP/2dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe IP91.226.124.120:443
CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
File typegzip compressed data, max speed, from Unix Hash2167c8847e4d4a1ded0b853c77761ecb da1d9363c3aebb62cfc59fa03e2439b299d7d2a7 82e891d9193c27deae794f969072bc10e8dec950446329cd67546a9487394db8
GET /files/6nnh1cvkh/Minecraft-Story_patch.exe HTTP/1.1
Host: dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: text/html; charset=UTF-8
date: Sun, 05 May 2024 01:44:14 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
set-cookie: PHPSESSID=efa6ac494681e855a9b61be95cf6bf53; path=/
last_file=6nnh1cvkh; path=/; domain=.dfiles.eu
lang_current=en; expires=Mon, 05-May-2025 01:44:14 GMT; Max-Age=31536000; path=/; domain=.dfiles.eu; secure
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| adsbb.dfiles.eu/view.gif?c=2685&z=56&b=2758&u=6636e3708064f5507527436799117 | 91.226.124.120 | 200 OK | 43 B |
URL GET HTTP/2adsbb.dfiles.eu/view.gif?c=2685&z=56&b=2758&u=6636e3708064f5507527436799117 IP91.226.124.120:443
Requested byhttps://adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
File typeGIF image data, version 89a, 1 x 1 Hash6d22e4f2d2057c6e8d6fab098e76e80f b80b11203d97fe01c5597ca3be70406ea48f5709 afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /view.gif?c=2685&z=56&b=2758&u=6636e3708064f5507527436799117 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: last_file=6nnh1cvkh; _nf56=1; _nf58=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: no-cache, private, no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/gif
date: Sun, 05 May 2024 01:44:16 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
pragma: no-cache
server: nginx
content-length: 43
X-Firefox-Spdy: h2
|
|
| adsbb.dfiles.eu/view.gif?c=2973&z=58&b=2775&u=6636e370890ee4824352862775805 | 91.226.124.120 | 200 OK | 43 B |
URL GET HTTP/2adsbb.dfiles.eu/view.gif?c=2973&z=58&b=2775&u=6636e370890ee4824352862775805 IP91.226.124.120:443
Requested byhttps://adsbb.dfiles.eu/upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
File typeGIF image data, version 89a, 1 x 1 Hash6d22e4f2d2057c6e8d6fab098e76e80f b80b11203d97fe01c5597ca3be70406ea48f5709 afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /view.gif?c=2973&z=58&b=2775&u=6636e370890ee4824352862775805 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: last_file=6nnh1cvkh; _nf56=1; _nf58=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: no-cache, private, no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/gif
date: Sun, 05 May 2024 01:44:16 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
pragma: no-cache
server: nginx
content-length: 43
X-Firefox-Spdy: h2
|
|
| ransomsection.com/sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6&psid=CF-3448_0&uuid=bb124b52-b612-454e-9a89-df0c6d18f823%3A2%3A1 | 192.243.61.227 | 200 OK | 4.4 kB |
URL GET HTTP/1.1ransomsection.com/sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6&psid=CF-3448_0&uuid=bb124b52-b612-454e-9a89-df0c6d18f823%3A2%3A1 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectransomsection.com Fingerprint84:94:47:11:DF:24:53:02:E1:19:0F:B2:D9:9E:CB:83:86:65:FB:34 ValidityMon, 29 Apr 2024 08:05:40 GMT - Sun, 28 Jul 2024 08:05:39 GMT
Hash531dcfdcd0576b7d5db5bb9c8cb468c8 62d234cc0d8faddff74ca80bd21312de43caed7d 9a8492225f3da577c40982784cc3f2c9647172cf649dfc38e3e4058bc24226e5
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6&psid=CF-3448_0&uuid=bb124b52-b612-454e-9a89-df0c6d18f823%3A2%3A1 HTTP/1.1
Host: ransomsection.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 May 2024 01:44:16 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://dfiles.eu
Access-Control-Allow-Origin: https://dfiles.eu
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16004719; expires=Mon, 06 May 2024 01:44:16 GMT; secure; SameSite=None
uid_id2=bb124b52-b612-454e-9a89-df0c6d18f823:2:1; expires=Sun, 12 May 2024 01:44:16 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 06 May 2024 01:44:16 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 May 2024 01:44:16 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 06 May 2024 01:44:16 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 06 May 2024 01:44:16 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e401a43dd1b3bca7644ec92cd4d1d9e0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| fp.metricswpsh.com/fp?tag_id=46445 | 157.90.84.242 | 200 OK | 0 B |
URL POST HTTP/1.1fp.metricswpsh.com/fp?tag_id=46445 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=46445 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Sun, 05 May 2024 01:44:16 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://dfiles.eu
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
|
|
| fp.metricswpsh.com/fp?tag_id=46445 | 157.90.84.242 | 200 OK | 58 B |
URL POST HTTP/1.1fp.metricswpsh.com/fp?tag_id=46445 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hash87385fcd2a67fc74d2fa67366ba68ea2 a604cdbb1d31ce257e8643eee9219c9c724c200c 9307cbb21345500294eae459b18a8ffb2bd2fcccd928a09efbc1e324fa9c9995
POST /fp?tag_id=46445 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1837
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 05 May 2024 01:44:16 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 58
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://dfiles.eu
Set-Cookie: id=6239335330501515957; Expires=Mon, 05 May 2025 01:44:16 GMT; Secure; SameSite=None
Vary: Origin
|
|
| js.wpshsdk.com/npc/sdk/push.m.js?v=1 | 45.133.44.53 | 200 OK | 15 kB |
URL GET HTTP/2js.wpshsdk.com/npc/sdk/push.m.js?v=1 IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectjs.wpshsdk.com Fingerprint7C:0A:CB:08:AD:6F:60:55:9E:07:7C:F7:07:AC:DD:CF:DF:AB:01:FD ValidityWed, 20 Mar 2024 05:01:38 GMT - Tue, 18 Jun 2024 05:01:37 GMT
File typegzip compressed data, from Unix Hash46e884c6ee86a774169f82300b709ba2 68822b7d2c642d499844516d0f4fb9039068d37d 5b181e1843aeaf2a71ce5533cf9760ffe0c94a46cdc2666c9baa5a4ad4299c15
GET /npc/sdk/push.m.js?v=1 HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 01:44:16 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Sat, 27 Apr 2024 11:13:42 GMT
etag: W/"662cdde6-845a"
content-encoding: gzip
expires: Sun, 05 May 2024 01:49:16 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| c.mgid.com/pv/?lu=https%3A%2F%2Fdfiles.eu%2Ffiles%2F6nnh1cvkh%2FMinecraft-Story_patch.exe&cbuster=1714873456553497326885&pvid=18f466c57a9a27420f4&implVersion=11&cxurl=https%3A%2F%2Fdfiles.eu%2Ffiles%2F6nnh1cvkh%2FMinecraft-Story_patch.exe&site=437&i=1 | 104.19.129.76 | 200 OK | 43 B |
URL GET HTTP/3c.mgid.com/pv/?lu=https%3A%2F%2Fdfiles.eu%2Ffiles%2F6nnh1cvkh%2FMinecraft-Story_patch.exe&cbuster=1714873456553497326885&pvid=18f466c57a9a27420f4&implVersion=11&cxurl=https%3A%2F%2Fdfiles.eu%2Ffiles%2F6nnh1cvkh%2FMinecraft-Story_patch.exe&site=437&i=1 IP104.19.129.76:443
Requested byhttps://adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerLet's Encrypt Subjectmgid.com Fingerprint9C:6C:5A:48:88:44:CB:C2:F4:76:D3:2E:DC:07:0D:D4:CA:6A:25:F5 ValiditySun, 10 Mar 2024 23:31:34 GMT - Sat, 08 Jun 2024 23:31:33 GMT
File typeGIF image data, version 89a, 1 x 1 Hash57f187c7a868faeac558007a8eb6cb2e 11ab10ab109fdb53d91d444ac781101f5a6360c6 aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /pv/?lu=https%3A%2F%2Fdfiles.eu%2Ffiles%2F6nnh1cvkh%2FMinecraft-Story_patch.exe&cbuster=1714873456553497326885&pvid=18f466c57a9a27420f4&implVersion=11&cxurl=https%3A%2F%2Fdfiles.eu%2Ffiles%2F6nnh1cvkh%2FMinecraft-Story_patch.exe&site=437&i=1 HTTP/1.1
Host: c.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adsbb.dfiles.eu/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=iGdDlF8IY5E6mnQ2tDkj7KepteUJS7TC5SPQ7wskNuc-1714873456-1.0.1.1-PSC3K0FKHfxTN8KZHZYRCGGQxwmMSUoi12LJdyFfH_W27W_8wDy1_rylovcGTiKx_mwy5g5JHQ8305ywpjchuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 01:44:16 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87ed0b6099f35699-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.steepto.com/images/steepto/steepto_logo_mini_45.png | 104.19.132.72 | 200 OK | 2.7 kB |
URL GET HTTP/2cdn.steepto.com/images/steepto/steepto_logo_mini_45.png IP104.19.132.72:443
Requested byhttps://adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerLet's Encrypt Subjectsteepto.com Fingerprint3F:AA:ED:BB:5A:B8:14:83:2E:41:07:2A:0F:20:84:93:8E:0E:85:D6 ValidityWed, 17 Apr 2024 03:49:59 GMT - Tue, 16 Jul 2024 03:49:58 GMT
File typePNG image data, 45 x 17, 8-bit/color RGBA, non-interlaced Hash7e16c555b09abddb8088e5bfca7a1cde e658a7ed5af6155c4687a3dbbafdde1aa99795c9 a25a570158e49fe829d9c77d2e0400d0c822ef464d40f55eba7ef71b98f98745
GET /images/steepto/steepto_logo_mini_45.png HTTP/1.1
Host: cdn.steepto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 01:44:16 GMT
content-type: image/png
content-length: 2745
x-amz-id-2: FAz1/sXpf9zVWkYSnzep27s/gF+ENjVyX5SORbEzy6b/TPBTAHsI14riRaEJjtKug1U9tFHj7Vgb/bIrkOpvDQ==
x-amz-request-id: PH613321N2ME2CF6
last-modified: Mon, 04 May 2020 12:16:55 GMT
etag: "7e16c555b09abddb8088e5bfca7a1cde"
x-amz-version-id: null
cf-cache-status: HIT
age: 2826
expires: Sun, 05 May 2024 05:44:16 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 87ed0b60fdaf0b45-OSL
X-Firefox-Spdy: h2
|
|
| cf7f345e1e.536e9f9126.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNzQzMTQ5OTA5MDY3NTQ1NDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjo0NjQ0NSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjMzLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 | 45.133.44.52 | 200 OK | 0 B |
URL GET HTTP/2cf7f345e1e.536e9f9126.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNzQzMTQ5OTA5MDY3NTQ1NDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjo0NjQ0NSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjMzLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectcf7f345e1e.536e9f9126.com Fingerprint71:F9:AA:03:86:91:84:5D:4D:14:DA:11:94:7A:19:87:8E:B3:23:E7 ValidityThu, 02 May 2024 02:50:28 GMT - Wed, 31 Jul 2024 02:50:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNzQzMTQ5OTA5MDY3NTQ1NDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjo0NjQ0NSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjMzLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 HTTP/1.1
Host: cf7f345e1e.536e9f9126.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 01:44:16 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/images/favicon.ico | 91.226.124.125 | 200 OK | 318 B |
URL GET HTTP/2static.depositfiles.com/images/favicon.ico IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel Hash0f0b975ee529197ec75780ebc2de5907 59688c6aafca5606e388ba9a44fc9dc25fc32cd3 28a0b52229f05b66354ca38b6b813d2281af3efb7e8b0a424ef8b4c68b9e583c
GET /images/favicon.ico HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/x-icon
date: Sun, 05 May 2024 01:44:17 GMT
etag: "651c240d-13e"
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 318
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js | 142.250.74.131 | 200 OK | 206 kB |
URL GET HTTP/2www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js IP142.250.74.131:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeJavaScript source, ASCII text, with very long lines (631) Size206 kB (205803 bytes) Hashe2e79d6b927169d9e0e57e3baecc0993 1299473950b2999ba0b7f39bd5e4a60eafd1819d 231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b
GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:59:48 GMT
expires: Fri, 02 May 2025 01:59:48 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 258269
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 104.21.35.227 | 200 OK | 28 kB |
URL GET HTTP/3downstairsnegotiatebarren.com/sfp.js IP104.21.35.227:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 01:44:15 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: b65e0708503033cd834cbf92b9a0c98c
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 05 May 2024 01:44:14 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iRXsJFVCfX6IgxgFTI8A%2FsjFKiPCpgb9DFrrkdk46Vd3OU1rNlwjqyZZ2yHdlUmiZetsZCC4gxavNv5TOZ37h9tFY25zRylRZMcQZ%2Fsbrw6LiwNVY49j8gv7fFM0sMALvwUb%2FawVWEP4Zcn%2BHX7lxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ed0b5a88850b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ransomsection.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Findex.html&l=1572&fd=661 | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1ransomsection.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Findex.html&l=1572&fd=661 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectransomsection.com Fingerprint84:94:47:11:DF:24:53:02:E1:19:0F:B2:D9:9E:CB:83:86:65:FB:34 ValidityMon, 29 Apr 2024 08:05:40 GMT - Sun, 28 Jul 2024 08:05:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Findex.html&l=1572&fd=661 HTTP/1.1
Host: ransomsection.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; uid_id2=bb124b52-b612-454e-9a89-df0c6d18f823:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 May 2024 01:44:17 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/img/1.jpg |  188.114.97.1 | 200 OK | 34 kB |
URL GET HTTP/2cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/img/1.jpg IP188.114.97.1:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x320, components 3 Hashfe81f0c5bf7decc9141801420933b351 4d0eba9db93c28ee21c2a1d236c8a56fc264a82c 0ab3cc529ab7582dfc32a721a3873345627640298d5507d8ef807b8dece36090
GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/img/1.jpg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 05 May 2024 01:44:17 GMT
content-type: image/jpeg
content-length: 33452
last-modified: Thu, 01 Feb 2024 14:50:52 GMT
etag: "65bbafcc-82ac"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 365515
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bQV1snL3UkReR3TKDPADCuRXYzAB5ZBOCueccB8NdLkQkpeWSov10GJ23PA7CZY7wOgkm%2Fd9TJGMvkLfRnQFWZI%2BDQRSKwrI4dNRYAUg9pTz5Mp%2Bt8eGas%2FiZ3xM7VFOXKZy5Huz%2FPqn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ed0b65b95856a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.cookie-script.com/iabtcf/2.2/sdk_cmp.js | 146.185.171.19 | 200 OK | 24 kB |
URL GET HTTP/2cdn.cookie-script.com/iabtcf/2.2/sdk_cmp.js IP146.185.171.19:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerSectigo Limited Subject*.cookie-script.com FingerprintEC:4C:BD:45:07:39:A8:24:AD:C5:44:8F:4B:DF:0B:40:79:EA:44:77 ValidityMon, 11 Sep 2023 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (46293) Hash526852f73eb08be3f11b85e883cd8408 d97a1c2b8367214d80098f201567a5ee7f69cf5e ca59dd07e26484305b5677c3f537c2ee2c6012a95a77049ae51d2f917fefa10a
GET /iabtcf/2.2/sdk_cmp.js HTTP/1.1
Host: cdn.cookie-script.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 05 May 2024 01:44:17 GMT
content-type: text/javascript
content-length: 23905
last-modified: Thu, 25 Apr 2024 09:42:56 GMT
etag: "1700e-616e89ca5d8ed-gzip"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
x-cache-status: HIT
x-server: n3
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 1.2 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hashd7f194b9ecb48cc1f7732aa11f657af8 78bf4b130952a61d8c6c199b28ba35e75efc5521 5d1db349bd4390728870488442f17c7eb56399a95005b3d423dc2dfdce5c0454
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 May 2024 01:44:17 GMT
date: Sun, 05 May 2024 01:44:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ransomsection.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fcss%2Fanimate.css&l=79245&fd=395 | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1ransomsection.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fcss%2Fanimate.css&l=79245&fd=395 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectransomsection.com Fingerprint84:94:47:11:DF:24:53:02:E1:19:0F:B2:D9:9E:CB:83:86:65:FB:34 ValidityMon, 29 Apr 2024 08:05:40 GMT - Sun, 28 Jul 2024 08:05:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fcss%2Fanimate.css&l=79245&fd=395 HTTP/1.1
Host: ransomsection.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; uid_id2=bb124b52-b612-454e-9a89-df0c6d18f823:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 May 2024 01:44:17 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| ransomsection.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fjs%2Fscript.js&l=386&fd=386 | 192.243.61.225 | 200 OK | 0 B |
URL GET HTTP/1.1ransomsection.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fjs%2Fscript.js&l=386&fd=386 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectransomsection.com Fingerprint84:94:47:11:DF:24:53:02:E1:19:0F:B2:D9:9E:CB:83:86:65:FB:34 ValidityMon, 29 Apr 2024 08:05:40 GMT - Sun, 28 Jul 2024 08:05:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fjs%2Fscript.js&l=386&fd=386 HTTP/1.1
Host: ransomsection.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; uid_id2=bb124b52-b612-454e-9a89-df0c6d18f823:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 May 2024 01:44:17 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/css/animate.css | 188.114.97.1 | 200 OK | 4.8 kB |
URL GET HTTP/2cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/css/animate.css IP188.114.97.1:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash80047eaa13ebd50c50e8a9753621e430 9c503e07d130572a0eaf51f7c02cbd4cf6213fe3 3f831a59615f8d5d40b4340b2836f91438c876f8dbce75f78e38360d6fe0f429
GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 01:44:17 GMT
content-type: text/css
last-modified: Thu, 01 Feb 2024 14:48:51 GMT
etag: W/"65bbaf53-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D%2BJHMiNZkRxMhugDXnEcPL4iDH7oS06zLw%2FTgEWZpWZDdYSv5%2F0ONV213zhdKNsJrJLNM21K4W%2FZ%2FSGAWuPaaqSP8O8nifhcbdy0aEIYIBcQB25SgUhCPKCKDD5Gd3T%2BDOn9YVZtSWU9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ed0b64e8f156a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| consent.cookie-script.com/analytics?action=firstshown&time=1714873457359&script=962e36ace9b4601f1f51f3e2010e41b9&category= |  65.108.188.9 | 200 OK | 47 B |
URL GET HTTP/2consent.cookie-script.com/analytics?action=firstshown&time=1714873457359&script=962e36ace9b4601f1f51f3e2010e41b9&category= IP65.108.188.9:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerSectigo Limited Subject*.cookie-script.com FingerprintEC:4C:BD:45:07:39:A8:24:AD:C5:44:8F:4B:DF:0B:40:79:EA:44:77 ValidityMon, 11 Sep 2023 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT
Hash7bd2120e738962dd47e69f2b9a483a3f 95730acab5d703fbf7cd8c0d41aa8d1b76041696 55cf568ee44800a2b7a0bb8767df5d3b4521bd25fe4e1413c906e1f324221060
GET /analytics?action=firstshown&time=1714873457359&script=962e36ace9b4601f1f51f3e2010e41b9&category= HTTP/1.1
Host: consent.cookie-script.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 05 May 2024 01:44:17 GMT
content-type: application/json
content-length: 47
x-amzn-requestid: 9dee4126-811a-4e8d-a2ea-ca0137271462
access-control-allow-origin: *
x-amz-apigw-id: XRihzHyojoEENIg=
x-amzn-trace-id: Root=1-6636e471-725e08d10876d10b496ac8c4;Parent=463203c068030516;Sampled=0;lineage=a8669a4e:0
x-cache: Miss from cloudfront
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: Fb5E4hA7R4aGHoBw_t9bCmCz5bEIIWH4TAOSNlkK77XJ2NW-UICkrw==
X-Firefox-Spdy: h2
|
|
| s-img.steepto.com/g/8164916/492x328/150x0x1176x784/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0LzMwZmQ1YjY4MjRkMzAwYTdmODkzZmYwM2MyZWRkMGFmLmpwZWc.webp?v=1714873457-GSM0Ijop7MSxTpygpik6NEzBxf6f3zl8tOYzVb43O_E | 104.19.132.72 | 200 OK | 10 kB |
URL GET HTTP/2s-img.steepto.com/g/8164916/492x328/150x0x1176x784/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0LzMwZmQ1YjY4MjRkMzAwYTdmODkzZmYwM2MyZWRkMGFmLmpwZWc.webp?v=1714873457-GSM0Ijop7MSxTpygpik6NEzBxf6f3zl8tOYzVb43O_E IP104.19.132.72:443
Requested byhttps://adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerLet's Encrypt Subjectsteepto.com Fingerprint3F:AA:ED:BB:5A:B8:14:83:2E:41:07:2A:0F:20:84:93:8E:0E:85:D6 ValidityWed, 17 Apr 2024 03:49:59 GMT - Tue, 16 Jul 2024 03:49:58 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 492x328, Scaling: [none]x[none], YUV color, decoders should clamp Hashe2cd88d2f17ba69b666ddc210fc4be76 468c15fbe424f673816a1313dac67a7e27b923ec 168684a47d5dc258be526da0081764e9b7eaccb3fc420ed4a6cebea39a65a71b
GET /g/8164916/492x328/150x0x1176x784/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0LzMwZmQ1YjY4MjRkMzAwYTdmODkzZmYwM2MyZWRkMGFmLmpwZWc.webp?v=1714873457-GSM0Ijop7MSxTpygpik6NEzBxf6f3zl8tOYzVb43O_E HTTP/1.1
Host: s-img.steepto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adsbb.dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 01:44:17 GMT
content-type: image/webp
content-length: 10530
x-mg-request-uuid: 06acdd7a-ddc5-4b86-a409-ccbe98966934
access-control-allow-origin: *
last-modified: Wed, 10 Aug 2022 16:39:36 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ed0b685e33712f-OSL
X-Firefox-Spdy: h2
|
|
| ransomsection.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2Btnu%2FyvShCNDcV5uBBxZ3t7unpmTEHMYkrIWsSEkU9hfrVk3Kru5qq7unZPS0GJMdhEbz2vtnNEg0SL94MMhvwEBB2vLgH9%2BR%2FoOQsMy6Ofg79ee%2FzPg2vXtUXe%2BUpCVHSk8sfmG2lNV3rtPzm658EwYXmhsrKUXPUi2%2FH0YWmHb7dj1v%2BG833Jd80a6Ef%2BH7gB811ZWViRmtzESp%2F2A9afb8Vha2gE2Fk%2F8td6cFRD2J4Sl6EErOVJ955KD5Flj66LN1mYfK33ktLTQtjMRSHH2WbmakypEuYWA9Jdni2DeOO1x%2FDZAcLuzDDfxaZmhHvp8dg2eGZSbDh%2FsIn05AZmHgO1XAKqadQdApu7kKJYwJwgWvXkaX3rxlb0a2%2FVTpXZ2Tl2R9Q1Yys%2FHYeWfrtRa1GzVtGl4UymcMoqaFGU6jBFHl5hGK7AVUdgRefQ4mfydqzDWTp%2FnWnDZQ4eY2xIIxYJ1xlcRCuRp1IrvZpr78qEp%2FHIuglvbC9CEipKVQyhZZjUNdA6TyUykOZeChzD6k4afIgCLq%2B4NTv9Tlvi65ksfAD2k0CGvhxDyWfn2GMIh%2BD6zG43UFud7CpxrDlj3B3ajjhwRUEQ1GjkgSVI6goQaUIqoKgGtYHQrvQ1feFdiULznp41tv1xBSDPXpgioHMCKgdw4p6Lz8l5xYB%2FhkbbMqTZhhGVEQ0iFjEgg4PumGcJF2%2FI3ncDSWN4dSDS%2Bur7Sjq3fahXAPUedhWxy%2FlyNXx86%2BA0SM4fQSuzoGWr4JWNeidGtvZIyFz41SRKC1di5sUwtTIixUUW96ePiUvL6xc%2FepLSP6UnBW4rZHbGp%2BpJwQDfW9y01Rk%2F6apHPnuel6oVG3T%2BT3fKmgh%2F%2F%2F1VblVGSuuXHbjB%2B%2FyuTCHDz%2BUrtigmVDZwJFvLiohpF03lkvywxX3sWQ3SnfnYmmzMt%2B4cWn9Sppb6Zwy2RRUHX%2B6C65m5IXvNxYP%2BM3mr1B2ClvWSMulU2Wm4PkOXL6cOUNg9ZKz3ENV1hMbsuVQKwItl5yyGu5fnC3xxNL531TVe%2B4eBrYBWtxFltYY2hpDXYPqMVz5v0mR26fv%2FNJeFJhuTJi2jX2mrd5dhDz%2F7MKpk2bbF10mE9llMupEieSCdTrM5wlnbdHrcRRulsS%2F538BAAD%2F%2FwEAAP%2F%2FcR3dx5oEAAA%3D | 192.243.61.225 | 200 OK | 7 B |
URL GET HTTP/1.1ransomsection.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2Btnu%2FyvShCNDcV5uBBxZ3t7unpmTEHMYkrIWsSEkU9hfrVk3Kru5qq7unZPS0GJMdhEbz2vtnNEg0SL94MMhvwEBB2vLgH9%2BR%2FoOQsMy6Ofg79ee%2FzPg2vXtUXe%2BUpCVHSk8sfmG2lNV3rtPzm658EwYXmhsrKUXPUi2%2FH0YWmHb7dj1v%2BG833Jd80a6Ef%2BH7gB811ZWViRmtzESp%2F2A9afb8Vha2gE2Fk%2F8td6cFRD2J4Sl6EErOVJ955KD5Flj66LN1mYfK33ktLTQtjMRSHH2WbmakypEuYWA9Jdni2DeOO1x%2FDZAcLuzDDfxaZmhHvp8dg2eGZSbDh%2FsIn05AZmHgO1XAKqadQdApu7kKJYwJwgWvXkaX3rxlb0a2%2FVTpXZ2Tl2R9Q1Yys%2FHYeWfrtRa1GzVtGl4UymcMoqaFGU6jBFHl5hGK7AVUdgRefQ4mfydqzDWTp%2FnWnDZQ4eY2xIIxYJ1xlcRCuRp1IrvZpr78qEp%2FHIuglvbC9CEipKVQyhZZjUNdA6TyUykOZeChzD6k4afIgCLq%2B4NTv9Tlvi65ksfAD2k0CGvhxDyWfn2GMIh%2BD6zG43UFud7CpxrDlj3B3ajjhwRUEQ1GjkgSVI6goQaUIqoKgGtYHQrvQ1feFdiULznp41tv1xBSDPXpgioHMCKgdw4p6Lz8l5xYB%2FhkbbMqTZhhGVEQ0iFjEgg4PumGcJF2%2FI3ncDSWN4dSDS%2Bur7Sjq3fahXAPUedhWxy%2FlyNXx86%2BA0SM4fQSuzoGWr4JWNeidGtvZIyFz41SRKC1di5sUwtTIixUUW96ePiUvL6xc%2FepLSP6UnBW4rZHbGp%2BpJwQDfW9y01Rk%2F6apHPnuel6oVG3T%2BT3fKmgh%2F%2F%2F1VblVGSuuXHbjB%2B%2FyuTCHDz%2BUrtigmVDZwJFvLiohpF03lkvywxX3sWQ3SnfnYmmzMt%2B4cWn9Sppb6Zwy2RRUHX%2B6C65m5IXvNxYP%2BM3mr1B2ClvWSMulU2Wm4PkOXL6cOUNg9ZKz3ENV1hMbsuVQKwItl5yyGu5fnC3xxNL531TVe%2B4eBrYBWtxFltYY2hpDXYPqMVz5v0mR26fv%2FNJeFJhuTJi2jX2mrd5dhDz%2F7MKpk2bbF10mE9llMupEieSCdTrM5wlnbdHrcRRulsS%2F538BAAD%2F%2FwEAAP%2F%2FcR3dx5oEAAA%3D IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectransomsection.com Fingerprint84:94:47:11:DF:24:53:02:E1:19:0F:B2:D9:9E:CB:83:86:65:FB:34 ValidityMon, 29 Apr 2024 08:05:40 GMT - Sun, 28 Jul 2024 08:05:39 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2Btnu%2FyvShCNDcV5uBBxZ3t7unpmTEHMYkrIWsSEkU9hfrVk3Kru5qq7unZPS0GJMdhEbz2vtnNEg0SL94MMhvwEBB2vLgH9%2BR%2FoOQsMy6Ofg79ee%2FzPg2vXtUXe%2BUpCVHSk8sfmG2lNV3rtPzm658EwYXmhsrKUXPUi2%2FH0YWmHb7dj1v%2BG833Jd80a6Ef%2BH7gB811ZWViRmtzESp%2F2A9afb8Vha2gE2Fk%2F8td6cFRD2J4Sl6EErOVJ955KD5Flj66LN1mYfK33ktLTQtjMRSHH2WbmakypEuYWA9Jdni2DeOO1x%2FDZAcLuzDDfxaZmhHvp8dg2eGZSbDh%2FsIn05AZmHgO1XAKqadQdApu7kKJYwJwgWvXkaX3rxlb0a2%2FVTpXZ2Tl2R9Q1Yys%2FHYeWfrtRa1GzVtGl4UymcMoqaFGU6jBFHl5hGK7AVUdgRefQ4mfydqzDWTp%2FnWnDZQ4eY2xIIxYJ1xlcRCuRp1IrvZpr78qEp%2FHIuglvbC9CEipKVQyhZZjUNdA6TyUykOZeChzD6k4afIgCLq%2B4NTv9Tlvi65ksfAD2k0CGvhxDyWfn2GMIh%2BD6zG43UFud7CpxrDlj3B3ajjhwRUEQ1GjkgSVI6goQaUIqoKgGtYHQrvQ1feFdiULznp41tv1xBSDPXpgioHMCKgdw4p6Lz8l5xYB%2FhkbbMqTZhhGVEQ0iFjEgg4PumGcJF2%2FI3ncDSWN4dSDS%2Bur7Sjq3fahXAPUedhWxy%2FlyNXx86%2BA0SM4fQSuzoGWr4JWNeidGtvZIyFz41SRKC1di5sUwtTIixUUW96ePiUvL6xc%2FepLSP6UnBW4rZHbGp%2BpJwQDfW9y01Rk%2F6apHPnuel6oVG3T%2BT3fKmgh%2F%2F%2F1VblVGSuuXHbjB%2B%2FyuTCHDz%2BUrtigmVDZwJFvLiohpF03lkvywxX3sWQ3SnfnYmmzMt%2B4cWn9Sppb6Zwy2RRUHX%2B6C65m5IXvNxYP%2BM3mr1B2ClvWSMulU2Wm4PkOXL6cOUNg9ZKz3ENV1hMbsuVQKwItl5yyGu5fnC3xxNL531TVe%2B4eBrYBWtxFltYY2hpDXYPqMVz5v0mR26fv%2FNJeFJhuTJi2jX2mrd5dhDz%2F7MKpk2bbF10mE9llMupEieSCdTrM5wlnbdHrcRRulsS%2F538BAAD%2F%2FwEAAP%2F%2FcR3dx5oEAAA%3D HTTP/1.1
Host: ransomsection.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; uid_id2=bb124b52-b612-454e-9a89-df0c6d18f823:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 May 2024 01:44:17 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f9771be079094fe7acbb59061a0a4846
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:55:00 GMT
expires: Fri, 02 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 258558
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 58541
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| servicer.mgid.com/7998/1?tcfV2=1&w=240&h=815&sz=240x261&szp=1,2,3&szl=1;2;3&cols=1&sessionId=6636e472-0a6e8&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fdfiles.eu%2Ffiles%2F6nnh1cvkh%2FMinecraft-Story_patch.exe&cbuster=1714873457707965936324&pvid=18f466c57a9a27420f4&implVersion=11&cxurl=https%3A%2F%2Fdfiles.eu%2Ffiles%2F6nnh1cvkh%2FMinecraft-Story_patch.exe&mp4=0&ap=0&consentStrLen=0&pv=5&lct=1713916800&jsv=es6&pageView=1&dpr=1&ref=https%3A%2F%2Fdfiles.eu%2Ffiles%2F6nnh1cvkh%2FMinecraft-Story_patch.exe&hashCommit=210c46c2&iframe=1&tfre=1650 | 104.19.129.76 | 200 OK | 1.4 kB |
URL GET HTTP/3servicer.mgid.com/7998/1?tcfV2=1&w=240&h=815&sz=240x261&szp=1,2,3&szl=1;2;3&cols=1&sessionId=6636e472-0a6e8&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fdfiles.eu%2Ffiles%2F6nnh1cvkh%2FMinecraft-Story_patch.exe&cbuster=1714873457707965936324&pvid=18f466c57a9a27420f4&implVersion=11&cxurl=https%3A%2F%2Fdfiles.eu%2Ffiles%2F6nnh1cvkh%2FMinecraft-Story_patch.exe&mp4=0&ap=0&consentStrLen=0&pv=5&lct=1713916800&jsv=es6&pageView=1&dpr=1&ref=https%3A%2F%2Fdfiles.eu%2Ffiles%2F6nnh1cvkh%2FMinecraft-Story_patch.exe&hashCommit=210c46c2&iframe=1&tfre=1650 IP104.19.129.76:443
Requested byhttps://adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerLet's Encrypt Subjectmgid.com Fingerprint9C:6C:5A:48:88:44:CB:C2:F4:76:D3:2E:DC:07:0D:D4:CA:6A:25:F5 ValiditySun, 10 Mar 2024 23:31:34 GMT - Sat, 08 Jun 2024 23:31:33 GMT
File typeASCII text, with very long lines (1034) Hash86f0297f7c11f799c648dffe094d66bd 44f8313e5d0cf2ec70eeb62a3c2b79d92f723425 12cff4138c0ecf317fb56ea3d615a9dd529e812740d75ec1f491a3b5e3a60ccc
GET /7998/1?tcfV2=1&w=240&h=815&sz=240x261&szp=1,2,3&szl=1;2;3&cols=1&sessionId=6636e472-0a6e8&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fdfiles.eu%2Ffiles%2F6nnh1cvkh%2FMinecraft-Story_patch.exe&cbuster=1714873457707965936324&pvid=18f466c57a9a27420f4&implVersion=11&cxurl=https%3A%2F%2Fdfiles.eu%2Ffiles%2F6nnh1cvkh%2FMinecraft-Story_patch.exe&mp4=0&ap=0&consentStrLen=0&pv=5&lct=1713916800&jsv=es6&pageView=1&dpr=1&ref=https%3A%2F%2Fdfiles.eu%2Ffiles%2F6nnh1cvkh%2FMinecraft-Story_patch.exe&hashCommit=210c46c2&iframe=1&tfre=1650 HTTP/1.1
Host: servicer.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adsbb.dfiles.eu/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=iGdDlF8IY5E6mnQ2tDkj7KepteUJS7TC5SPQ7wskNuc-1714873456-1.0.1.1-PSC3K0FKHfxTN8KZHZYRCGGQxwmMSUoi12LJdyFfH_W27W_8wDy1_rylovcGTiKx_mwy5g5JHQ8305ywpjchuw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 01:44:17 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: *
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87ed0b673cb05699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ransomsection.com/pixel/sbs?c=1 | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1ransomsection.com/pixel/sbs?c=1 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectransomsection.com Fingerprint84:94:47:11:DF:24:53:02:E1:19:0F:B2:D9:9E:CB:83:86:65:FB:34 ValidityMon, 29 Apr 2024 08:05:40 GMT - Sun, 28 Jul 2024 08:05:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: ransomsection.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; uid_id2=bb124b52-b612-454e-9a89-df0c6d18f823:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 May 2024 01:44:18 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| unseenreport.com/pxf.gif?uuid=bb124b52-b612-454e-9a89-df0c6d18f823&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=1 | 192.243.59.12 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=bb124b52-b612-454e-9a89-df0c6d18f823&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=1 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=bb124b52-b612-454e-9a89-df0c6d18f823&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=1 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 May 2024 01:44:18 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8084bdb77543f32cdad79a18cc74db0c
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=bb124b52-b612-454e-9a89-df0c6d18f823&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=1 | 192.243.59.12 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=bb124b52-b612-454e-9a89-df0c6d18f823&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=1 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=bb124b52-b612-454e-9a89-df0c6d18f823&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=1 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 May 2024 01:44:18 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 13c8134ee1fdd39f853d63910cfd1754
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/js/script.js | 188.114.97.1 | 200 OK | 25 kB |
URL GET HTTP/2cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/js/script.js IP188.114.97.1:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash5ca8c1679ba9453cfa512e01d6fec9c5 45628341eb20e4acee5e812d3b2dfc8f23962daf 520a0196a18cbe656f7382a02ec828125e68bdac511b9ebe2bf27f31e262d037
GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 01:44:17 GMT
content-type: application/javascript
last-modified: Thu, 01 Feb 2024 14:48:54 GMT
etag: W/"65bbaf56-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zxolii2sv%2FNFml6TiP%2BE7PrxP4g40sIqthog8mlKM9ozwyuMc16KBUgRpCqiOo5qWhkw3%2FHoExIDXFbGj8V1tvoQKJZTPt31MghrEiFCTyb41qH%2B6EuJdCt0hi3bGx1OC3VOadNeOdW%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ed0b64e8f456a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| s-img.steepto.com/g/12578222/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAxLzEwMTkyNC8zMmYxNWQyYmI4MzkzYjc0NTU3YzlmNDRjNTgyNGI2MS5qcGVn.webp?v=1714873457-YwjMfhUmYONO7zjheHHZ8Z9Y9d8UDsqnlb7fcHJ0hfI | 104.19.132.72 | 200 OK | 19 kB |
URL GET HTTP/2s-img.steepto.com/g/12578222/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAxLzEwMTkyNC8zMmYxNWQyYmI4MzkzYjc0NTU3YzlmNDRjNTgyNGI2MS5qcGVn.webp?v=1714873457-YwjMfhUmYONO7zjheHHZ8Z9Y9d8UDsqnlb7fcHJ0hfI IP104.19.132.72:443
Requested byhttps://adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerLet's Encrypt Subjectsteepto.com Fingerprint3F:AA:ED:BB:5A:B8:14:83:2E:41:07:2A:0F:20:84:93:8E:0E:85:D6 ValidityWed, 17 Apr 2024 03:49:59 GMT - Tue, 16 Jul 2024 03:49:58 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 492x328, Scaling: [none]x[none], YUV color, decoders should clamp Hashe3adb2db32703e7be695af30cba85479 dd412e0040d57c4e92a83191e36c99818875709d 15424aa239e5b9acd5ead3f31c089a7ec35caaf10e413082e1a19bb59dc273a7
GET /g/12578222/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAxLzEwMTkyNC8zMmYxNWQyYmI4MzkzYjc0NTU3YzlmNDRjNTgyNGI2MS5qcGVn.webp?v=1714873457-YwjMfhUmYONO7zjheHHZ8Z9Y9d8UDsqnlb7fcHJ0hfI HTTP/1.1
Host: s-img.steepto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adsbb.dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 01:44:18 GMT
content-type: image/webp
content-length: 18672
x-mg-request-uuid: ee0938f0-efda-4b52-b151-b1c85f3635be
access-control-allow-origin: *
last-modified: Tue, 29 Mar 2022 06:53:20 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ed0b684e31712f-OSL
X-Firefox-Spdy: h2
|
|
| c.mgid.com/c?v=240|261|24|oifYBKK5-8GSE8h8h38BqJH-oaQoFFNJj17OOfxUr0vZnjGj1wVUz4wPxTO7KZ9ZlTE0DXBTGvGYgLyo0pB2Kyzcn-uEpI_8t19kmVuoTQs*&v=240|250|24|oifYBKK5-8GSE8h8h38BqKMaQAb407OgetPnglJZv3eeSNMXX4VmrO9YT_48gR1rlTE0DXBTGvGYgLyo0pB2K_rrX6J62KRfX0-7gk246xk*&v=240|250|24|oifYBKK5-8GSE8h8h38BqLPO2ZPjtnmhs0yVMK8RWUUUE5CtOKJH_LOqhwShXAttlTE0DXBTGvGYgLyo0pB2K8saE3kQz2XZhB-4ECENv4g*&fw=1&f=1&cid=7998&cbuster=1714873459076331642293&pageImp=1&pvid=18f466c57a9a27420f4&pv=3&h2=bjao6ykRJ-s3uDIzFfBH-DNVB_e-aqWWtzD3vEps9EYJYgAs_Jxug2IHmPfVMkQE&rid=fc62e018-0a80-11ef-ad65-e43d1a2a04aa&tt=Direct&iv=11&completion=3,3 | 104.19.129.76 | 200 OK | 43 B |
URL GET HTTP/3c.mgid.com/c?v=240|261|24|oifYBKK5-8GSE8h8h38BqJH-oaQoFFNJj17OOfxUr0vZnjGj1wVUz4wPxTO7KZ9ZlTE0DXBTGvGYgLyo0pB2Kyzcn-uEpI_8t19kmVuoTQs*&v=240|250|24|oifYBKK5-8GSE8h8h38BqKMaQAb407OgetPnglJZv3eeSNMXX4VmrO9YT_48gR1rlTE0DXBTGvGYgLyo0pB2K_rrX6J62KRfX0-7gk246xk*&v=240|250|24|oifYBKK5-8GSE8h8h38BqLPO2ZPjtnmhs0yVMK8RWUUUE5CtOKJH_LOqhwShXAttlTE0DXBTGvGYgLyo0pB2K8saE3kQz2XZhB-4ECENv4g*&fw=1&f=1&cid=7998&cbuster=1714873459076331642293&pageImp=1&pvid=18f466c57a9a27420f4&pv=3&h2=bjao6ykRJ-s3uDIzFfBH-DNVB_e-aqWWtzD3vEps9EYJYgAs_Jxug2IHmPfVMkQE&rid=fc62e018-0a80-11ef-ad65-e43d1a2a04aa&tt=Direct&iv=11&completion=3,3 IP104.19.129.76:443
Requested byhttps://adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerLet's Encrypt Subjectmgid.com Fingerprint9C:6C:5A:48:88:44:CB:C2:F4:76:D3:2E:DC:07:0D:D4:CA:6A:25:F5 ValiditySun, 10 Mar 2024 23:31:34 GMT - Sat, 08 Jun 2024 23:31:33 GMT
File typeGIF image data, version 89a, 1 x 1 Hash57f187c7a868faeac558007a8eb6cb2e 11ab10ab109fdb53d91d444ac781101f5a6360c6 aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /c?v=240|261|24|oifYBKK5-8GSE8h8h38BqJH-oaQoFFNJj17OOfxUr0vZnjGj1wVUz4wPxTO7KZ9ZlTE0DXBTGvGYgLyo0pB2Kyzcn-uEpI_8t19kmVuoTQs*&v=240|250|24|oifYBKK5-8GSE8h8h38BqKMaQAb407OgetPnglJZv3eeSNMXX4VmrO9YT_48gR1rlTE0DXBTGvGYgLyo0pB2K_rrX6J62KRfX0-7gk246xk*&v=240|250|24|oifYBKK5-8GSE8h8h38BqLPO2ZPjtnmhs0yVMK8RWUUUE5CtOKJH_LOqhwShXAttlTE0DXBTGvGYgLyo0pB2K8saE3kQz2XZhB-4ECENv4g*&fw=1&f=1&cid=7998&cbuster=1714873459076331642293&pageImp=1&pvid=18f466c57a9a27420f4&pv=3&h2=bjao6ykRJ-s3uDIzFfBH-DNVB_e-aqWWtzD3vEps9EYJYgAs_Jxug2IHmPfVMkQE&rid=fc62e018-0a80-11ef-ad65-e43d1a2a04aa&tt=Direct&iv=11&completion=3,3 HTTP/1.1
Host: c.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adsbb.dfiles.eu/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=iGdDlF8IY5E6mnQ2tDkj7KepteUJS7TC5SPQ7wskNuc-1714873456-1.0.1.1-PSC3K0FKHfxTN8KZHZYRCGGQxwmMSUoi12LJdyFfH_W27W_8wDy1_rylovcGTiKx_mwy5g5JHQ8305ywpjchuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 01:44:19 GMT
content-type: image/gif
content-length: 43
x-mg-request-uuid: f3801fa5-4e0e-4b19-a2fe-fca1122d32e4
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87ed0b6f48915699-OSL
alt-svc: h3=":443"; ma=86400
|
|
| adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 | 91.226.124.120 | 200 OK | 1.5 kB |
URL GET HTTP/2adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 IP91.226.124.120:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
File typeHTML document, ASCII text, with very long lines (1534), with no line terminators Hash3e45deacf2083863de8e1bb20c2a7aee c9557b72bc4dace5e68790864b86707c095ea40b b3a0cd5c726c4f9807ab1672b96525be7bf94f7fe71ecd3163fbf1c38d5f718a
GET /upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
DNT: 1
Connection: keep-alive
Cookie: last_file=6nnh1cvkh; _nf56=1; _nf58=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
content-security-policy: frame-ancestors depositfiles.com depositfiles.org dfiles.eu dfiles.com web-301.dfiles.eu web-302.dfiles.eu web-303.dfiles.eu web-304.dfiles.eu, frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: text/html
date: Sun, 05 May 2024 01:44:16 GMT
last-modified: Sun, 05 May 2024 01:40:00 GMT
server: nginx
X-Firefox-Spdy: h2
|
|
| jsc.mgid.com/d/e/depositfiles.com.7998.es6.js | 104.19.129.76 | 200 OK | 318 kB |
URL GET HTTP/3jsc.mgid.com/d/e/depositfiles.com.7998.es6.js IP104.19.129.76:443
Requested byhttps://adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerLet's Encrypt Subjectmgid.com Fingerprint9C:6C:5A:48:88:44:CB:C2:F4:76:D3:2E:DC:07:0D:D4:CA:6A:25:F5 ValiditySun, 10 Mar 2024 23:31:34 GMT - Sat, 08 Jun 2024 23:31:33 GMT
File typeJavaScript source, ASCII text, with very long lines (26311) Size318 kB (318011 bytes) Hashb0e2cd14df8e5b0ed9d92558a4101fb8 20ab380a83ef89ccefe6ac938efc7e4825c037cf e3f762e7d6cb8e2b96b8bc0fc5f3082cbed249ff72cecb5cac65b2e89f0ef135
GET /d/e/depositfiles.com.7998.es6.js HTTP/1.1
Host: jsc.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adsbb.dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 01:44:16 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=318012
etag: W/"f7d03f209ea7012439f38852a786c6a5"
last-modified: Wed, 24 Apr 2024 12:46:31 GMT
x-amz-id-2: 5g0ABxkw9FlOz6Nkbf8oiM2A1R0Bwwn9+kLrB9/6IkI2iatbcA8pEwnDmjRbIuFY8NNY+L1DCoQ=
x-amz-request-id: 4995GBC3PR7K0QTV
x-amz-server-side-encryption: AES256
x-amz-version-id: 3DzpISWKMIJhD40zhHdXbzao.Y6kf3w8
cf-cache-status: HIT
age: 1602
expires: Sun, 05 May 2024 04:44:16 GMT
cache-control: public, max-age=10800
set-cookie: __cf_bm=ccPTxmLu0zTGKXDM8ScE0VJcR2RKWiOImZFA.V1rk1g-1714873456-1.0.1.1-fRPrcXg.F5id0ltVMsTamuRcJDis_6wmQgA9_52IFEX7ofdBRvrPyg4Poz._b6ObJFd45qj55EUFl3YjcthN8A; path=/; expires=Sun, 05-May-24 02:14:16 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-origin: *
server: cloudflare
cf-ray: 87ed0b5eba9d56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| js.wpadmngr.com/static/adManager.m.js | 45.133.44.53 | 200 OK | 109 kB |
URL GET HTTP/2js.wpadmngr.com/static/adManager.m.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectjs.wpadmngr.com Fingerprint60:8B:32:7F:ED:77:26:33:0E:F0:C1:0F:02:66:F5:DB:C6:0D:1F:70 ValidityMon, 11 Mar 2024 04:00:58 GMT - Sun, 09 Jun 2024 04:00:57 GMT
Size109 kB (109340 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 01:44:15 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 23 Apr 2024 09:45:19 GMT
etag: W/"6627832f-1ab1c"
content-encoding: gzip
expires: Sun, 05 May 2024 01:49:15 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| ransomsection.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fcss%2Fstyle.css&l=3630&fd=401 | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1ransomsection.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fcss%2Fstyle.css&l=3630&fd=401 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectransomsection.com Fingerprint84:94:47:11:DF:24:53:02:E1:19:0F:B2:D9:9E:CB:83:86:65:FB:34 ValidityMon, 29 Apr 2024 08:05:40 GMT - Sun, 28 Jul 2024 08:05:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fcss%2Fstyle.css&l=3630&fd=401 HTTP/1.1
Host: ransomsection.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; uid_id2=bb124b52-b612-454e-9a89-df0c6d18f823:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 May 2024 01:44:17 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| adsbb.dfiles.eu/upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 | 91.226.124.120 | 200 OK | 1.5 kB |
URL GET HTTP/2adsbb.dfiles.eu/upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 IP91.226.124.120:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
File typeHTML document, ASCII text, with very long lines (1549), with no line terminators Hash2e5f58d1e21adb4ec92e21648a8e940d d99217970a9fbdf0743cd3fddf964dc399978925 ac4f7bbe553e07f927de48d26653832588d9fe098e584639458043751b416159
GET /upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
DNT: 1
Connection: keep-alive
Cookie: last_file=6nnh1cvkh; _nf56=1; _nf58=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
content-security-policy: frame-ancestors depositfiles.com depositfiles.org dfiles.eu dfiles.com web-301.dfiles.eu web-302.dfiles.eu web-303.dfiles.eu web-304.dfiles.eu, frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: text/html
date: Sun, 05 May 2024 01:44:16 GMT
last-modified: Sun, 05 May 2024 01:40:00 GMT
server: nginx
X-Firefox-Spdy: h2
|
|
| s-img.steepto.com/g/15584617/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAxLzEwMTkyNC84MmRkYThlMDYwZjcxMjQ5ZTc0Y2E3NWIxOGI2N2VlYS5qcGVn.webp?v=1714873457-nYpM0Xc3AKOVzG--d8wVIbvqRKiS_oDw3HPX3uQHv1w | 104.19.132.72 | 200 OK | 25 kB |
URL GET HTTP/2s-img.steepto.com/g/15584617/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAxLzEwMTkyNC84MmRkYThlMDYwZjcxMjQ5ZTc0Y2E3NWIxOGI2N2VlYS5qcGVn.webp?v=1714873457-nYpM0Xc3AKOVzG--d8wVIbvqRKiS_oDw3HPX3uQHv1w IP104.19.132.72:443
Requested byhttps://adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerLet's Encrypt Subjectsteepto.com Fingerprint3F:AA:ED:BB:5A:B8:14:83:2E:41:07:2A:0F:20:84:93:8E:0E:85:D6 ValidityWed, 17 Apr 2024 03:49:59 GMT - Tue, 16 Jul 2024 03:49:58 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 492x328, Scaling: [none]x[none], YUV color, decoders should clamp Hash1f884abcabc2b7f427cc6a66f53ba5b3 96250984f6e968d8a2b816a475ff118ed15c9a7c 8c523ce80a6ba33028564022cf186c4f3e8d64e64b2c53348465682e14b017f2
GET /g/15584617/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAxLzEwMTkyNC84MmRkYThlMDYwZjcxMjQ5ZTc0Y2E3NWIxOGI2N2VlYS5qcGVn.webp?v=1714873457-nYpM0Xc3AKOVzG--d8wVIbvqRKiS_oDw3HPX3uQHv1w HTTP/1.1
Host: s-img.steepto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adsbb.dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 01:44:18 GMT
content-type: image/webp
content-length: 24866
x-mg-request-uuid: b2a6ff34-0910-4dcd-a06f-a94930e7c182
access-control-allow-origin: *
last-modified: Thu, 09 Mar 2023 14:19:15 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ed0b684e2e712f-OSL
X-Firefox-Spdy: h2
|
|
| js.wpadmngr.com/static/adManager.js | 45.133.44.53 | 200 OK | 1.7 kB |
URL GET HTTP/2js.wpadmngr.com/static/adManager.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectjs.wpadmngr.com Fingerprint60:8B:32:7F:ED:77:26:33:0E:F0:C1:0F:02:66:F5:DB:C6:0D:1F:70 ValidityMon, 11 Mar 2024 04:00:58 GMT - Sun, 09 Jun 2024 04:00:57 GMT
File typeJavaScript source, ASCII text, with very long lines (1887), with no line terminators Hash8263610639624a65707a41479379709a 1653610e4e9b3814c8e68eb96814378d71be9776 8e6ca46c563e6ef9d3245fe116672ac9ff7b807033852fa0452493b5fb2d8a0c
GET /static/adManager.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 01:44:14 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 23 Apr 2024 09:45:14 GMT
etag: W/"6627832a-6c7"
content-encoding: gzip
expires: Sun, 05 May 2024 01:49:14 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| c.mgid.com/widget-ssp-performance?time=126 | 104.19.129.76 | 200 OK | 43 B |
URL GET HTTP/3c.mgid.com/widget-ssp-performance?time=126 IP104.19.129.76:443
Requested byhttps://adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerLet's Encrypt Subjectmgid.com Fingerprint9C:6C:5A:48:88:44:CB:C2:F4:76:D3:2E:DC:07:0D:D4:CA:6A:25:F5 ValiditySun, 10 Mar 2024 23:31:34 GMT - Sat, 08 Jun 2024 23:31:33 GMT
File typeGIF image data, version 89a, 1 x 1 Hash57f187c7a868faeac558007a8eb6cb2e 11ab10ab109fdb53d91d444ac781101f5a6360c6 aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /widget-ssp-performance?time=126 HTTP/1.1
Host: c.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adsbb.dfiles.eu/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=iGdDlF8IY5E6mnQ2tDkj7KepteUJS7TC5SPQ7wskNuc-1714873456-1.0.1.1-PSC3K0FKHfxTN8KZHZYRCGGQxwmMSUoi12LJdyFfH_W27W_8wDy1_rylovcGTiKx_mwy5g5JHQ8305ywpjchuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 01:44:17 GMT
content-type: image/gif
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87ed0b67cce15699-OSL
alt-svc: h3=":443"; ma=86400
|
|
| acscdn.com/script/ut.js?cb=1714873455905 | 104.21.11.26 | 200 OK | 63 kB |
URL GET HTTP/3acscdn.com/script/ut.js?cb=1714873455905 IP104.21.11.26:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerGoogle Trust Services LLC Subjectacscdn.com Fingerprint55:5D:7F:12:65:2B:04:EA:49:29:92:63:3B:D1:C2:DF:C7:F6:4B:9E ValiditySat, 27 Apr 2024 13:56:54 GMT - Fri, 26 Jul 2024 13:56:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script/ut.js?cb=1714873455905 HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 01:44:15 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPq4rLQfUzIb4PXABJF3kaL6QpNC2eEDt1dZIA_AICzJwRtEzQkHmfGBvBjJTgyllcLoFfCchk7ypw
x-goog-generation: 1714053300452258
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 62975
x-goog-hash: crc32c=f8d0YQ==, md5=vEgeNFwEtFNOCk5UoPLBxg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Sun, 05 May 2024 02:28:03 GMT
cache-control: public, max-age=3600
age: 216
last-modified: Thu, 25 Apr 2024 13:55:00 GMT
etag: W/"bc481e345c04b4534e0a4e54a0f2c1c6"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mgeh%2FiBtHqVLkaU7D22oLOQTslmBLKXzWIBsO1mc5LvsJxLc2o%2B7zByL0%2FrZvUktjQIW1VLrnv3gt5QEG4dybAIdh4pUGDLy0mV3TEcZSTgu4R7exp2XWIdf9xZG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ed0b5bde995696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/index.html | 172.67.74.218 | 200 OK | 1.6 kB |
URL GET HTTP/2cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/index.html IP172.67.74.218:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint84:82:6E:35:03:D4:C4:FC:BA:08:CD:C8:E6:A3:97:A9:20:2F:F5:49 ValiditySun, 23 Jul 2023 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (1661), with no line terminators Hasha0caf2ebe9e8bce2f9ba24e68d49df54 084f4e0ed300ca8635654e61a21ae9697cf13051 fba2d1a6a043f857876addc861fe4fe03bf563e00d561227504e0eb2c2895b4c
GET /sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 01:44:17 GMT
content-type: text/html
last-modified: Thu, 01 Feb 2024 14:49:39 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fDSbB3ss3CCh9nu%2FIxjVqDf1kWNvHUIU5AF2lxGBUKdZWqOM2WWTgyGdFW9ppkjPzZ5soQzQ9a%2BVrHYdnbiY1gxghpZDrnQFnctcQCPL%2Fqj9fLXUV2NLUfzJqZ0oLUpjejpfdUM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ed0b5f99a00b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| cm.steepto.com/i.js?cbuster=1714873457864157642697 | 104.19.132.72 | 200 OK | 0 B |
URL GET HTTP/2cm.steepto.com/i.js?cbuster=1714873457864157642697 IP104.19.132.72:443
Requested byhttps://adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 CertificateIssuerLet's Encrypt Subjectsteepto.com Fingerprint3F:AA:ED:BB:5A:B8:14:83:2E:41:07:2A:0F:20:84:93:8E:0E:85:D6 ValidityWed, 17 Apr 2024 03:49:59 GMT - Tue, 16 Jul 2024 03:49:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /i.js?cbuster=1714873457864157642697 HTTP/1.1
Host: cm.steepto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 01:44:18 GMT
content-type: application/javascript
content-length: 0
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
strict-transport-security: max-age=15768000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Sun, 05 May 2024 01:44:18 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ed0b67fff10b45-OSL
X-Firefox-Spdy: h2
|
|
| storage.multstorage.com/log/count.html | 104.21.30.242 | 200 OK | 882 B |
URL GET HTTP/2storage.multstorage.com/log/count.html IP104.21.30.242:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerGoogle Trust Services LLC Subjectmultstorage.com Fingerprint63:F0:24:29:21:22:E5:42:33:61:B5:20:05:1B:EF:36:81:F5:7B:0A ValiditySun, 17 Mar 2024 08:38:54 GMT - Sat, 15 Jun 2024 08:38:53 GMT
File typeHTML document, ASCII text, with very long lines (919), with no line terminators Hash053b1fe641da8057571d40ebaf1624ab 09b2648b7d08c84621298f0b939cea5170a65022 6606334874a3edb8295831f41d3684433e4553ffe0a72e58c90926e00f39c6a4
GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 01:44:16 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: 2b2c1e01a07bf86234160dd094beb1c3
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M6mnTZUEWT7MDl2YTH1EOgLDGDd6wM8JtBg%2BPN9lNVOcMOvP4RKy8GnubalClRue9i353TAfm3lE5I5Sy32PEgm8zTNJnztqtEn76oPXgl6Xclam0%2BPfM1LwTwX2DT7cCduK5dPiOuoCPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed0b5ebe2b56c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ransomsection.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2Btnu%2FyvShCNDcV5uBBxZ3t7unpmTEHMYkrIWsSEkU9hfrVk3Kru5qq7unZPS0GJMdhEbz2vtnNEg0SL94MMhvwEBB2vLgH9%2BR%2FoOQsMy6Ofg79ee%2FzPg2vXtUXe%2BUpCVHSk8sfmG2lNV3rtPzm658EwYXmhsrKUXPUi2%2FH0YWmHb7dj1v%2BG833Jd80a6Ef%2BH7gB811ZWViRmtzESp%2F2A9afb8Vha2gE2Fk%2F8td6cFRD2J4Sl6EErOVJ955KD5Flj66LN1mYfK33ktLTQtjMRSHH2WbmakypEuYWA9Jdni2DeOO1x%2FDZAcLuzDDfxaZmhHvp8dg2eGZSbDh%2FsIn05AZmHgO1XAKqadQdApu7kKJYwJwgWvXkaX3rxlb0a2%2FVTpXZ2Tl2R9Q1Yys%2FHYeWfrtRa1GzVtGl4UymcMoqaFGU6jBFHl5hGK7AVUdgRefQ4mfydqzDWTp%2FnWnDZQ4eY2xIIxYJ1xlcRCuRp1IrvZpr78qEp%2FHIuglvbC9CEipKVQyhZZjUNdA6TyUykOZeChzD6k4afIgCLq%2B4NTv9Tlvi65ksfAD2k0CGvhxDyWfn2GMIh%2BD6zG43UFud7CpxrDlj3B3ajjhwRUEQ1GjkgSVI6goQaUIqoKgGtYHQrvQ1feFdiULznp41tv1xBSDPXpgioHMCKgdw4p6Lz8l5xYB%2FhkbbMqTZhhGVEQ0iFjEgg4PumGcJF2%2FI3ncDSWN4dSDS%2Bur7Sjq3fahXAPUedhWxy%2FlyNXx86%2BA0SM4fQSuzoGWr4JWNeidGtvZIyFz41SRKC1di5sUwtTIixUUW96ePiUvL6xc%2FepLSP6UnBW4rZHbGp%2BpJwQDfW9y01Rk%2F6apHPnuel6oVG3T%2BT3fKmgh%2F%2F%2F1VblVGSuuXHbjB%2B%2FyuTCHDz%2BUrtigmVDZwJFvLiohpF03lkvywxX3sWQ3SnfnYmmzMt%2B4cWn9Sppb6Zwy2RRUHX%2B6C65m5IXvNxYP%2BM3mr1B2ClvWSMulU2Wm4PkOXL6cOUNg9ZKz3ENV1hMbsuVQKwItl5yyGu5fnC3xxNL531TVe%2B4eBrYBWtxFltYY2hpDXYPqMVz5v0mR26fv%2FNJeFJhuTJi2jX2mrd5dhDz%2F7MKpk2a33fZp3O8E3S6VXRaFvSQOBKVhFIdxTNso3CyJf8%2F%2FAgAA%2F%2F8BAAD%2F%2F%2FHJCC%2BaBAAA | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1ransomsection.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2Btnu%2FyvShCNDcV5uBBxZ3t7unpmTEHMYkrIWsSEkU9hfrVk3Kru5qq7unZPS0GJMdhEbz2vtnNEg0SL94MMhvwEBB2vLgH9%2BR%2FoOQsMy6Ofg79ee%2FzPg2vXtUXe%2BUpCVHSk8sfmG2lNV3rtPzm658EwYXmhsrKUXPUi2%2FH0YWmHb7dj1v%2BG833Jd80a6Ef%2BH7gB811ZWViRmtzESp%2F2A9afb8Vha2gE2Fk%2F8td6cFRD2J4Sl6EErOVJ955KD5Flj66LN1mYfK33ktLTQtjMRSHH2WbmakypEuYWA9Jdni2DeOO1x%2FDZAcLuzDDfxaZmhHvp8dg2eGZSbDh%2FsIn05AZmHgO1XAKqadQdApu7kKJYwJwgWvXkaX3rxlb0a2%2FVTpXZ2Tl2R9Q1Yys%2FHYeWfrtRa1GzVtGl4UymcMoqaFGU6jBFHl5hGK7AVUdgRefQ4mfydqzDWTp%2FnWnDZQ4eY2xIIxYJ1xlcRCuRp1IrvZpr78qEp%2FHIuglvbC9CEipKVQyhZZjUNdA6TyUykOZeChzD6k4afIgCLq%2B4NTv9Tlvi65ksfAD2k0CGvhxDyWfn2GMIh%2BD6zG43UFud7CpxrDlj3B3ajjhwRUEQ1GjkgSVI6goQaUIqoKgGtYHQrvQ1feFdiULznp41tv1xBSDPXpgioHMCKgdw4p6Lz8l5xYB%2FhkbbMqTZhhGVEQ0iFjEgg4PumGcJF2%2FI3ncDSWN4dSDS%2Bur7Sjq3fahXAPUedhWxy%2FlyNXx86%2BA0SM4fQSuzoGWr4JWNeidGtvZIyFz41SRKC1di5sUwtTIixUUW96ePiUvL6xc%2FepLSP6UnBW4rZHbGp%2BpJwQDfW9y01Rk%2F6apHPnuel6oVG3T%2BT3fKmgh%2F%2F%2F1VblVGSuuXHbjB%2B%2FyuTCHDz%2BUrtigmVDZwJFvLiohpF03lkvywxX3sWQ3SnfnYmmzMt%2B4cWn9Sppb6Zwy2RRUHX%2B6C65m5IXvNxYP%2BM3mr1B2ClvWSMulU2Wm4PkOXL6cOUNg9ZKz3ENV1hMbsuVQKwItl5yyGu5fnC3xxNL531TVe%2B4eBrYBWtxFltYY2hpDXYPqMVz5v0mR26fv%2FNJeFJhuTJi2jX2mrd5dhDz%2F7MKpk2a33fZp3O8E3S6VXRaFvSQOBKVhFIdxTNso3CyJf8%2F%2FAgAA%2F%2F8BAAD%2F%2F%2FHJCC%2BaBAAA IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectransomsection.com Fingerprint84:94:47:11:DF:24:53:02:E1:19:0F:B2:D9:9E:CB:83:86:65:FB:34 ValidityMon, 29 Apr 2024 08:05:40 GMT - Sun, 28 Jul 2024 08:05:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2Btnu%2FyvShCNDcV5uBBxZ3t7unpmTEHMYkrIWsSEkU9hfrVk3Kru5qq7unZPS0GJMdhEbz2vtnNEg0SL94MMhvwEBB2vLgH9%2BR%2FoOQsMy6Ofg79ee%2FzPg2vXtUXe%2BUpCVHSk8sfmG2lNV3rtPzm658EwYXmhsrKUXPUi2%2FH0YWmHb7dj1v%2BG833Jd80a6Ef%2BH7gB811ZWViRmtzESp%2F2A9afb8Vha2gE2Fk%2F8td6cFRD2J4Sl6EErOVJ955KD5Flj66LN1mYfK33ktLTQtjMRSHH2WbmakypEuYWA9Jdni2DeOO1x%2FDZAcLuzDDfxaZmhHvp8dg2eGZSbDh%2FsIn05AZmHgO1XAKqadQdApu7kKJYwJwgWvXkaX3rxlb0a2%2FVTpXZ2Tl2R9Q1Yys%2FHYeWfrtRa1GzVtGl4UymcMoqaFGU6jBFHl5hGK7AVUdgRefQ4mfydqzDWTp%2FnWnDZQ4eY2xIIxYJ1xlcRCuRp1IrvZpr78qEp%2FHIuglvbC9CEipKVQyhZZjUNdA6TyUykOZeChzD6k4afIgCLq%2B4NTv9Tlvi65ksfAD2k0CGvhxDyWfn2GMIh%2BD6zG43UFud7CpxrDlj3B3ajjhwRUEQ1GjkgSVI6goQaUIqoKgGtYHQrvQ1feFdiULznp41tv1xBSDPXpgioHMCKgdw4p6Lz8l5xYB%2FhkbbMqTZhhGVEQ0iFjEgg4PumGcJF2%2FI3ncDSWN4dSDS%2Bur7Sjq3fahXAPUedhWxy%2FlyNXx86%2BA0SM4fQSuzoGWr4JWNeidGtvZIyFz41SRKC1di5sUwtTIixUUW96ePiUvL6xc%2FepLSP6UnBW4rZHbGp%2BpJwQDfW9y01Rk%2F6apHPnuel6oVG3T%2BT3fKmgh%2F%2F%2F1VblVGSuuXHbjB%2B%2FyuTCHDz%2BUrtigmVDZwJFvLiohpF03lkvywxX3sWQ3SnfnYmmzMt%2B4cWn9Sppb6Zwy2RRUHX%2B6C65m5IXvNxYP%2BM3mr1B2ClvWSMulU2Wm4PkOXL6cOUNg9ZKz3ENV1hMbsuVQKwItl5yyGu5fnC3xxNL531TVe%2B4eBrYBWtxFltYY2hpDXYPqMVz5v0mR26fv%2FNJeFJhuTJi2jX2mrd5dhDz%2F7MKpk2a33fZp3O8E3S6VXRaFvSQOBKVhFIdxTNso3CyJf8%2F%2FAgAA%2F%2F8BAAD%2F%2F%2FHJCC%2BaBAAA HTTP/1.1
Host: ransomsection.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; uid_id2=bb124b52-b612-454e-9a89-df0c6d18f823:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 May 2024 01:44:16 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1970956926c9afe660772173e6bf07f5
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| adsbb.dfiles.eu//ad.php?z=56&c=NO | 91.226.124.120 | 303 See Other | 1.5 kB |
URL GET HTTP/2adsbb.dfiles.eu//ad.php?z=56&c=NO IP91.226.124.120:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET //ad.php?z=56&c=NO HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: last_file=6nnh1cvkh
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 303 See Other
content-security-policy: frame-ancestors depositfiles.com depositfiles.org dfiles.eu dfiles.com web-301.dfiles.eu web-302.dfiles.eu web-303.dfiles.eu web-304.dfiles.eu, frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: text/html; charset=UTF-8
date: Sun, 05 May 2024 01:44:15 GMT
location: /upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
server: nginx
set-cookie: _nf56=1; expires=Mon, 06-May-2024 01:44:15 GMT; Max-Age=86400
x-powered-by: PHP/5.6.40
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/css/style.css | 188.114.97.1 | 200 OK | 3.6 kB |
URL GET HTTP/2cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/css/style.css IP188.114.97.1:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (3854), with no line terminators Hash1ef6c40dc9237f64e46f930e4b26d112 7e94a725845a7101b17bfc0ff488e27c12060c1d e23167c1f14d771e6eb40f86085c2f04f52010a5e934cff3f9e214aab984f4b4
GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 01:44:17 GMT
content-type: text/css
last-modified: Thu, 01 Feb 2024 14:48:51 GMT
etag: W/"65bbaf53-e2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pP5OF3lRkEH6oMzPiyuSC5WGHUuKLDwQZkwvkkEoYejLkHHphBiaz6HPK2cY%2Fbw%2BTkneo%2BZrjf%2FWfF3W%2BlvJ0IqwaanfBrsHTIg0IvaUhwbf%2FswsIDO2DJoMr2UZ8nImkR9kEmu0Jv1X"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ed0b64f8f656a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/css/main.css | 91.226.124.125 | 200 OK | 194 kB |
URL GET HTTP/2static.depositfiles.com/css/main.css IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/6nnh1cvkh/Minecraft-Story_patch.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
Size194 kB (194436 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /css/main.css HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=300
content-encoding: gzip
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: text/css
date: Sun, 05 May 2024 01:44:14 GMT
etag: W/"6545effd-2f784"
expires: Sun, 05 May 2024 01:49:14 GMT
last-modified: Sat, 04 Nov 2023 07:17:17 GMT
server: nginx
X-Firefox-Spdy: h2
|
|