depositfiles.com/files/m5ubx6ty3/SPT.S01E01.Dub-CyborgPsychon.rar
91.226.124.80302 Moved Temporarily 138 B URL HTTP/1.1 depositfiles.com/files/m5ubx6ty3/SPT.S01E01.Dub-CyborgPsychon.rar
IP 91.226.124.80:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /files/m5ubx6ty3/SPT.S01E01.Dub-CyborgPsychon.rar HTTP/1.1
Host: depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 24 Nov 2022 10:20:57 GMT
Content-Type: text/html
Content-Length: 138
Connection: close
Location: https://depositfiles.com/files/m5ubx6ty3/SPT.S01E01.Dub-CyborgPsychon.rar
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb72f04bd7a4410640c0543bb4bd402
7c63b7e220b337b6a4f39864e11d6aa9e26c38ac
b7f7a4d355ed3b847a5e28f16030d5cbc715d47326aea20f292cd76dcaf59794
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7F7A4D355ED3B847A5E28F16030D5CBC715D47326AEA20F292CD76DCAF59794"
Last-Modified: Mon, 21 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5508
Expires: Thu, 24 Nov 2022 11:52:45 GMT
Date: Thu, 24 Nov 2022 10:20:57 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4667
Cache-Control: max-age=91686
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:20:57 GMT
Etag: "637df674-1d7"
Expires: Fri, 25 Nov 2022 11:49:03 GMT
Last-Modified: Wed, 23 Nov 2022 10:31:16 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7897
Expires: Thu, 24 Nov 2022 12:32:34 GMT
Date: Thu, 24 Nov 2022 10:20:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 10:18:58 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 119
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ANTCDtmyD3PCACAv+0t4xeu7peGv1Ss4jHW35FDcq/yJPzoVYGFKF4+uPwfi7dFdqEBJBH6PKUM=
x-amz-request-id: S7JFBJCP5W9E9JT9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 09:43:21 GMT
age: 2256
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5cb52262147e9a36cc8bca3082e84054
c1e8062611d62d3e312ebf6d82c4f6cdc6ec4f32
417808dc45e8b30c56b53d52f191c6ad0d981631ab684663aac1acfd1ba4cb9a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "417808DC45E8B30C56B53D52F191C6AD0D981631AB684663AAC1ACFD1BA4CB9A"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1202
Expires: Thu, 24 Nov 2022 10:40:59 GMT
Date: Thu, 24 Nov 2022 10:20:57 GMT
Connection: keep-alive
depositfiles.com/files/m5ubx6ty3/SPT.S01E01.Dub-CyborgPsychon.rar
91.226.124.78302 Found 0 B URL HTTP/1.1 depositfiles.com/files/m5ubx6ty3/SPT.S01E01.Dub-CyborgPsychon.rar
IP 91.226.124.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /files/m5ubx6ty3/SPT.S01E01.Dub-CyborgPsychon.rar HTTP/1.1
Host: depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 24 Nov 2022 10:20:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Location: //dfiles.eu/files/m5ubx6ty3/SPT.S01E01.Dub-CyborgPsychon.rar
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 10:20:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d110f835f7b30b6f88b879d50107a99
caf0a6cd6d5ed970211e1487d8c9400a0b5d0f0a
5b570aa53bd8309d21e91df7a60e8f9ab0f9ce09f4eb89bd4c5199d97002be8b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5B570AA53BD8309D21E91DF7A60E8F9AB0F9CE09F4EB89BD4C5199D97002BE8B"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3430
Expires: Thu, 24 Nov 2022 11:18:07 GMT
Date: Thu, 24 Nov 2022 10:20:57 GMT
Connection: keep-alive
dfiles.eu/files/m5ubx6ty3/SPT.S01E01.Dub-CyborgPsychon.rar
91.226.124.76200 OK 8.4 kB URL HTTP/1.1 dfiles.eu/files/m5ubx6ty3/SPT.S01E01.Dub-CyborgPsychon.rar
IP 91.226.124.76:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6441), with CRLF, CR, LF line terminators
Hash 270bfe194ec93d22601b0913ece38001
0e9233afab5d412126e7de340a83ca7da3a28720
e98882864209a4c98a02b20f929f7ec75ffee57a596510a235082cf53f836be3
GET /files/m5ubx6ty3/SPT.S01E01.Dub-CyborgPsychon.rar HTTP/1.1
Host: dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:20:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: uprand=470968d913cc183163a5671287ad394b; path=/; domain=.dfiles.eu
last_file=m5ubx6ty3; path=/; domain=.dfiles.eu
lang_current=en; expires=Fri, 24-Nov-2023 10:20:57 GMT; Max-Age=31536000; path=/; domain=.dfiles.eu; secure
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f7801fe8b983652ae788bc952856c2ed
f3898da21792b146a9f856e87ed3520d76277fb8
faa1bc8a9887e2dc694ff645546ea16cb96ac4bd1b0c460aef95f2cced100d6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:20:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 717eab4be4198383202815cd643e0d73
870732e1b6b0392f3d34a235395a491682eb4c63
5b80ade44e09a05830c6b1fe6ce16eb52355301be22ee9656ef7b9f3bba0155d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5B80ADE44E09A05830C6B1FE6CE16EB52355301BE22EE9656EF7B9F3BBA0155D"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14259
Expires: Thu, 24 Nov 2022 14:18:36 GMT
Date: Thu, 24 Nov 2022 10:20:57 GMT
Connection: keep-alive
www.google.com/recaptcha/api.js
142.250.74.164200 OK 553 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 1309ff133720d219cc98090d66a051ed
b96fc5a893e42be16d687d7abdecdb13d348a019
358683c66634ea5ee3021c93111d8621d583880bcbbfadf3ec2ff87a15ea1038
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 24 Nov 2022 10:20:57 GMT
date: Thu, 24 Nov 2022 10:20:57 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 717eab4be4198383202815cd643e0d73
870732e1b6b0392f3d34a235395a491682eb4c63
5b80ade44e09a05830c6b1fe6ce16eb52355301be22ee9656ef7b9f3bba0155d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5B80ADE44E09A05830C6B1FE6CE16EB52355301BE22EE9656EF7B9F3BBA0155D"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14259
Expires: Thu, 24 Nov 2022 14:18:36 GMT
Date: Thu, 24 Nov 2022 10:20:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 717eab4be4198383202815cd643e0d73
870732e1b6b0392f3d34a235395a491682eb4c63
5b80ade44e09a05830c6b1fe6ce16eb52355301be22ee9656ef7b9f3bba0155d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5B80ADE44E09A05830C6B1FE6CE16EB52355301BE22EE9656EF7B9F3BBA0155D"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14259
Expires: Thu, 24 Nov 2022 14:18:36 GMT
Date: Thu, 24 Nov 2022 10:20:57 GMT
Connection: keep-alive
cdn.unblockia.com/h.js
143.204.55.84200 OK 32 kB IP 143.204.55.84:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a262cd192964e29f506bb61e36608d4c
9c5246b3188b266c56d4b57387f2eba97455089b
7cec5a718a888cc461892b7d0928e07270ed3d9b60cc997e3d52cd98ceeae97b
GET /h.js HTTP/1.1
Host: cdn.unblockia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Mon, 07 Nov 2022 09:24:07 GMT
x-amz-meta-codebuild-content-sha256: f561b815de3b6c9718985ac58c379a8d64edf3a4c24316d44344fee555901642
x-amz-version-id: KDqRVa48MHGLpYusDjJ9DqVdoI.tCpKZ
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:987257285531:build/unblockia-loader-codebuild-project:8b8ee6bb-f500-4400-a66e-e2fa8077d658
x-amz-meta-codebuild-content-md5: 06f6dd03a7c46d58660c24386434f77e
server: AmazonS3
content-encoding: br
date: Wed, 23 Nov 2022 19:26:27 GMT
etag: W/"b826bd49536ecb6f1766bfa6c46b680b"
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7UyZXL1qvfnQs5JohMnjBfqUCuc36aIqs444kyljmfbCsOD55PCJgw==
age: 53670
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
static.depositfiles.com/js/function.js
91.226.124.77200 OK 35 kB URL HTTP/1.1 static.depositfiles.com/js/function.js
IP 91.226.124.77:0
File type ASCII text, with very long lines (4240)
Hash a5779d2f560cd50376dbba372b0fd15b
07b08e35b9254288c1372e37577db8b9e4da01b4
51d26403861d61a7842bc73f518d4a4351a7027c40c9f0347f61421226950b84
GET /js/function.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:20:57 GMT
Content-Type: application/javascript
Content-Length: 34915
Last-Modified: Thu, 28 Apr 2022 10:40:27 GMT
Connection: keep-alive
ETag: "626a6f1b-8863"
Expires: Thu, 24 Nov 2022 10:25:57 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 10:11:11 GMT
cache-control: public,max-age=3600
age: 586
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
static.depositfiles.com/js/jquery.validate.js
91.226.124.77200 OK 38 kB URL HTTP/1.1 static.depositfiles.com/js/jquery.validate.js
IP 91.226.124.77:0
File type Unicode text, UTF-8 text, with very long lines (1238)
Hash d5231b6378847ebdb55f64c77d5a234f
eed97aa0b2aa9486b6f6831ed8a85dc729ad6b9c
95434a8a2568a6481a1fbcf5808a75dd58e77348ed6d70b4f7aeda8842e8f0c7
GET /js/jquery.validate.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:20:57 GMT
Content-Type: application/javascript
Content-Length: 38269
Last-Modified: Thu, 28 Apr 2022 10:40:27 GMT
Connection: keep-alive
ETag: "626a6f1b-957d"
Expires: Thu, 24 Nov 2022 10:25:57 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes
static.depositfiles.com/css/main.css
91.226.124.77200 OK 47 kB URL HTTP/1.1 static.depositfiles.com/css/main.css
IP 91.226.124.77:0
File type ASCII text, with very long lines (332)
Hash cea03c07a2dcdd9444f5f6de6a3f6c64
89307ec85eb1fa31aa0b0d759e13f78970b0375b
5ecd5842291f787ca0d39182e73ab7992ed55dccce2aaeb7cfc4e10ba3917634
GET /css/main.css HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:20:57 GMT
Content-Type: text/css
Last-Modified: Thu, 28 Apr 2022 10:40:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"626a6f19-2f719"
Expires: Thu, 24 Nov 2022 10:25:57 GMT
Cache-Control: max-age=300
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:20:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.depositfiles.com/js/base2.js
91.226.124.77200 OK 399 kB URL HTTP/1.1 static.depositfiles.com/js/base2.js
IP 91.226.124.77:0
File type Unicode text, UTF-8 text, with very long lines (65481)
Size 399 kB (398927 bytes)
Hash 2fcae8126c3fd9a626370a701f0bd887
f3496fb7bbe122a9774d7dcfcd68da03a24dc285
d29ab86f64b4fcfbc45b9ef806c147f1e42e37e37d44a559147232288063badc
GET /js/base2.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:20:57 GMT
Content-Type: application/javascript
Content-Length: 398927
Last-Modified: Thu, 28 Apr 2022 10:40:27 GMT
Connection: keep-alive
ETag: "626a6f1b-6164f"
Expires: Thu, 24 Nov 2022 10:25:57 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5563
Cache-Control: max-age=87518
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:20:58 GMT
Etag: "637de2ad-1d7"
Expires: Fri, 25 Nov 2022 10:39:36 GMT
Last-Modified: Wed, 23 Nov 2022 09:06:53 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9b65e551b874f3b6ec018e21ae04aa6b
0ee26bf583acec91cc18e79822f9928b1edb6abd
8fd71d9d0de01a71e68ca105eb3026ad73bcc5f887f17ecffdb8b9e5ea5621bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8FD71D9D0DE01A71E68CA105EB3026AD73BCC5F887F17ECFFDB8B9E5EA5621BB"
Last-Modified: Wed, 23 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3740
Expires: Thu, 24 Nov 2022 11:23:18 GMT
Date: Thu, 24 Nov 2022 10:20:58 GMT
Connection: keep-alive
pl16105218.highperformancecpmgate.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js
173.233.137.60200 OK 13 kB URL HTTP/1.1 pl16105218.highperformancecpmgate.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js
IP 173.233.137.60:0
File type ASCII text, with very long lines (37164), with no line terminators
Hash 1cc763db784796c205eb91765f7f3fed
8bd565a75d55d50ce745a5925f4ebb07152eb793
e8697a898dc95737ad8c9346b3393374385981adeeec9a233fc2e94ae92f7f00
Analyzer Verdict Alert quad9 Sinkholed
GET /22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js HTTP/1.1
Host: pl16105218.highperformancecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 10:20:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c8401dafd4ca6df46b7075dbff02ecd0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
static.depositfiles.com/images/logo.png
91.226.124.77200 OK 3.6 kB URL HTTP/1.1 static.depositfiles.com/images/logo.png
IP 91.226.124.77:0
File type PNG image data, 176 x 43, 8-bit/color RGBA, non-interlaced\012- data
Hash c41fdd84b04e45a91cb17cfdeccb1b38
fec7fffe104c7e169aeb159032078c4b71ff2cdc
7f89eb8ab03684f4db282ca30eb231b1e254bca10c7b511950df5e0eab0a68a0
GET /images/logo.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:20:58 GMT
Content-Type: image/png
Content-Length: 3623
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-e27"
Accept-Ranges: bytes
static.depositfiles.com/images/timer.gif
91.226.124.77200 OK 12 kB URL HTTP/1.1 static.depositfiles.com/images/timer.gif
IP 91.226.124.77:0
File type GIF image data, version 89a, 70 x 70\012- data
Hash fb170c2ce20d8088b7cee465689c3637
9759429c7de6921580fac900c4c6026c758bb94c
6b5c53dd4d2d07c854e019e55458ff9652a4d9b7bf1fe8848ad00ca16032e294
GET /images/timer.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:20:58 GMT
Content-Type: image/gif
Content-Length: 11607
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-2d57"
Expires: Tue, 29 Nov 2022 10:20:58 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
static.depositfiles.com/images/member_menu_bg.gif
91.226.124.77200 OK 78 B URL HTTP/1.1 static.depositfiles.com/images/member_menu_bg.gif
IP 91.226.124.77:0
File type GIF image data, version 89a, 1 x 48\012- data
Hash 20a24b56dcedf6a71a71ebec771e1f7d
d7bed493d5d4eeaed5dbbf7d30d45107840790a0
6f57f29224d8e9e51ed0839e329055426fba7dcd97ef31e93ed495f93a6063df
GET /images/member_menu_bg.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:20:58 GMT
Content-Type: image/gif
Content-Length: 78
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-4e"
Expires: Tue, 29 Nov 2022 10:20:58 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
static.depositfiles.com/images/flags/lang24.png
91.226.124.77200 OK 9.2 kB URL HTTP/1.1 static.depositfiles.com/images/flags/lang24.png
IP 91.226.124.77:0
File type PNG image data, 24 x 552, 8-bit/color RGBA, non-interlaced\012- data
Hash efdcd1ca23d564ddd811f41152a2b83c
0b5aa064e7f8f241363c55fa17eb448f42a5f8df
ce23be242e34c5b420f8ba0390aef20fa50ffc69f700091029616eff524e8f9b
GET /images/flags/lang24.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:20:58 GMT
Content-Type: image/png
Content-Length: 9172
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-23d4"
Accept-Ranges: bytes
static.depositfiles.com/images/sprite.png
91.226.124.77200 OK 37 kB URL HTTP/1.1 static.depositfiles.com/images/sprite.png
IP 91.226.124.77:0
File type PNG image data, 102 x 630, 8-bit/color RGBA, non-interlaced\012- data
Hash 2333675d7e431d5313c6dbb5230a14cd
93c4032e5b8b85793a9cda7167804445d950dd96
b287134a60667ce8e2c3fa1603e3a8f2ffa59c64e746d026d1a13ef19f3f38a0
GET /images/sprite.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:20:58 GMT
Content-Type: image/png
Content-Length: 36802
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-8fc2"
Accept-Ranges: bytes
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 82401689b683af7cb8bfc79971fcaacc
e1bd44f9f5a52703768671ebed52417d29c70d14
a0edcb7c8b70be0faae8f29ae8a8672a29e1113389d93454d821fb69d3d1e28c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A0EDCB7C8B70BE0FAAE8F29AE8A8672A29E1113389D93454D821FB69D3D1E28C"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7654
Expires: Thu, 24 Nov 2022 12:28:32 GMT
Date: Thu, 24 Nov 2022 10:20:58 GMT
Connection: keep-alive
push.services.mozilla.com/
44.238.202.79101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.238.202.79:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cN8J/rCqvGwfBfYk5eQhbA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8m00XHVU2SO1/KiDAO/JJDM+q30=
static.depositfiles.com/images/sprite16.png
91.226.124.77200 OK 28 kB URL HTTP/1.1 static.depositfiles.com/images/sprite16.png
IP 91.226.124.77:0
File type PNG image data, 32 x 1072, 8-bit/color RGBA, non-interlaced\012- data
Hash 2e86fe2d2c2650c5f4663f0fc135ebc1
ba86e14a9abcff0581eda84a307594ef1288b982
604187f8828381a47ae70249f55f21c78c53ab1401d20a5f2230a0d6c9ae50d1
GET /images/sprite16.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:20:58 GMT
Content-Type: image/png
Content-Length: 28501
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-6f55"
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c23f29473bb2a98f612544f222a477ce
e17fdc096a0ebc1e637d67870bde66c939b3400b
01677b7b69f58ee97b3673d9d36c3b068f0460001753bfc6b40aebeef48762f8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01677B7B69F58EE97B3673D9D36C3B068F0460001753BFC6B40AEBEEF48762F8"
Last-Modified: Tue, 22 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3651
Expires: Thu, 24 Nov 2022 11:21:49 GMT
Date: Thu, 24 Nov 2022 10:20:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8cbf1887d1faa0b794ac3ba2412172dc
d75d6e347007c4a37eb02b64dfe800f47ab5afa7
2568598a49872f6fc2663ff6d37172e7ccfdb28c0944734897941d35a22cd0a6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2568598A49872F6FC2663FF6D37172E7CCFDB28C0944734897941D35A22CD0A6"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8786
Expires: Thu, 24 Nov 2022 12:47:24 GMT
Date: Thu, 24 Nov 2022 10:20:58 GMT
Connection: keep-alive
adsbb.dfiles.eu//ad.php?z=56&c=NO
91.226.124.76303 See Other 0 B URL HTTP/1.1 adsbb.dfiles.eu//ad.php?z=56&c=NO
IP 91.226.124.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET //ad.php?z=56&c=NO HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: uprand=470968d913cc183163a5671287ad394b; last_file=m5ubx6ty3; lang_current=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 303 See Other
Server: nginx
Date: Thu, 24 Nov 2022 10:20:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.30-0+deb8u1
Set-Cookie: _nf56=1; expires=Fri, 25-Nov-2022 10:20:58 GMT; Max-Age=86400
Location: /upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
adsbb.dfiles.eu//ad.php?z=60&c=NO
91.226.124.76303 See Other 0 B URL HTTP/1.1 adsbb.dfiles.eu//ad.php?z=60&c=NO
IP 91.226.124.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET //ad.php?z=60&c=NO HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: uprand=470968d913cc183163a5671287ad394b; last_file=m5ubx6ty3; lang_current=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 303 See Other
Server: nginx
Date: Thu, 24 Nov 2022 10:20:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.30-0+deb8u1
Set-Cookie: _nf60=1; expires=Fri, 25-Nov-2022 10:20:58 GMT; Max-Age=86400
Location: /upload/2203/ad27612964f48cd2.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
adsbb.dfiles.eu//ad.php?z=58&c=NO&g=no_file
91.226.124.76303 See Other 0 B URL HTTP/1.1 adsbb.dfiles.eu//ad.php?z=58&c=NO&g=no_file
IP 91.226.124.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET //ad.php?z=58&c=NO&g=no_file HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: uprand=470968d913cc183163a5671287ad394b; last_file=m5ubx6ty3; lang_current=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 303 See Other
Server: nginx
Date: Thu, 24 Nov 2022 10:20:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.30-0+deb8u1
Set-Cookie: _nf58=1; expires=Fri, 25-Nov-2022 10:20:58 GMT; Max-Age=86400
Location: /upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
adsbb.dfiles.eu//ad.php?z=7&c=NO&g=no_file&u=637f45898b574-49141117
91.226.124.76303 See Other 0 B URL HTTP/1.1 adsbb.dfiles.eu//ad.php?z=7&c=NO&g=no_file&u=637f45898b574-49141117
IP 91.226.124.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET //ad.php?z=7&c=NO&g=no_file&u=637f45898b574-49141117 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: uprand=470968d913cc183163a5671287ad394b; last_file=m5ubx6ty3; lang_current=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 303 See Other
Server: nginx
Date: Thu, 24 Nov 2022 10:20:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.30-0+deb8u1
Set-Cookie: _nf7=1; expires=Fri, 25-Nov-2022 10:20:58 GMT; Max-Age=86400
Location: /upload/2211/ad2769296150a424.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 78a5e8567c816ea5adeff1e60bd63461
bee92246cea1db6fb25a8f4e431060e349dc73a2
5312c83674cb2dc648d3e67a484bcd02cb44fd535ef277c54eb45f4990381243
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=99647
Date: Thu, 24 Nov 2022 10:20:58 GMT
Etag: "637e2096-1d7"
Expires: Fri, 25 Nov 2022 14:01:45 GMT
Last-Modified: Wed, 23 Nov 2022 13:31:02 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2ul9TiNu5WJXAfXXfNM-Rce4ibvd1aPYq1eUW5fjWSPUbY-vk9jNKw==
Age: 1843
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 24600f454c979df83e391e049dda132f
aa15bd8078e9480d9495c15ca18f76a0c76a5869
e6b5ebb48600b4a2362bb5bb0bdb21da53f94109ba28c8e17b8138792482c81e
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:20:58 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dfiles.eu
access-control-allow-credentials: true
set-cookie: uid_id2=6eaead45-a0f5-4229-8c7d-209167b06c11:1:1; expires=Sun, 21 Nov 2032 10:20:58 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
91.226.124.76200 OK 671 B URL HTTP/1.1 adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
IP 91.226.124.76:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash c6d228fe5a61190bab75b4e215f895a4
01215079283299af197c2c5cfcb9bc5cb7c75042
756df4c453e42746f706be0c6cecd4809b8f0f71e2db74ed9cd45e66e7437cf5
GET /upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Connection: keep-alive
Cookie: uprand=470968d913cc183163a5671287ad394b; last_file=m5ubx6ty3; lang_current=en; _nf56=1; _nf60=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:20:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Last-Modified: Thu, 24 Nov 2022 10:20:01 GMT
Content-Encoding: gzip
adsbb.dfiles.eu/upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
91.226.124.76200 OK 887 B URL HTTP/1.1 adsbb.dfiles.eu/upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
IP 91.226.124.76:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 8c315aab7a583993df4337cd18397e98
20d3f874e55b50a13c9ce3e94e144de95479c185
97c86e5d17564f0f75e5ba068c6a09ef56b54bc995658bab1b07afc0f0580ee6
GET /upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Connection: keep-alive
Cookie: uprand=470968d913cc183163a5671287ad394b; last_file=m5ubx6ty3; lang_current=en; _nf56=1; _nf60=1; _nf58=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:20:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Last-Modified: Thu, 24 Nov 2022 10:20:01 GMT
Content-Encoding: gzip
adsbb.dfiles.eu/upload/2211/ad2769296150a424.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
91.226.124.76200 OK 2.4 kB URL HTTP/1.1 adsbb.dfiles.eu/upload/2211/ad2769296150a424.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
IP 91.226.124.76:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (879)
Hash 09fe096f81a3d25bfbeb6d96ba85fa9f
ff05b723ad9c44ffdc7cc970da44c2a9abe2098f
4b3f40b10971fb0cb2ce91cfa61e354b3728c9efaa14a8f254bc750336a6a283
GET /upload/2211/ad2769296150a424.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Connection: keep-alive
Cookie: uprand=470968d913cc183163a5671287ad394b; last_file=m5ubx6ty3; lang_current=en; _nf56=1; _nf60=1; _nf58=1; _nf7=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:20:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Last-Modified: Thu, 24 Nov 2022 10:20:01 GMT
Content-Encoding: gzip
adsbb.dfiles.eu/upload/2203/ad27612964f48cd2.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
91.226.124.76200 OK 678 B URL HTTP/1.1 adsbb.dfiles.eu/upload/2203/ad27612964f48cd2.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
IP 91.226.124.76:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash f677915150acc4156c4154c8fb50dfef
bc232374476e2f418012e2abc6dd7f9496976154
1355ee96f5cbd7b68dc1e27c986a9c999a621b0eabab3104dd3321b4657d2e31
GET /upload/2203/ad27612964f48cd2.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Connection: keep-alive
Cookie: uprand=470968d913cc183163a5671287ad394b; last_file=m5ubx6ty3; lang_current=en; _nf56=1; _nf60=1; _nf58=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:20:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Last-Modified: Thu, 24 Nov 2022 10:20:01 GMT
Content-Encoding: gzip
dominantroute.com/bens/vinos.js?23701&u=null&a=0.16075044954760198
193.200.64.20200 OK 140 kB URL HTTP/1.1 dominantroute.com/bens/vinos.js?23701&u=null&a=0.16075044954760198
IP 193.200.64.20:0
ASN #6681 Rozetka Sp. z o.o.
File type ASCII text, with very long lines (727)
Size 140 kB (140149 bytes)
Hash 1d60de8ac8d9a65c8eed25feae12cd8e
857afaea41af8e8062a0934a5b990a7f97ed559b
0a3c06b730ec17838c3b7ab060a02017d077bfa3ed3bca30f46ccc6dcc62cdd1
GET /bens/vinos.js?23701&u=null&a=0.16075044954760198 HTTP/1.1
Host: dominantroute.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:20:58 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NON DSP COR CURa TIA"
Set-Cookie: uuid=16692850241532635802; expires=Sat, 23-Nov-2024 10:20:58 GMT; Max-Age=63072000; path=/; samesite=None; domain=.dominantroute.com; secure
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 82401689b683af7cb8bfc79971fcaacc
e1bd44f9f5a52703768671ebed52417d29c70d14
a0edcb7c8b70be0faae8f29ae8a8672a29e1113389d93454d821fb69d3d1e28c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A0EDCB7C8B70BE0FAAE8F29AE8A8672A29E1113389D93454D821FB69D3D1E28C"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7654
Expires: Thu, 24 Nov 2022 12:28:32 GMT
Date: Thu, 24 Nov 2022 10:20:58 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4e44a8dee379cebc8b1d10b190088d3d
679858f6c2f7f6f516b96a64282bf663fb7f8d80
9fe477e249caed1e724bf3528b48278e00f73102faa61c654535bea524aa7ae7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5115
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:20:58 GMT
Last-Modified: Thu, 24 Nov 2022 08:55:43 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4e44a8dee379cebc8b1d10b190088d3d
679858f6c2f7f6f516b96a64282bf663fb7f8d80
9fe477e249caed1e724bf3528b48278e00f73102faa61c654535bea524aa7ae7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4868
Cache-Control: max-age=129292
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:20:58 GMT
Etag: "637e8892-117"
Expires: Fri, 25 Nov 2022 22:15:50 GMT
Last-Modified: Wed, 23 Nov 2022 20:54:42 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff420d7d34d0bacca3e4e864782c8a50
80dc835f741c6709b349d8287accb7f583df91c0
15a8e4da43e1362bcf300f637a706e4d5b65a92fb50b4faeb30543a04da71a6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "15A8E4DA43E1362BCF300F637A706E4D5B65A92FB50B4FAEB30543A04DA71A6B"
Last-Modified: Wed, 23 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3277
Expires: Thu, 24 Nov 2022 11:15:35 GMT
Date: Thu, 24 Nov 2022 10:20:58 GMT
Connection: keep-alive
adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
91.226.124.76200 OK 85 kB URL HTTP/1.1 adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
IP 91.226.124.76:0
File type Unicode text, UTF-8 text, with very long lines (65168)
Hash b04a3bccd23ddeb7982143707a63ccf9
4a5dc1389aad050a44ee5e81408238a317ab3413
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=470968d913cc183163a5671287ad394b; last_file=m5ubx6ty3; lang_current=en; _nf56=1; _nf60=1; _nf58=1; _nf7=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:20:58 GMT
Content-Type: application/javascript
Content-Length: 85260
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes
friendshipmale.com/sfp.js
172.64.141.24200 OK 27 kB URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.141.24:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 249d5bb8f8d5fd948efc1354d88c6817
7c912d3b06643207404fedefff09fafa13366c0d
f3bfe89639b988ecb00f0cfee2f14749541d67e96bd6b6308d6e934031db1352
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:20:58 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: ba1f4aa4b33b2ee4e76ce1bfe7195038
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 24 Nov 2022 10:20:58 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QtIu%2BeWqvR7HIjqWkOfCMJIV%2FbPVvx92CbiwWnbAhscWzDm2KyJAA9hAqizCe%2FfTfW9A43OxeGsEd%2BL8X%2BGvBIuLxCTO2n06%2FbBB0R8tTqP9U9IDDbVtbK5V6ce5rhaWbiDU3gA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f16a41b863f3e7-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c4b6fe9b16a25c4ed26977ae2ad68374
37c8b559fb0302b0e7b87cea81427aad9f55038b
03cef4cc5a6bdf604ff1ae8680f4fabfd6d5f54f8f7514c86df73c42d17ef932
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03CEF4CC5A6BDF604FF1AE8680F4FABFD6D5F54F8F7514C86DF73C42D17EF932"
Last-Modified: Wed, 23 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6478
Expires: Thu, 24 Nov 2022 12:08:56 GMT
Date: Thu, 24 Nov 2022 10:20:58 GMT
Connection: keep-alive
adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
91.226.124.76200 OK 85 kB URL HTTP/1.1 adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
IP 91.226.124.76:0
File type Unicode text, UTF-8 text, with very long lines (65168)
Hash b04a3bccd23ddeb7982143707a63ccf9
4a5dc1389aad050a44ee5e81408238a317ab3413
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2211/ad2769296150a424.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=470968d913cc183163a5671287ad394b; last_file=m5ubx6ty3; lang_current=en; _nf56=1; _nf60=1; _nf58=1; _nf7=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:20:58 GMT
Content-Type: application/javascript
Content-Length: 85260
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes
jsc.mgid.com/d/e/depositfiles.com.7998.js
104.19.133.78200 OK 86 kB URL HTTP/2 jsc.mgid.com/d/e/depositfiles.com.7998.js
IP 104.19.133.78:0
File type ASCII text, with very long lines (2337), with no line terminators
Hash 1998733f8e64e4d01ff9a43ea0b4b8a5
ae660a78b9c4159fcc51a188e8885ab1895814fd
375497de24ea5654a907c7feae68be3f3b82da674ba938ace9fc001e333b1e8e
GET /d/e/depositfiles.com.7998.js HTTP/1.1
Host: jsc.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:20:58 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=2338
etag: W/"cc03417525f2c11749720e1f71cab8cc"
last-modified: Wed, 23 Nov 2022 11:36:09 GMT
x-amz-id-2: gtrjRliVmqoBgAHJGd+V/pUPyyP/yKmdtR0K35B54BTMfT0Fb0HZvZK5Uc0/MzeN2OjsMB4spHc=
x-amz-request-id: S43RXRRX8KW7AZQA
x-amz-version-id: K3QwvBEONaEnNjVv0e6njsoPjgmP9z5r
cf-cache-status: HIT
age: 1585
expires: Thu, 24 Nov 2022 13:20:58 GMT
cache-control: public, max-age=10800
set-cookie: __cf_bm=5W91CXTjQowyyRIjnQV5YAdaFRG7S4MRXKy8cSDABdo-1669285258-0-ARhyhJyaTtyJBKs//MvkWJOgoiF0Qc3IUr9nt19dFdzhWy2DlF6iFqyZzHybO0gv4BbcW/2WZI6faQE+FUR5ex4=; path=/; expires=Thu, 24-Nov-22 10:50:58 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f16a4348aeb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
91.226.124.76200 OK 85 kB URL HTTP/1.1 adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
IP 91.226.124.76:0
File type Unicode text, UTF-8 text, with very long lines (65168)
Hash b04a3bccd23ddeb7982143707a63ccf9
4a5dc1389aad050a44ee5e81408238a317ab3413
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2203/ad27612964f48cd2.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=470968d913cc183163a5671287ad394b; last_file=m5ubx6ty3; lang_current=en; _nf56=1; _nf60=1; _nf58=1; _nf7=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:20:58 GMT
Content-Type: application/javascript
Content-Length: 85260
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes
adsbb.dfiles.eu/view.gif?c=2685&z=56&b=2758&u=637f4551cc960786959195948756
91.226.124.76200 OK 43 B URL HTTP/1.1 adsbb.dfiles.eu/view.gif?c=2685&z=56&b=2758&u=637f4551cc960786959195948756
IP 91.226.124.76:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /view.gif?c=2685&z=56&b=2758&u=637f4551cc960786959195948756 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=470968d913cc183163a5671287ad394b; last_file=m5ubx6ty3; lang_current=en; _nf56=1; _nf60=1; _nf58=1; _nf7=1; u_count=%5B0%2C0%5D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:20:58 GMT
Content-Type: image/gif
Content-Length: 43
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes
static.depositfiles.com/images/favicon.ico
91.226.124.77200 OK 78 kB URL HTTP/1.1 static.depositfiles.com/images/favicon.ico
IP 91.226.124.77:0
Hash 6b69d13542a610cfed965e4b4bb0876a
f7fed3d974969d2c0d574ed007e12f2c22eb06b3
4f3f3820e169e9da37f5a4a899cc0646a3dfb8374c04b6b3dcde00cb81cdc171
GET /images/favicon.ico HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:20:59 GMT
Content-Type: image/x-icon
Content-Length: 318
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-13e"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:20:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:20:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 09:43:42 GMT
expires: Fri, 24 Nov 2023 09:43:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 2237
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test_adblock=true
142.250.74.130200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test_adblock=true
IP 142.250.74.130:0
File type ASCII text, with very long lines (4885)
Hash 329808a68e296af30932f62d7fe76ae4
e6f920db526d3bed88077dd806704313ad68bed8
3793e83162f5f4216040e4e13ed968a7760cfa581232dd9c68502b4d65f5c1a0
GET /pagead/js/adsbygoogle.js?test_adblock=true HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 24 Nov 2022 10:20:59 GMT
expires: Thu, 24 Nov 2022 10:20:59 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 14551486523192918596
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49009
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:20:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 235d4a6b5567bc38e62c098329f9c11d
33c3e5be6f9612c972c5cb8f5fe30849987db9e8
e191530e4c1e7f2d03ac1d79df95b63e520e826c642094b50641ca1429ecdf83
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6039
Cache-Control: max-age=159255
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:20:59 GMT
Etag: "637ef90b-117"
Expires: Sat, 26 Nov 2022 06:35:14 GMT
Last-Modified: Thu, 24 Nov 2022 04:54:35 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:20:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jsc.adskeeper.com/d/f/dfiles.eu.1285384.js
172.64.151.192200 OK 917 B URL HTTP/2 jsc.adskeeper.com/d/f/dfiles.eu.1285384.js
IP 172.64.151.192:0
File type ASCII text, with very long lines (2350)
Hash 95ab9ef736bad3e8c038489841b11046
5cd7ef6dfbdf1685364d23d33016cd377038dc34
32b0fb71539534119d8d53120fac6fa8b777d90e2f4fc5c4961f7d43ac70c437
GET /d/f/dfiles.eu.1285384.js HTTP/1.1
Host: jsc.adskeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:20:59 GMT
content-type: text/javascript
content-length: 917
x-amz-id-2: fp5nLf7Q4LGhtV7KrMHN180+d6L6Hyhsr4A4LFRoj6Mw9YCgNZfWWCPDoMCKgid1fMUbzOWrGyQ=
x-amz-request-id: CSJ3AB1EWSTFKE3A
last-modified: Wed, 23 Nov 2022 11:54:30 GMT
etag: "95ab9ef736bad3e8c038489841b11046"
content-encoding: gzip
x-amz-version-id: 5UEs0Joc7aPkJ2RyUIrdcrfoW6WzjP6F
cf-cache-status: HIT
age: 4133
expires: Thu, 24 Nov 2022 14:20:59 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f16a462cf11c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
adsbb.dfiles.eu/view.gif?c=2927&z=58&b=2708&u=637f4551ce68816398746312057888
91.226.124.76200 OK 43 B URL HTTP/1.1 adsbb.dfiles.eu/view.gif?c=2927&z=58&b=2708&u=637f4551ce68816398746312057888
IP 91.226.124.76:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /view.gif?c=2927&z=58&b=2708&u=637f4551ce68816398746312057888 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=470968d913cc183163a5671287ad394b; last_file=m5ubx6ty3; lang_current=en; _nf56=1; _nf60=1; _nf58=1; _nf7=1; u_count=%5B0%2C0%5D; MgidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22https%3A%2F%2Fdfiles.eu%2F%22%2C%22svsds%22%3A1%7D%2C%22C7998%22%3A%7B%22page%22%3A1%7D%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:20:59 GMT
Content-Type: image/gif
Content-Length: 43
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes
adsbb.dfiles.eu/view.gif?c=2964&z=60&b=2761&u=637f4551dbc0a9402659435518254
91.226.124.76200 OK 43 B URL HTTP/1.1 adsbb.dfiles.eu/view.gif?c=2964&z=60&b=2761&u=637f4551dbc0a9402659435518254
IP 91.226.124.76:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /view.gif?c=2964&z=60&b=2761&u=637f4551dbc0a9402659435518254 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2203/ad27612964f48cd2.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=470968d913cc183163a5671287ad394b; last_file=m5ubx6ty3; lang_current=en; _nf56=1; _nf60=1; _nf58=1; _nf7=1; u_count=%5B0%2C0%5D; MgidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22https%3A%2F%2Fdfiles.eu%2F%22%2C%22svsds%22%3A1%7D%2C%22C7998%22%3A%7B%22page%22%3A1%7D%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:20:59 GMT
Content-Type: image/gif
Content-Length: 43
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 235d4a6b5567bc38e62c098329f9c11d
33c3e5be6f9612c972c5cb8f5fe30849987db9e8
e191530e4c1e7f2d03ac1d79df95b63e520e826c642094b50641ca1429ecdf83
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6157
Cache-Control: max-age=159373
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:20:59 GMT
Etag: "637ef90b-117"
Expires: Sat, 26 Nov 2022 06:37:12 GMT
Last-Modified: Thu, 24 Nov 2022 04:54:35 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279
jsc.adskeeper.com/d/f/dfiles.eu.1285384.es6.js
172.64.151.192200 OK 82 kB URL HTTP/2 jsc.adskeeper.com/d/f/dfiles.eu.1285384.es6.js
IP 172.64.151.192:0
Hash ef21a25a70d2a4859c3627ffedc4d6b8
c55f33ec69e45c66d0b19a634ac888679234769e
32e1cb0a95e1b47ab2346de77b297aa8147d16ceb37fc9f6f10b84c876460f16
GET /d/f/dfiles.eu.1285384.es6.js HTTP/1.1
Host: jsc.adskeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:20:59 GMT
content-type: text/javascript
content-length: 80264
x-amz-id-2: hEUzUWbMsKN0IpF6+oIKeKE+HJ+1tb3mRYVbs1yJgtsa4fd+y771Fe23Zt4nHpTPcrx/oaZb9V0=
x-amz-request-id: 6ZBVM3XFJT57RBRZ
last-modified: Wed, 23 Nov 2022 11:54:30 GMT
etag: "7b23853632020af53cf8665dd2426c78"
content-encoding: gzip
x-amz-version-id: SZ9ufFHYgg8_Bwa07wjLn8Yk88Ghtumr
cf-cache-status: HIT
age: 5811
expires: Thu, 24 Nov 2022 14:20:59 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f16a468d451c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
adserver.adreactor.com/js/libcode3.js
46.166.179.123200 OK 7.7 kB URL HTTP/1.1 adserver.adreactor.com/js/libcode3.js
IP 46.166.179.123:0
ASN #43350 NForce Entertainment B.V.
File type HTML document text\012- C source, ASCII text, with very long lines (27061), with no line terminators
Hash 02a8b86bce420a8a54223b74fa0d265e
a92561d8f1c6a43e23b0301db815d1cfca1995c6
d58e205115e1054fe89459992256a3ac8264bf821550ccc60fb01623f9b91c41
GET /js/libcode3.js HTTP/1.1
Host: adserver.adreactor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:20:59 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=86400
Expires: Fri, 25 Nov 2022 10:20:58 GMT
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Tue, 15 Mar 2022 21:49:26 GMT
Content-Encoding: gzip
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 24600f454c979df83e391e049dda132f
aa15bd8078e9480d9495c15ca18f76a0c76a5869
e6b5ebb48600b4a2362bb5bb0bdb21da53f94109ba28c8e17b8138792482c81e
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: uid_id2=6eaead45-a0f5-4229-8c7d-209167b06c11:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:20:59 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dfiles.eu
access-control-allow-credentials: true
X-Firefox-Spdy: h2
cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=f6c43cb5-024f-4158-a34e-034f3e05bbb0
104.16.159.17200 OK 46 kB URL HTTP/2 cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=f6c43cb5-024f-4158-a34e-034f3e05bbb0
IP 104.16.159.17:0
File type ASCII text, with very long lines (64095)
Hash c34c8899445ac07dda6ffe0aa5282a01
4b6d2ceaa058b53f8caa363320d9028f9adc5461
c189cbe9f74583f2965cb43bdf4b37a2c2f09f530a69d9e072fe9b65974d83da
GET /Scripts/infinity.js.aspx?guid=f6c43cb5-024f-4158-a34e-034f3e05bbb0 HTTP/1.1
Host: cdn.engine.4dsply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:20:59 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=900
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
last-modified: Thu, 24 Nov 2022 10:13:06 GMT
cf-cache-status: HIT
expires: Thu, 24 Nov 2022 10:35:59 GMT
server: cloudflare
cf-ray: 76f16a44cdfd0b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
adserver.adreactor.com/servlet/view/banner/javascript/ajax/crossdomain/zone?zid=9&pid=8620&uuid=2a21537a216dc62b945f344cef460880&tagid=avp_1560248483863&viewable=true&txid=16638389&sver=1&pvid=45696171&resolution=728x91&random=96982515&millis=1669285259158&referrer=https%3A%2F%2Fadsbb.dfiles.eu%2Fupload%2F1906%2Fad2708292742b09a.htm%3Fcanp%3Dadv_73b411c406ca38ecadcf742fe6ade752
46.166.179.123200 OK 873 B URL HTTP/1.1 adserver.adreactor.com/servlet/view/banner/javascript/ajax/crossdomain/zone?zid=9&pid=8620&uuid=2a21537a216dc62b945f344cef460880&tagid=avp_1560248483863&viewable=true&txid=16638389&sver=1&pvid=45696171&resolution=728x91&random=96982515&millis=1669285259158&referrer=https%3A%2F%2Fadsbb.dfiles.eu%2Fupload%2F1906%2Fad2708292742b09a.htm%3Fcanp%3Dadv_73b411c406ca38ecadcf742fe6ade752
IP 46.166.179.123:0
ASN #43350 NForce Entertainment B.V.
File type ASCII text, with very long lines (1007)
Hash 68b31872ae2c3c17bdfbea089476d52e
c65451a17ee0fc23c6dd63d0798668ef400ff8c1
43e55e0931f22c6d8aaf4fcac68dafd7d6d5398fb49ebf010ecbe35eda6e4935
GET /servlet/view/banner/javascript/ajax/crossdomain/zone?zid=9&pid=8620&uuid=2a21537a216dc62b945f344cef460880&tagid=avp_1560248483863&viewable=true&txid=16638389&sver=1&pvid=45696171&resolution=728x91&random=96982515&millis=1669285259158&referrer=https%3A%2F%2Fadsbb.dfiles.eu%2Fupload%2F1906%2Fad2708292742b09a.htm%3Fcanp%3Dadv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adserver.adreactor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:20:59 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, no-store
Pragma: no-cache
Expires: Thu, 31 Dec 1998 11:59:59 GMT
X-Robots-Tag: none
P3P: CP="NOI DSP COR NID"
Set-Cookie: ADRUID=2a21537a216dc62b945f344cef460880; Expires=Fri, 24-Nov-2023 10:20:59 GMT; Path=/; Secure; HttpOnly; SameSite=None
Content-Encoding: gzip
reproductiontape.com/sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6
192.243.61.225200 OK 4.2 kB URL HTTP/1.1 reproductiontape.com/sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (6025), with no line terminators
Hash f2d4da6cb99acb0c6a483af7ca0b6692
f739bc15ac6ab7e2f1edeef1f05fc70d919e6f7e
2fa9ee632014797c1d0410e75ab51118845453c45e03c63da3ded008f5e35112
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6 HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 10:20:59 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://dfiles.eu
Access-Control-Allow-Origin: https://dfiles.eu
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16004719; expires=Fri, 25 Nov 2022 10:20:59 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 25 Nov 2022 10:20:59 GMT; secure; SameSite=None
uncs=1; expires=Fri, 25 Nov 2022 10:20:59 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 25 Nov 2022 10:20:59 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 25 Nov 2022 10:20:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1ea48c2d621ec7aeed5d7bbe25d06292
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 28b4644d01335d147b079931b07a3197
692ed0ef0eb45c7b0b251548cdcc6c1d4d6515ee
7f37d3fc749782eab88c31bef65694863af5b1d0dd9cc9ea167c5f76958cff2d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3015
Cache-Control: max-age=120947
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:20:59 GMT
Etag: "637e6f37-117"
Expires: Fri, 25 Nov 2022 19:56:46 GMT
Last-Modified: Wed, 23 Nov 2022 19:06:31 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 28b4644d01335d147b079931b07a3197
692ed0ef0eb45c7b0b251548cdcc6c1d4d6515ee
7f37d3fc749782eab88c31bef65694863af5b1d0dd9cc9ea167c5f76958cff2d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4803
Cache-Control: max-age=122734
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:20:59 GMT
Etag: "637e6f37-117"
Expires: Fri, 25 Nov 2022 20:26:33 GMT
Last-Modified: Wed, 23 Nov 2022 19:06:31 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
s-img.adskeeper.com/g/13780679/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8zMDIseV8yMDUvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDcvMTAxOTI0L2FmZjFiMzdkNzdjZDMxNzllODVhYmQ5OTkwY2IxNjJkLnBuZw.webp?v=1669285259-xJOB0qEIdrV2hUEUNqIOYSgbNS5I5sR4E4SEnnZ22Yk
104.18.36.64200 OK 25 kB URL HTTP/2 s-img.adskeeper.com/g/13780679/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8zMDIseV8yMDUvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDcvMTAxOTI0L2FmZjFiMzdkNzdjZDMxNzllODVhYmQ5OTkwY2IxNjJkLnBuZw.webp?v=1669285259-xJOB0qEIdrV2hUEUNqIOYSgbNS5I5sR4E4SEnnZ22Yk
IP 104.18.36.64:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x328, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 163ba60f52df64112b439eb81cf114f0
a2eaf3e47c054405114051ae85b3201167c6cf38
acd03026eeca6b3c97c48aced53b3261575ebead0ebb6d684b7cde718c814a19
GET /g/13780679/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8zMDIseV8yMDUvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDcvMTAxOTI0L2FmZjFiMzdkNzdjZDMxNzllODVhYmQ5OTkwY2IxNjJkLnBuZw.webp?v=1669285259-xJOB0qEIdrV2hUEUNqIOYSgbNS5I5sR4E4SEnnZ22Yk HTTP/1.1
Host: s-img.adskeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adsbb.dfiles.eu
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:20:59 GMT
content-type: image/webp
content-length: 24954
x-mg-request-uuid: 858e78fa-866e-4b56-a73a-8e20a903978b
access-control-allow-origin: *
last-modified: Thu, 11 Aug 2022 08:45:32 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 663682
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f16a488e77b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.adskeeper.com/g/4723157/492x328/45x0x674x449/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzEyNWZjYjY3NGI4NjkyM2Y0ZTYwYjM1ZmEzMDVmMWNiLmpwZWc.webp?v=1669285259-ff3D_ErLbqfXzH1duK9yrgGHD6kbgvrcxKKaWs1dyT0
104.18.36.64200 OK 20 kB URL HTTP/2 s-img.adskeeper.com/g/4723157/492x328/45x0x674x449/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzEyNWZjYjY3NGI4NjkyM2Y0ZTYwYjM1ZmEzMDVmMWNiLmpwZWc.webp?v=1669285259-ff3D_ErLbqfXzH1duK9yrgGHD6kbgvrcxKKaWs1dyT0
IP 104.18.36.64:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x328, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e8576bbdd77fc22e6f0a4125b86d76a9
dde3174d7985c132543eec3527e52e82e799a196
3e0bfe93cd8125b12374904819971276bfb9a56bbdf62bc23416edf42821af49
GET /g/4723157/492x328/45x0x674x449/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzEyNWZjYjY3NGI4NjkyM2Y0ZTYwYjM1ZmEzMDVmMWNiLmpwZWc.webp?v=1669285259-ff3D_ErLbqfXzH1duK9yrgGHD6kbgvrcxKKaWs1dyT0 HTTP/1.1
Host: s-img.adskeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adsbb.dfiles.eu
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:20:59 GMT
content-type: image/webp
content-length: 20476
x-mg-request-uuid: 70a7851a-b77f-4cc5-b8bb-4bed26e50849
access-control-allow-origin: *
last-modified: Wed, 10 Aug 2022 18:53:03 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 5769961
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f16a489e7bb51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.adskeeper.com/g/12068043/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAxLzEwMTkyNC84Y2E3MWQ4ZTNmODUxYzhlZmE3YjczNDJjOGIzZjc5MS5qcGc.webp?v=1669285259-sMxOaU6j-9dRnfxkTyZHjSfsXzI0jz7Tpy1ZUmzK8Z8
104.18.36.64200 OK 14 kB URL HTTP/2 s-img.adskeeper.com/g/12068043/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAxLzEwMTkyNC84Y2E3MWQ4ZTNmODUxYzhlZmE3YjczNDJjOGIzZjc5MS5qcGc.webp?v=1669285259-sMxOaU6j-9dRnfxkTyZHjSfsXzI0jz7Tpy1ZUmzK8Z8
IP 104.18.36.64:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x328, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9e8f285a0583b55e3b9843e9a791a9f8
99ab1350f86149423a1237fadadb574c2a04c90c
b3016afbd201aa039e4ac5ec49bcdc39de624b4d2a1b3e354cd01766e6a808ba
GET /g/12068043/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAxLzEwMTkyNC84Y2E3MWQ4ZTNmODUxYzhlZmE3YjczNDJjOGIzZjc5MS5qcGc.webp?v=1669285259-sMxOaU6j-9dRnfxkTyZHjSfsXzI0jz7Tpy1ZUmzK8Z8 HTTP/1.1
Host: s-img.adskeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adsbb.dfiles.eu
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:20:59 GMT
content-type: image/webp
content-length: 14100
x-mg-request-uuid: ed1179f2-be84-440e-9cfc-68fef264d31d
access-control-allow-origin: *
last-modified: Wed, 26 Jan 2022 14:13:03 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 5768830
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f16a489e89b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.adskeeper.com/g/14145911/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA5LzE3NTY4NS9jYWRkMjkyMWJiNDAyMzUwOWU1ZWU5MDQyZDBmYzMyMC5qcGc.webp?v=1669285259-5jztpURzf9gg_NiP-M3x9Oz4Ao1YBDtnKfTaEUhzFHc
104.18.36.64200 OK 20 kB URL HTTP/2 s-img.adskeeper.com/g/14145911/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA5LzE3NTY4NS9jYWRkMjkyMWJiNDAyMzUwOWU1ZWU5MDQyZDBmYzMyMC5qcGc.webp?v=1669285259-5jztpURzf9gg_NiP-M3x9Oz4Ao1YBDtnKfTaEUhzFHc
IP 104.18.36.64:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x328, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 378efecec9e80339c65f3c1aa0fd42b5
9214e74608d8ddd00e846e9083b254291212a45c
cf14422669f61787e18cc420f02a1687ccdeef6d1c6144595a4fe4db3d3efd07
GET /g/14145911/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA5LzE3NTY4NS9jYWRkMjkyMWJiNDAyMzUwOWU1ZWU5MDQyZDBmYzMyMC5qcGc.webp?v=1669285259-5jztpURzf9gg_NiP-M3x9Oz4Ao1YBDtnKfTaEUhzFHc HTTP/1.1
Host: s-img.adskeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adsbb.dfiles.eu
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:20:59 GMT
content-type: image/webp
content-length: 20394
x-mg-request-uuid: b3e2aedf-397c-47a0-ba50-328470607855
access-control-allow-origin: *
last-modified: Fri, 23 Sep 2022 09:18:09 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 5358711
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f16a48ae9ab51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11333
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 10:20:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11333
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 10:20:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11333
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 10:20:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11333
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 10:20:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11333
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 10:20:59 GMT
Connection: keep-alive
cm.steepto.com/i.js?&cbuster=1669285259029419602875
104.19.139.80200 OK 0 B URL HTTP/2 cm.steepto.com/i.js?&cbuster=1669285259029419602875
IP 104.19.139.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /i.js?&cbuster=1669285259029419602875 HTTP/1.1
Host: cm.steepto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:20:59 GMT
content-type: application/javascript
content-length: 0
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
last-modified: Thu, 24 Nov 2022 10:20:59 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f16a46eaadb4ff-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:06 GMT
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
age: 45233
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bda37a1-533d-48a6-bc76-7ecc9fe2dfc8.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bda37a1-533d-48a6-bc76-7ecc9fe2dfc8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eeac5ead5ce62f0d9e2d4bcefa946208
c2430d901f2b4e4a463e90c540294f334553a246
850a89160f840d7509806c5becd6b074a92613920474195f63d7e7a9cf18d908
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bda37a1-533d-48a6-bc76-7ecc9fe2dfc8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6426
x-amzn-requestid: 6f27f360-dd76-4aee-a9bc-cbd52cd80def
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvx8GtpIAMFvQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e933f-69fa8ba571cc62036406e6bf;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ow9srZWasko5f0TMk632PH2_NgfxBEwGPCXoRTp7gVxfDrP9st2opw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:03:45 GMT
age: 44234
etag: "c2430d901f2b4e4a463e90c540294f334553a246"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:14:07 GMT
age: 11212
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb020826f-fdb4-41cc-b94d-7a66bca91753.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb020826f-fdb4-41cc-b94d-7a66bca91753.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dd3f1be747f6b2f1c35afb01db67b792
a4373037b8b379939b1b099c3ef63f8792e67579
fdbd778a505e1928e9b5296b6150763c2dca9876ec0ef8f772e73ca386ab74d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb020826f-fdb4-41cc-b94d-7a66bca91753.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8441
x-amzn-requestid: c050c897-c6d4-44ef-93c2-cfbf32cd8bff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvClG-AoAMFwxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9210-039834877c2b792b5feb6819;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H31vJjvBF3eWF37DqfsaL-KxOnEHJS1JSmehtTYPhzjZjj-PIhm9pQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:43:25 GMT
age: 45454
etag: "a4373037b8b379939b1b099c3ef63f8792e67579"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3bafc39-a86e-44d4-9bf3-97302a57c669.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3bafc39-a86e-44d4-9bf3-97302a57c669.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b83dcf4ccde90ad94bb32da4fd35e524
ffd4d9f932aacc8ab123d1ab46c983a3f581d171
cf217cf355e7bea4410efd22e89f5a4de4d154153f587f7cad53533a3fcfe1c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3bafc39-a86e-44d4-9bf3-97302a57c669.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8306
x-amzn-requestid: 9506f26d-36cc-47a1-b6ac-b3f720e35981
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b_c81GrAoAMF-4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c751e-68e3f822732b60db1875d538;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 07:07:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mlPd4834QnARhwlWKaja4Gx5-F5fm7PFu3y5g0Gg42x4xREP2xFR2w==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:28:35 GMT
age: 10344
etag: "ffd4d9f932aacc8ab123d1ab46c983a3f581d171"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd52586ca-ed31-419d-866f-7a7d8c034cc2.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd52586ca-ed31-419d-866f-7a7d8c034cc2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcdebbc7d6d2f262afe69e6f2d97d58b
e62b4e08c2813f67fa0f466b4f66d5d4c609526f
decdfd76f2b382026f13ba2cd07fceae8a8964b4157c0f4dcef6bcd061817b61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd52586ca-ed31-419d-866f-7a7d8c034cc2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6404
x-amzn-requestid: 5a69edc8-b240-4c21-ba0d-dc175b8ff3b5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvY6HfnoAMFQag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5d2-4fd0613627b92d636337cbad;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IFITexwzwryUZMMwXj0ovSkRo4m3jhyjf4SqJWhXFv95wMfHqDDEGQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:11:58 GMT
age: 11341
etag: "e62b4e08c2813f67fa0f466b4f66d5d4c609526f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
s-img.adskeeper.com/g/14137412/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZl9naWYsZmxfbG9zc3ksZ19mYWNlczphdXRvLHdfNjgwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzEwMTkyNC9kYmQ4ZjEyZjFmMWM1MjY3ZjU4OGY1NTViN2E2NWE1YS5naWY.gif?v=1669285259-De6L4VidWwDh9ic6mU4WwNF6dqCJKOC2JBP9nGAmq_c
104.18.36.64200 OK 630 kB URL HTTP/2 s-img.adskeeper.com/g/14137412/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZl9naWYsZmxfbG9zc3ksZ19mYWNlczphdXRvLHdfNjgwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzEwMTkyNC9kYmQ4ZjEyZjFmMWM1MjY3ZjU4OGY1NTViN2E2NWE1YS5naWY.gif?v=1669285259-De6L4VidWwDh9ic6mU4WwNF6dqCJKOC2JBP9nGAmq_c
IP 104.18.36.64:0
File type GIF image data, version 89a, 492 x 328\012- data
Size 630 kB (629947 bytes)
Hash 2889808f0b2a07c6ea48cc442eb80226
584e8a20b0fb29ed74032b3b5621c064797dde65
8bff32984b1407de1b9abcf89fc96b2bf6fb77fda37885363e0a229549008a15
GET /g/14137412/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZl9naWYsZmxfbG9zc3ksZ19mYWNlczphdXRvLHdfNjgwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzEwMTkyNC9kYmQ4ZjEyZjFmMWM1MjY3ZjU4OGY1NTViN2E2NWE1YS5naWY.gif?v=1669285259-De6L4VidWwDh9ic6mU4WwNF6dqCJKOC2JBP9nGAmq_c HTTP/1.1
Host: s-img.adskeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adsbb.dfiles.eu
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:20:59 GMT
content-type: image/gif
content-length: 629947
x-mg-request-uuid: 6780ff25-78e8-4257-a4b9-9ab352256344
access-control-allow-origin: *
last-modified: Thu, 22 Sep 2022 09:59:04 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f16a489e86b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.steepto.com/g/14137447/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzEwMTkyNC83OWE2NmY2MzUyNGE2MTE0NzBjZjg3OTkzMWY1Mjg4MS5qcGVn.webp?v=1669285259-KUfco6NG-2U-l4rZZIE1_W8JdEyUWTDhxNTsntBG0vM
104.19.137.80200 OK 20 kB URL HTTP/2 s-img.steepto.com/g/14137447/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzEwMTkyNC83OWE2NmY2MzUyNGE2MTE0NzBjZjg3OTkzMWY1Mjg4MS5qcGVn.webp?v=1669285259-KUfco6NG-2U-l4rZZIE1_W8JdEyUWTDhxNTsntBG0vM
IP 104.19.137.80:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x328, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1fa2f290aa4e545a97bd0a6ae2dfc661
66f3435757b61412039701ac54511384501f729c
82cbea96c3ddb309c6a0f0cd5c2bcc10123427429522c9e62fd9b1299d1c3686
GET /g/14137447/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzEwMTkyNC83OWE2NmY2MzUyNGE2MTE0NzBjZjg3OTkzMWY1Mjg4MS5qcGVn.webp?v=1669285259-KUfco6NG-2U-l4rZZIE1_W8JdEyUWTDhxNTsntBG0vM HTTP/1.1
Host: s-img.steepto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adsbb.dfiles.eu
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:20:59 GMT
content-type: image/webp
content-length: 19674
x-mg-request-uuid: f10c087a-8f39-44d9-bf47-f0b80b1e3e6e
access-control-allow-origin: *
last-modified: Thu, 22 Sep 2022 09:59:45 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f16a46dfabb512-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0f1c45518b9bf016e4d08d82627299df
a5952aa6dc61ba3bd4e6149b81a9772034f0ce17
7c7b7487eaeb36381e21338f2192c9c53f2cb7621f536aebebf9472d9e29690b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C7B7487EAEB36381E21338F2192C9C53F2CB7621F536AEBEBF9472D9E29690B"
Last-Modified: Thu, 24 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18561
Expires: Thu, 24 Nov 2022 15:30:20 GMT
Date: Thu, 24 Nov 2022 10:20:59 GMT
Connection: keep-alive
s-img.steepto.com/g/12068046/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEyLzEwMTkyNC80Yzg4MzcyMjhkYTBkMTdlMTkxMTYzMzZiM2Q2MDk2OC5qcGVn.webp?v=1669285259-R4qc4vtBaj7OvOaDSfIM8FdegnIgeeoIe4TZuRL2jSQ
104.19.137.80200 OK 35 kB URL HTTP/2 s-img.steepto.com/g/12068046/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEyLzEwMTkyNC80Yzg4MzcyMjhkYTBkMTdlMTkxMTYzMzZiM2Q2MDk2OC5qcGVn.webp?v=1669285259-R4qc4vtBaj7OvOaDSfIM8FdegnIgeeoIe4TZuRL2jSQ
IP 104.19.137.80:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x328, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1bf156cd0e08e794229c07ff6bafd649
0cc8a1b448fe3303e884c187bf32e84c49d4c425
a3b613abd6808d675ab729708ab69379201ea3dc96945f561449ba01f94a30c3
GET /g/12068046/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEyLzEwMTkyNC80Yzg4MzcyMjhkYTBkMTdlMTkxMTYzMzZiM2Q2MDk2OC5qcGVn.webp?v=1669285259-R4qc4vtBaj7OvOaDSfIM8FdegnIgeeoIe4TZuRL2jSQ HTTP/1.1
Host: s-img.steepto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adsbb.dfiles.eu
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:20:59 GMT
content-type: image/webp
content-length: 34794
x-mg-request-uuid: d8ec7441-39e5-4d6e-ad07-499e27560b7d
access-control-allow-origin: *
last-modified: Wed, 26 Jan 2022 14:13:19 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f16a46efccb512-OSL
X-Firefox-Spdy: h2
s-img.steepto.com/g/13054672/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8yMTkseV8zNTIvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDUvMTAxOTI0L2Y1OWQzOTUwYzJjN2NkZTBmMTU1NjEzNzAyOWU4YWU3LmpwZWc.webp?v=1669285259-oaMxb14QR1RCeKssgIDrvUYfIXlpdtf1jiuxSvfF4mM
104.19.137.80200 OK 15 kB URL HTTP/2 s-img.steepto.com/g/13054672/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8yMTkseV8zNTIvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDUvMTAxOTI0L2Y1OWQzOTUwYzJjN2NkZTBmMTU1NjEzNzAyOWU4YWU3LmpwZWc.webp?v=1669285259-oaMxb14QR1RCeKssgIDrvUYfIXlpdtf1jiuxSvfF4mM
IP 104.19.137.80:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x328, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8af4124172dfe7d549bd234de701e87b
2b9b6043484160dff2927b45c631d08b345567c8
6e1cac0e6e9de5a3ed3b929d044ab1e90362a9685dc515ab3af20195e4af0582
GET /g/13054672/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8yMTkseV8zNTIvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDUvMTAxOTI0L2Y1OWQzOTUwYzJjN2NkZTBmMTU1NjEzNzAyOWU4YWU3LmpwZWc.webp?v=1669285259-oaMxb14QR1RCeKssgIDrvUYfIXlpdtf1jiuxSvfF4mM HTTP/1.1
Host: s-img.steepto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adsbb.dfiles.eu
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:20:59 GMT
content-type: image/webp
content-length: 15386
x-mg-request-uuid: 5721bc41-f87e-4ca0-b082-ebcf20901f45
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 11:43:56 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f16a46efd2b512-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 91c6c434875d47a6603aa23872aecb88
8d39ae2ebc2e8ff80e483bef2b39648106a8f333
51ff29569a25c573b02fdaa2b407d7fa85ad2211c10a63ff7beeba0d0db3e724
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5757
Cache-Control: max-age=100323
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:20:59 GMT
Etag: "637e13f1-116"
Expires: Fri, 25 Nov 2022 14:13:02 GMT
Last-Modified: Wed, 23 Nov 2022 12:37:05 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
cm.steepto.com/i-noref.js?cbuster=1669285259346830566132
104.19.139.80200 OK 0 B URL HTTP/2 cm.steepto.com/i-noref.js?cbuster=1669285259346830566132
IP 104.19.139.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /i-noref.js?cbuster=1669285259346830566132 HTTP/1.1
Host: cm.steepto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:20:59 GMT
content-type: application/javascript
content-length: 0
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
last-modified: Thu, 24 Nov 2022 10:20:59 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f16a489cfab4ff-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb8b30104614b68e993911489ec4568c
b2e8f82e3a3381c5b6a688e60f61dfc38b210703
0d52f8b93ac04331e151aa863116f9210020b2945a3b4e80815e124b004d401e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D52F8B93AC04331E151AA863116F9210020B2945A3B4E80815E124B004D401E"
Last-Modified: Mon, 21 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7847
Expires: Thu, 24 Nov 2022 12:31:47 GMT
Date: Thu, 24 Nov 2022 10:21:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb8b30104614b68e993911489ec4568c
b2e8f82e3a3381c5b6a688e60f61dfc38b210703
0d52f8b93ac04331e151aa863116f9210020b2945a3b4e80815e124b004d401e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D52F8B93AC04331E151AA863116F9210020B2945A3B4E80815E124B004D401E"
Last-Modified: Mon, 21 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7847
Expires: Thu, 24 Nov 2022 12:31:47 GMT
Date: Thu, 24 Nov 2022 10:21:00 GMT
Connection: keep-alive
cdn.id5-sync.com/api/1.0/id5-api.js
104.22.53.86200 OK 17 kB URL HTTP/2 cdn.id5-sync.com/api/1.0/id5-api.js
IP 104.22.53.86:0
Hash 1d99ad37669e649923f822cc4c6b5ccc
81e12cc552bcf4feaa54279668c14478366c3a73
50accf3007ce8bd7d862a99c50c16e0895aa7b9d4f6a9ddc181ba00fec0a7a5b
GET /api/1.0/id5-api.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:20:59 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: QST14IlFAkOMoTfYKDtIoMKM51mK/zhdBwiuM7PzCbMuItH/3SKFbfqhtNaav3zUgxc8ig3+8ww=
x-amz-request-id: 1DZZWHRSTZJYY0F3
last-modified: Tue, 22 Nov 2022 12:59:45 GMT
etag: W/"1f56b56c871eb9078b183d4922cb0a43"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 530
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 76f16a4a7f56b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
lbs.eu-1-id5-sync.com/lbs/v1
141.95.98.65200 OK 34 B URL HTTP/1.1 lbs.eu-1-id5-sync.com/lbs/v1
IP 141.95.98.65:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 73789064efcb1cfc8c2af1112307be40
272dcf7fb32e9ce1b0ca5ddf27a0ad61e9e7ce55
25ae49f1bf5942a2faf39de7f081d125e17b80ab41d6567c47f7bba4d443f19c
GET /lbs/v1 HTTP/1.1
Host: lbs.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://adsbb.dfiles.eu
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Thu, 24 Nov 2022 10:21:00 GMT
access-control-allow-origin: https://adsbb.dfiles.eu
vary: Origin
content-type: application/json
content-length: 34
strict-transport-security: max-age=63072000; includeSubDomains; preload
integrityprinciplesthorough.com/pixel/purst?dl=0&th=0&sc=0&rs=2331&rd=2331&fd=835&bv=22.10.v.10&tmpl=136
192.243.59.12200 OK 0 B URL HTTP/1.1 integrityprinciplesthorough.com/pixel/purst?dl=0&th=0&sc=0&rs=2331&rd=2331&fd=835&bv=22.10.v.10&tmpl=136
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2331&rd=2331&fd=835&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 24 Nov 2022 10:21:00 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
s-img.adskeeper.com/g/13054670/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZl9naWYsZmxfbG9zc3ksZ194eV9jZW50ZXIsd182ODAseF8yOTgseV8xMTIvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDUvMTAxOTI0L2QwMDc3Nzk1MzQwNTQyNTQ1Mjc4Mjc3NGY5NGUxZjVkLmdpZg.gif?v=1669285259-R_A2eTDBeqIuBTxUSdbOOp8HHtLKUpGBnoi-Qh56DkI
104.18.36.64200 OK 2.8 MB URL HTTP/2 s-img.adskeeper.com/g/13054670/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZl9naWYsZmxfbG9zc3ksZ194eV9jZW50ZXIsd182ODAseF8yOTgseV8xMTIvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDUvMTAxOTI0L2QwMDc3Nzk1MzQwNTQyNTQ1Mjc4Mjc3NGY5NGUxZjVkLmdpZg.gif?v=1669285259-R_A2eTDBeqIuBTxUSdbOOp8HHtLKUpGBnoi-Qh56DkI
IP 104.18.36.64:0
File type GIF image data, version 89a, 492 x 328\012- data
Size 2.8 MB (2830640 bytes)
Hash 0bb8ee78febc8f7b0463c75469b05cdd
09a548041773a837b8afe0ac9cdd1abd612a8c2d
897a11e8627f68c0ccf9d079970bee2405866dad03f078a413876012996b4f5b
GET /g/13054670/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZl9naWYsZmxfbG9zc3ksZ194eV9jZW50ZXIsd182ODAseF8yOTgseV8xMTIvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDUvMTAxOTI0L2QwMDc3Nzk1MzQwNTQyNTQ1Mjc4Mjc3NGY5NGUxZjVkLmdpZg.gif?v=1669285259-R_A2eTDBeqIuBTxUSdbOOp8HHtLKUpGBnoi-Qh56DkI HTTP/1.1
Host: s-img.adskeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adsbb.dfiles.eu
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:20:59 GMT
content-type: image/gif
content-length: 2830640
x-mg-request-uuid: 7fcd7a68-0741-4be9-b38f-dd206f147770
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 11:32:59 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f16a48ae92b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ads.a-static.com/0/html/pd/allsize.html?w=728&h=90&ct=http%3A%2F%2Fadserver.adreactor.com%2Fclkz%3Fzid%3D9%26cid%3D21329%26mid%3D13692%26pid%3D8620%26sid%3D19%26uuid%3D2a21537a216dc62b945f344cef460880%26ip%3D91.90.42.154%26default%3Dfalse%26random%3D96982515%26timestamp%3D20221124052058%26test%3Dfalse%26resolution%3D728x91%26referrer%3Dhttps%253A%252F%252Fadsbb.dfiles.eu%252Fupload%252F1906%252Fad2708292742b09a.htm%253Fcanp%253Dadv_73b411c406ca38ecadcf742fe6ade752%26redirect%3D&rurl=https%3A%2F%2Fbouledstre.biz%2Fredirect%3Ftid%3D834109%26subid%3Db-8620%26puid%3D2a21537a216dc62b945f344cef460880-13692&g=NO&b=Firefox&bd=0&b1t=SHARE&b2t=DOWNLOAD&b1tc=ffffff&b2tc=000000&b1bc=f90606&b2bc=1ad31d
46.166.179.115200 OK 1.4 kB URL HTTP/2 ads.a-static.com/0/html/pd/allsize.html?w=728&h=90&ct=http%3A%2F%2Fadserver.adreactor.com%2Fclkz%3Fzid%3D9%26cid%3D21329%26mid%3D13692%26pid%3D8620%26sid%3D19%26uuid%3D2a21537a216dc62b945f344cef460880%26ip%3D91.90.42.154%26default%3Dfalse%26random%3D96982515%26timestamp%3D20221124052058%26test%3Dfalse%26resolution%3D728x91%26referrer%3Dhttps%253A%252F%252Fadsbb.dfiles.eu%252Fupload%252F1906%252Fad2708292742b09a.htm%253Fcanp%253Dadv_73b411c406ca38ecadcf742fe6ade752%26redirect%3D&rurl=https%3A%2F%2Fbouledstre.biz%2Fredirect%3Ftid%3D834109%26subid%3Db-8620%26puid%3D2a21537a216dc62b945f344cef460880-13692&g=NO&b=Firefox&bd=0&b1t=SHARE&b2t=DOWNLOAD&b1tc=ffffff&b2tc=000000&b1bc=f90606&b2bc=1ad31d
IP 46.166.179.115:0
ASN #43350 NForce Entertainment B.V.
Hash 726f5df1a9919e6aa8c14f0ec1db298e
760a9b6c536e8ecdfa01eaf79a5de2e1ce6d006f
f470948b081376944ac0460f201868e6d6097692240af7e58097b549efba0b78
GET /0/html/pd/allsize.html?w=728&h=90&ct=http%3A%2F%2Fadserver.adreactor.com%2Fclkz%3Fzid%3D9%26cid%3D21329%26mid%3D13692%26pid%3D8620%26sid%3D19%26uuid%3D2a21537a216dc62b945f344cef460880%26ip%3D91.90.42.154%26default%3Dfalse%26random%3D96982515%26timestamp%3D20221124052058%26test%3Dfalse%26resolution%3D728x91%26referrer%3Dhttps%253A%252F%252Fadsbb.dfiles.eu%252Fupload%252F1906%252Fad2708292742b09a.htm%253Fcanp%253Dadv_73b411c406ca38ecadcf742fe6ade752%26redirect%3D&rurl=https%3A%2F%2Fbouledstre.biz%2Fredirect%3Ftid%3D834109%26subid%3Db-8620%26puid%3D2a21537a216dc62b945f344cef460880-13692&g=NO&b=Firefox&bd=0&b1t=SHARE&b2t=DOWNLOAD&b1tc=ffffff&b2tc=000000&b1bc=f90606&b2bc=1ad31d HTTP/1.1
Host: ads.a-static.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 10:20:59 GMT
content-type: text/html
last-modified: Thu, 09 Jul 2020 13:20:22 GMT
etag: W/"5f071996-11e2"
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 379d96d3ef633b1f24a2646a99c494ff
eff0788396634e00cb3f885f24f5fc87b944453d
22326c8bba75b94e2709a38e3dc2e6684feb522dec8b80ac9b39d4761d70a325
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22326C8BBA75B94E2709A38E3DC2E6684FEB522DEC8B80AC9B39D4761D70A325"
Last-Modified: Mon, 21 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2332
Expires: Thu, 24 Nov 2022 10:59:52 GMT
Date: Thu, 24 Nov 2022 10:21:00 GMT
Connection: keep-alive
id5-sync.com/g/v2/231.json
162.19.138.118200 216 B URL HTTP/1.1 id5-sync.com/g/v2/231.json
IP 162.19.138.118:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 65cb1fba996312bdef831db2a9e0559a
ff7e19df6a21130a83ffb69cf82054a69548f3cd
11d151a20854e752439bf7583571f5bd89f2b8cc2b19d343025a23408ff5ff87
POST /g/v2/231.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 433
Origin: https://adsbb.dfiles.eu
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://adsbb.dfiles.eu
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Thu, 24 Nov 2022 10:20:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5f16216ef280e02761549a6209a825ac
eaa152e743a8fa110b3a3294b6bd1e80ccc921f0
f86f3c354d4d397bb6b37510e983640373f0701862f93a84f7bcaf7c86f6f2e2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F86F3C354D4D397BB6B37510E983640373F0701862F93A84F7BCAF7C86F6F2E2"
Last-Modified: Wed, 23 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9541
Expires: Thu, 24 Nov 2022 13:00:01 GMT
Date: Thu, 24 Nov 2022 10:21:00 GMT
Connection: keep-alive
623eec0df3.23182b9851.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI2MTg2OTg3ODQ4MDY0OTQ4MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTcuMiIsInRhZ19pZCI6NDY0NDUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MS45LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJEZXBvc2l0RmlsZXMlMkNEZXBvc2l0RmlsZXMlMkNwcm92aWRlcyUyQ3lvdSUyQ3dpdGglMkNhJTJDbGVnaXRpbWF0ZSUyQ3RlY2huaWNhbCUyQ3NvbHV0aW9uJTJDd2hpY2glMkNlbmFibGVzJTJDeW91JTJDdG8lMkN1cGxvYWQlMkNzdG9yZSUyQ2FjY2VzcyUyQ2FuZCUyQ2Rvd25sb2FkJTJDdGV4dCUyQ3NvZnR3YXJlJTJDJTJDc2NyaXB0cyUyQ2ltYWdlcyUyQ3NvdW5kcyUyQ3ZpZGVvcyUyQ2FuaW1hdGlvbnMlMkNhbmQlMkNhbnklMkNvdGhlciUyQ21hdGVyaWFscyUyQ2luJTJDZm9ybSUyQ29mJTJDb25lJTJDb3IlMkNzZXZlcmFsJTJDZWxlY3Ryb25pYyUyQ2ZpbGVzLiUyMCJ9
45.133.44.25200 OK 0 B URL HTTP/2 623eec0df3.23182b9851.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI2MTg2OTg3ODQ4MDY0OTQ4MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTcuMiIsInRhZ19pZCI6NDY0NDUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MS45LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJEZXBvc2l0RmlsZXMlMkNEZXBvc2l0RmlsZXMlMkNwcm92aWRlcyUyQ3lvdSUyQ3dpdGglMkNhJTJDbGVnaXRpbWF0ZSUyQ3RlY2huaWNhbCUyQ3NvbHV0aW9uJTJDd2hpY2glMkNlbmFibGVzJTJDeW91JTJDdG8lMkN1cGxvYWQlMkNzdG9yZSUyQ2FjY2VzcyUyQ2FuZCUyQ2Rvd25sb2FkJTJDdGV4dCUyQ3NvZnR3YXJlJTJDJTJDc2NyaXB0cyUyQ2ltYWdlcyUyQ3NvdW5kcyUyQ3ZpZGVvcyUyQ2FuaW1hdGlvbnMlMkNhbmQlMkNhbnklMkNvdGhlciUyQ21hdGVyaWFscyUyQ2luJTJDZm9ybSUyQ29mJTJDb25lJTJDb3IlMkNzZXZlcmFsJTJDZWxlY3Ryb25pYyUyQ2ZpbGVzLiUyMCJ9
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI2MTg2OTg3ODQ4MDY0OTQ4MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTcuMiIsInRhZ19pZCI6NDY0NDUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MS45LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJEZXBvc2l0RmlsZXMlMkNEZXBvc2l0RmlsZXMlMkNwcm92aWRlcyUyQ3lvdSUyQ3dpdGglMkNhJTJDbGVnaXRpbWF0ZSUyQ3RlY2huaWNhbCUyQ3NvbHV0aW9uJTJDd2hpY2glMkNlbmFibGVzJTJDeW91JTJDdG8lMkN1cGxvYWQlMkNzdG9yZSUyQ2FjY2VzcyUyQ2FuZCUyQ2Rvd25sb2FkJTJDdGV4dCUyQ3NvZnR3YXJlJTJDJTJDc2NyaXB0cyUyQ2ltYWdlcyUyQ3NvdW5kcyUyQ3ZpZGVvcyUyQ2FuaW1hdGlvbnMlMkNhbmQlMkNhbnklMkNvdGhlciUyQ21hdGVyaWFscyUyQ2luJTJDZm9ybSUyQ29mJTJDb25lJTJDb3IlMkNzZXZlcmFsJTJDZWxlY3Ryb25pYyUyQ2ZpbGVzLiUyMCJ9 HTTP/1.1
Host: 623eec0df3.23182b9851.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:21:00 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
integrityprinciplesthorough.com/pixel/pure
192.243.59.12204 No Content 0 B URL HTTP/1.1 integrityprinciplesthorough.com/pixel/pure
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
OPTIONS /pixel/pure HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.17.6
Date: Thu, 24 Nov 2022 10:21:00 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0
reproductiontape.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3o2X1cuqF0Fljgoy6Z6fGXNYjLuRaEzi7mrAW%2F3qSTnVXU1V9%2FQkCAYXZEGE8aTHzptkg7rI7h8gSMeLBISMB8nBeBPvyp5lJgOjH3R%2F79X7Du99VZ8dZBfER0bPt941e0prutis%2BpVXtlUsTO4qG3crgV%2F1lyvbKm41liuDyc%2F2Xw%2F8ZtV%2FtfKW5D2zWPMD3w%2F8oLKqrAzNYHGqQiUPO0G141cbtWrQbGBg%2F89d5sFRD6J%2FQZ6FEuOndn5%2BDMVLxNGjm9L1UpO8divKNE2NRV8cvx%2F3YpPHiOYwtB7C%2BHg2DePGhHx9BSY%2BniWA6R9OEoCpMfF%2BC8Di45lNsP7RpVOmIWMw8TTyfgmpSyhagpt7UOKMAFxgYxNx9GDD2JzuXqp0oo7JwpO%2FofIxWfj9ecTR9ytaDSp3jM5SZWKHQVhADUqobokkO0G650HlJ%2BDpp1DiF7L4ZB1xdLjptIESxTS9UiVUWELLIajzkE0%2B5SELPWSJh0icV2izE%2Fp%2BO2Rhvb7U4JzX65w3l1qiKeqNpdBHxif2hkiTIbgegtt9JHYfPTWEzX6E2ynghAeXjon33j76okAuCXJHkFOCXBHkKUHeL46EdjVXPBDaZSyY9dqs14uRSbsH9MikXRmTg%2BSCXJ%2Fu5Z%2BWQU%2BeV2q1BhUNGjRYgwVNHrRrrTBs%2B03JW%2B2apC04VUC5K9Ooe%2BrsuQSJOnvmRTB6AqdPwNV10Owl0HzUrvmgO6PGko%2B9%2BJGQiXEqDZWWrspNBGEKJOkC0l3vQF%2BQF6Y%2BOn9eg%2BSnN776YvOPZfEhuC2Q2AIfqZ8Iuvr%2B6LbJyeFtkzvyeDNJVaT26OTu7qQ0lVe%2FfUfu5saKtZtu%2BM0bfCJM4MO70qXrNBYq7jry3YoSQtpVY7kkP6y5bcm2Mrezktk4S9a33lxdixIrnVMmLkHV2Qcfg6sxuWZ701f58l9vQ9kSNisQZadkVlCmBE%2F24ZK5e2cIrJ7PsMRDnhUjW2PzQ60ItJxzygq4%2F3A2xwfuPrrWA03vIY4K9G2Bvi5A9RAuuzpKE3t649f6tMC0N2LaeodMW%2F3l5WqdOq%2FIZuiH0q9JFnZY2Ka%2B6ISNDqOdQLZZkwZI3Zh%2FcuvzfwEAAP%2F%2FAQAA%2F%2F8d%2FjVWbQQAAA%3D%3D
192.243.61.225200 OK 7 B URL HTTP/1.1 reproductiontape.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3o2X1cuqF0Fljgoy6Z6fGXNYjLuRaEzi7mrAW%2F3qSTnVXU1V9%2FQkCAYXZEGE8aTHzptkg7rI7h8gSMeLBISMB8nBeBPvyp5lJgOjH3R%2F79X7Du99VZ8dZBfER0bPt941e0prutis%2BpVXtlUsTO4qG3crgV%2F1lyvbKm41liuDyc%2F2Xw%2F8ZtV%2FtfKW5D2zWPMD3w%2F8oLKqrAzNYHGqQiUPO0G141cbtWrQbGBg%2F89d5sFRD6J%2FQZ6FEuOndn5%2BDMVLxNGjm9L1UpO8divKNE2NRV8cvx%2F3YpPHiOYwtB7C%2BHg2DePGhHx9BSY%2BniWA6R9OEoCpMfF%2BC8Di45lNsP7RpVOmIWMw8TTyfgmpSyhagpt7UOKMAFxgYxNx9GDD2JzuXqp0oo7JwpO%2FofIxWfj9ecTR9ytaDSp3jM5SZWKHQVhADUqobokkO0G650HlJ%2BDpp1DiF7L4ZB1xdLjptIESxTS9UiVUWELLIajzkE0%2B5SELPWSJh0icV2izE%2Fp%2BO2Rhvb7U4JzX65w3l1qiKeqNpdBHxif2hkiTIbgegtt9JHYfPTWEzX6E2ynghAeXjon33j76okAuCXJHkFOCXBHkKUHeL46EdjVXPBDaZSyY9dqs14uRSbsH9MikXRmTg%2BSCXJ%2Fu5Z%2BWQU%2BeV2q1BhUNGjRYgwVNHrRrrTBs%2B03JW%2B2apC04VUC5K9Ooe%2BrsuQSJOnvmRTB6AqdPwNV10Owl0HzUrvmgO6PGko%2B9%2BJGQiXEqDZWWrspNBGEKJOkC0l3vQF%2BQF6Y%2BOn9eg%2BSnN776YvOPZfEhuC2Q2AIfqZ8Iuvr%2B6LbJyeFtkzvyeDNJVaT26OTu7qQ0lVe%2FfUfu5saKtZtu%2BM0bfCJM4MO70qXrNBYq7jry3YoSQtpVY7kkP6y5bcm2Mrezktk4S9a33lxdixIrnVMmLkHV2Qcfg6sxuWZ701f58l9vQ9kSNisQZadkVlCmBE%2F24ZK5e2cIrJ7PsMRDnhUjW2PzQ60ItJxzygq4%2F3A2xwfuPrrWA03vIY4K9G2Bvi5A9RAuuzpKE3t649f6tMC0N2LaeodMW%2F3l5WqdOq%2FIZuiH0q9JFnZY2Ka%2B6ISNDqOdQLZZkwZI3Zh%2FcuvzfwEAAP%2F%2FAQAA%2F%2F8d%2FjVWbQQAAA%3D%3D
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3o2X1cuqF0Fljgoy6Z6fGXNYjLuRaEzi7mrAW%2F3qSTnVXU1V9%2FQkCAYXZEGE8aTHzptkg7rI7h8gSMeLBISMB8nBeBPvyp5lJgOjH3R%2F79X7Du99VZ8dZBfER0bPt941e0prutis%2BpVXtlUsTO4qG3crgV%2F1lyvbKm41liuDyc%2F2Xw%2F8ZtV%2FtfKW5D2zWPMD3w%2F8oLKqrAzNYHGqQiUPO0G141cbtWrQbGBg%2F89d5sFRD6J%2FQZ6FEuOndn5%2BDMVLxNGjm9L1UpO8divKNE2NRV8cvx%2F3YpPHiOYwtB7C%2BHg2DePGhHx9BSY%2BniWA6R9OEoCpMfF%2BC8Di45lNsP7RpVOmIWMw8TTyfgmpSyhagpt7UOKMAFxgYxNx9GDD2JzuXqp0oo7JwpO%2FofIxWfj9ecTR9ytaDSp3jM5SZWKHQVhADUqobokkO0G650HlJ%2BDpp1DiF7L4ZB1xdLjptIESxTS9UiVUWELLIajzkE0%2B5SELPWSJh0icV2izE%2Fp%2BO2Rhvb7U4JzX65w3l1qiKeqNpdBHxif2hkiTIbgegtt9JHYfPTWEzX6E2ynghAeXjon33j76okAuCXJHkFOCXBHkKUHeL46EdjVXPBDaZSyY9dqs14uRSbsH9MikXRmTg%2BSCXJ%2Fu5Z%2BWQU%2BeV2q1BhUNGjRYgwVNHrRrrTBs%2B03JW%2B2apC04VUC5K9Ooe%2BrsuQSJOnvmRTB6AqdPwNV10Owl0HzUrvmgO6PGko%2B9%2BJGQiXEqDZWWrspNBGEKJOkC0l3vQF%2BQF6Y%2BOn9eg%2BSnN776YvOPZfEhuC2Q2AIfqZ8Iuvr%2B6LbJyeFtkzvyeDNJVaT26OTu7qQ0lVe%2FfUfu5saKtZtu%2BM0bfCJM4MO70qXrNBYq7jry3YoSQtpVY7kkP6y5bcm2Mrezktk4S9a33lxdixIrnVMmLkHV2Qcfg6sxuWZ701f58l9vQ9kSNisQZadkVlCmBE%2F24ZK5e2cIrJ7PsMRDnhUjW2PzQ60ItJxzygq4%2F3A2xwfuPrrWA03vIY4K9G2Bvi5A9RAuuzpKE3t649f6tMC0N2LaeodMW%2F3l5WqdOq%2FIZuiH0q9JFnZY2Ka%2B6ISNDqOdQLZZkwZI3Zh%2FcuvzfwEAAP%2F%2FAQAA%2F%2F8d%2FjVWbQQAAA%3D%3D HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 10:21:00 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 69e7521dba15db13ede9e11701922522
Strict-Transport-Security: max-age=0; includeSubdomains
integrityprinciplesthorough.com/pixel/pure
192.243.59.12204 No Content 0 B URL HTTP/1.1 integrityprinciplesthorough.com/pixel/pure
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
OPTIONS /pixel/pure HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.17.6
Date: Thu, 24 Nov 2022 10:21:00 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c93cdab3e4ac65eded497aa15abaeb85
6974350059cf7fd2fe5d076ca73d73a30b11b6b4
b68d3866af52020f11257f5261b671c862194bf0f2044e198ac045b76d415c40
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B68D3866AF52020F11257F5261B671C862194BF0F2044E198AC045B76D415C40"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7678
Expires: Thu, 24 Nov 2022 12:28:58 GMT
Date: Thu, 24 Nov 2022 10:21:00 GMT
Connection: keep-alive
integrityprinciplesthorough.com/pixel/pure
192.243.59.12200 OK 0 B URL HTTP/1.1 integrityprinciplesthorough.com/pixel/pure
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
POST /pixel/pure HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 75
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 24 Nov 2022 10:21:00 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
integrityprinciplesthorough.com/pixel/pure
192.243.59.12200 OK 0 B URL HTTP/1.1 integrityprinciplesthorough.com/pixel/pure
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
POST /pixel/pure HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 75
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 24 Nov 2022 10:21:00 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ee351efa307041ba0081a0dcb5c04b60
ce855fa3b56ee6b55438cbe3bd44f52753dc90f2
1e909796a7ff60ebf333f3c36e7e80a09cbcc88292b397754484a0af3676651a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E909796A7FF60EBF333F3C36E7E80A09CBCC88292B397754484A0AF3676651A"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7837
Expires: Thu, 24 Nov 2022 12:31:37 GMT
Date: Thu, 24 Nov 2022 10:21:00 GMT
Connection: keep-alive
fp.metricswpsh.com/fp?tag_id=46445
157.90.84.242204 No Content 0 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=46445
IP 157.90.84.242:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=46445 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Thu, 24 Nov 2022 10:21:00 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://dfiles.eu
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
js.wpshsdk.com/npc/sdk/wp-banners.js
45.133.44.24200 OK 2.1 kB URL HTTP/2 js.wpshsdk.com/npc/sdk/wp-banners.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
File type gzip compressed data, from Unix\012- data
Hash bda969b8232727da38a1bbd3d71567ea
a13035bbbd3e1c246773512c0dffc1e50b6fa6ed
194d77e862b09b0ffcf6d17cea6cb6397fa87d870453a5ede6e77f5a4b88fbd6
GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:21:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Thu, 24 Nov 2022 10:26:00 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0eae74238d1c9828cd086271241b5e66
4cdd2c9e819b5c71d1d3e4836063a7a9f89ccf15
4884107002b9840725b58cd3ff13215471bdcd8c2a1029c3eeadd16abe4d91d2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "4884107002B9840725B58CD3FF13215471BDCD8C2A1029C3EEADD16ABE4D91D2"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8056
Expires: Thu, 24 Nov 2022 12:35:17 GMT
Date: Thu, 24 Nov 2022 10:21:01 GMT
Connection: keep-alive
fp.metricswpsh.com/fp?tag_id=46445
157.90.84.242200 OK 28 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=46445
IP 157.90.84.242:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text
Hash e3af49472d683a217237a6ebaf79bcb7
378db4d7e6171a2676ee15c80b4475d7f5ec9742
7714898d715fb8b1ce7a1de73e0e7c9f6394acc8a08cf1a3b342a7829d4de84a
POST /fp?tag_id=46445 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22285
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 24 Nov 2022 10:21:01 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 28
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://dfiles.eu
Set-Cookie: id=13072036793980624199; Expires=Fri, 24 Nov 2023 10:21:01 GMT; Secure; SameSite=None
Vary: Origin
reproductiontape.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fe1%2F6f%2Fbb%2Fe16fbbe9f31c82c23d1d57f9726b5fc7%2F1654616215.html&l=1038&fd=407
192.243.61.225200 OK 0 B URL HTTP/1.1 reproductiontape.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fe1%2F6f%2Fbb%2Fe16fbbe9f31c82c23d1d57f9726b5fc7%2F1654616215.html&l=1038&fd=407
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fe1%2F6f%2Fbb%2Fe16fbbe9f31c82c23d1d57f9726b5fc7%2F1654616215.html&l=1038&fd=407 HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 10:21:01 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
dfiles.eu/ps/QW13h0.js
91.226.124.76200 OK 48 B IP 91.226.124.76:0
Hash b215ecc0d708a2fb5464f5e8d65d2d4e
d8c0da4fd6cd8c2a3b36cb6a7d21ce620810ccc0
eb4333e919f16aa3042235966e790e430e0faecf66ee95bb387b147e168b8ee5
GET /ps/QW13h0.js HTTP/1.1
Host: dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uprand=470968d913cc183163a5671287ad394b; last_file=m5ubx6ty3; lang_current=en; u_count=%5B0%2C0%5D; sb_page_224ad4a14b4b15c1726ff705ec672ea6=1; sb_onpage_224ad4a14b4b15c1726ff705ec672ea6=1; sb_main_224ad4a14b4b15c1726ff705ec672ea6=1; sb_count_224ad4a14b4b15c1726ff705ec672ea6=1; ppu_idelay_c22dc50dc2bbe4422c7f68d26ab95eb9=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=reproductiontape.com; dom3ic8zudi28v8lr6fgphwffqoz0j6c=6eaead45-a0f5-4229-8c7d-209167b06c11%3A1%3A1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:21:01 GMT
Content-Type: application/javascript
Content-Length: 48
Last-Modified: Fri, 21 Oct 2022 18:16:45 GMT
Connection: close
ETag: "6352e20d-30"
Accept-Ranges: bytes
cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/img/close.png
172.64.109.13200 OK 2.0 kB URL HTTP/2 cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/img/close.png
IP 172.64.109.13:0
File type PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data
Hash 2cecae5111d5ff932a996679215ad573
f4c63abb5dc373aba5bc144c3831d98516cc7cc9
31f6aad6a88eca32f245dc6d0e030ef422f306b4f8479855b30e59b6dc134ebc
GET /sb/ssp/in-page_push/os/android/2/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:21:01 GMT
content-type: image/png
content-length: 2005
last-modified: Wed, 11 May 2022 09:01:03 GMT
etag: "627b7b4f-7d5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 764982
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N79jp%2BRrKerTxBAYFXoL%2B6zvmmsyoouSh6DaE0p6ZPC6GFVGUnuXnhoJG3nCX%2FQX6blS6jdgJNycHEBAHpOKxPEILJnUvGeA1lz9YmS4ByGasbl5kkhmoNWZnV86N05W7i7Z88zs19b4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f16a51d89e405e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/css/animate.css
172.64.109.13200 OK 5.3 kB URL HTTP/2 cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/css/animate.css
IP 172.64.109.13:0
Hash 504c38628767ead411612f7d7ecd60aa
1df873c612364dc37ab6a412980534fe8b65d812
72731e513ccd3f826aac6aa66ca8c2004bb61bf4c7e67a19c8071a8d7c69f9ab
GET /sb/ssp/in-page_push/os/android/2/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:21:01 GMT
content-type: text/css
last-modified: Wed, 11 May 2022 09:01:02 GMT
etag: W/"627b7b4e-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 764695
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JHjNpEXDJSINTdpTvniuFEccYkU4dgV%2F2HibuHiqrNEFPcLkKwQCrm0WYucN4EbZXUsxLwJKkbxIipFu2ydlwUAHC1nV25IvnymoncsOGmLnDLKDfc5GI0P4NXz%2B5vepKNYv4nHUYxp5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f16a51985c405e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0eae74238d1c9828cd086271241b5e66
4cdd2c9e819b5c71d1d3e4836063a7a9f89ccf15
4884107002b9840725b58cd3ff13215471bdcd8c2a1029c3eeadd16abe4d91d2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "4884107002B9840725B58CD3FF13215471BDCD8C2A1029C3EEADD16ABE4D91D2"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8056
Expires: Thu, 24 Nov 2022 12:35:17 GMT
Date: Thu, 24 Nov 2022 10:21:01 GMT
Connection: keep-alive
cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/css/style.css
172.64.109.13200 OK 1.8 kB URL HTTP/2 cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/css/style.css
IP 172.64.109.13:0
Hash 6503286c0b0765d46e41c607dd42b729
0e54816fceaeb9c8e13add5d6f74d0f59ca82baa
b43844a6216675fd36e9029f7a6a363587b1cd0fda13860d19c380089589c5ed
GET /sb/ssp/in-page_push/os/android/2/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:21:01 GMT
content-type: text/css
last-modified: Wed, 11 May 2022 09:01:01 GMT
etag: W/"627b7b4d-126c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 764695
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mb51M%2B7POMSMRhd1KnY48R66v1K0R9JYipXWTyOKZyUnEsR1CpK4BSDk3KhT0j9apQow8uutcm0FUb%2F17mIxuAoWOHIPwA5C3WMMcgOmWNznI2NquOSxlZV7OjdDCHpx%2FtC90E0hNyvi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f16a51a864405e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:21:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
reproductiontape.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fin-page_push%2Fos%2Fandroid%2F2%2Fcss%2Fanimate.css&l=79245&fd=122
192.243.61.225200 OK 0 B URL HTTP/1.1 reproductiontape.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fin-page_push%2Fos%2Fandroid%2F2%2Fcss%2Fanimate.css&l=79245&fd=122
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fin-page_push%2Fos%2Fandroid%2F2%2Fcss%2Fanimate.css&l=79245&fd=122 HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 10:21:01 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/js/script.js
172.64.109.13200 OK 198 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/js/script.js
IP 172.64.109.13:0
Hash 1607f183e7a1c7b0e45b5143c29a1a5c
4250d240ae3e58c276f540336042d91538f58f4f
d296de16cc176a3fe1abbb6a6cf2a62d9f765ef881a220b9a3bffeb8eecc48aa
GET /sb/ssp/in-page_push/os/android/2/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:21:01 GMT
content-type: application/javascript
last-modified: Wed, 11 May 2022 09:01:04 GMT
etag: W/"627b7b50-194"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 764695
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOKGcECwSeP%2Fx%2BdUEc8tYngRluyA1rXKQdk0mlUnO4S9%2BHkyRy6GvI8HxYNWCP%2BZjOS7Mdj4T%2BFWgmh1uzmDH3PWJe6bzAPGPVP10VRU3iqg1spQzOeS12xiEgJZLb%2FCIn%2FwAbT6pg8q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f16a51a87a405e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/89/9f/8a/899f8a5bb7132795d339610f52f16dad/1667589937.png
45.133.44.10200 OK 33 kB URL HTTP/2 cdn.cloudimagesb.com/si/89/9f/8a/899f8a5bb7132795d339610f52f16dad/1667589937.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 2cb2500acb00f247ef19403c3a0f89e1
7c57e8b84b2bb0003810ffae7a14e24869155464
7efcd5082673b787603d2a0b8d768fb26807cf2ab79771a69886a916d0cda3ce
GET /si/89/9f/8a/899f8a5bb7132795d339610f52f16dad/1667589937.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:21:01 GMT
content-type: image/png
content-length: 32763
server: nginx/1.17.6
last-modified: Fri, 04 Nov 2022 19:25:45 GMT
etag: "63656739-7ffb"
expires: Sat, 26 Nov 2022 10:21:01 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e5bf97b0f8f82cd1712b34a118315c7e
8ebf659b5a09b932ed6ee219fd28803238f2816a
e64ddbc741840c4a933626710273fc41231d91a6a69b981ede401a4d6f59f7c5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64DDBC741840C4A933626710273FC41231D91A6A69B981EDE401A4D6F59F7C5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7396
Expires: Thu, 24 Nov 2022 12:24:17 GMT
Date: Thu, 24 Nov 2022 10:21:01 GMT
Connection: keep-alive
reproductiontape.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fin-page_push%2Fos%2Fandroid%2F2%2Fjs%2Fscript.js&l=404&fd=126
192.243.61.225200 OK 0 B URL HTTP/1.1 reproductiontape.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fin-page_push%2Fos%2Fandroid%2F2%2Fjs%2Fscript.js&l=404&fd=126
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fin-page_push%2Fos%2Fandroid%2F2%2Fjs%2Fscript.js&l=404&fd=126 HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 10:21:01 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8f2a1391a0e6048053bf2b8c65c9cc4
617eb48d7ac5c02754ece36213a33c4d6f855516
141d6282e1790fe961b5b221e7b000642126aac4944a154ebbb8026f4f22d362
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141D6282E1790FE961B5B221E7B000642126AAC4944A154EBBB8026F4F22D362"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6927
Expires: Thu, 24 Nov 2022 12:16:28 GMT
Date: Thu, 24 Nov 2022 10:21:01 GMT
Connection: keep-alive
js.wpshsdk.com/npc/sdk/common/config.js
45.133.44.24200 OK 19 B URL HTTP/2 js.wpshsdk.com/npc/sdk/common/config.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash 6320df55a000ad2502fbff372bc46abf
16b3357844a6f5610858f4f7be2c62186465851a
75bbfc2c15eb4f93320a741fc45d03dd7148dbfb6cf9adeaa6ebecf6ec09cab8
GET /npc/sdk/common/config.js HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:21:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 19
server: nginx/1.18.0
last-modified: Wed, 23 Nov 2022 14:38:53 GMT
etag: "637e307d-13"
expires: Thu, 24 Nov 2022 10:26:01 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=6eaead45-a0f5-4229-8c7d-209167b06c11&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=6eaead45-a0f5-4229-8c7d-209167b06c11&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=6eaead45-a0f5-4229-8c7d-209167b06c11&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 24 Nov 2022 10:21:01 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b12a6741291308099b8d019e9ec52d6d
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=6eaead45-a0f5-4229-8c7d-209167b06c11&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=6eaead45-a0f5-4229-8c7d-209167b06c11&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=6eaead45-a0f5-4229-8c7d-209167b06c11&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 24 Nov 2022 10:21:01 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ee5cc2c087aae63afe41f23a44c57aa5
Strict-Transport-Security: max-age=0; includeSubdomains
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 53213
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sw.wpush.org/ps/sw.js
45.133.44.25200 OK 18 kB IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash 3b3481ca0d2c31a62daf236ca5ffaacf
837c03c1b7c764d2dc13dcf496801539a6536e8a
c00f06093feec21f6dcd19850dc28c0c6d2700e6ceb57f78a47fac4b6568ebbe
GET /ps/sw.js HTTP/1.1
Host: sw.wpush.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:21:01 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 23 Nov 2022 14:38:53 GMT
etag: W/"637e307d-158c"
content-encoding: gzip
expires: Thu, 24 Nov 2022 10:26:01 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
js.wpshsdk.com/npc/sdk/common/core.js
45.133.44.24200 OK 35 kB URL HTTP/2 js.wpshsdk.com/npc/sdk/common/core.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0bfe8a9a8eb1947f097e8e43baac81ea
1dc19270e83d232feed0d8bcd1a3a116920ca00a
620040d10c153d3606c9d967ee930b6084cabfe4c10ae1449a62b17f3f885073
GET /npc/sdk/common/core.js HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:21:01 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 23 Nov 2022 14:38:53 GMT
etag: W/"637e307d-1861e"
content-encoding: gzip
expires: Thu, 24 Nov 2022 10:26:01 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
reproductiontape.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3l0vq5dVL4LKHBVk0t3T88s9LMbdSDQmcXc14K26qnpSTnVXU9U9PQmCwQVZEGE86bHzJtmgLrL7BwjS8SIBIeNBcjDexLuyZ5nJwOgH3d979b7De1%2FVZ%2Fv5OXGR07PNd%2FWuVIouNetu7ZUtmXBd2Nr63Zrn1t3rtS2ZtILrteH0Zwave26z7r5ae0uwvl7yXc91PderrUgjIj1cmqmQ6cOuV%2B%2B69cCve80AQ%2FN%2FbnMHljrgg3PyLCSfPLX982NIViGJH90Utp%2Fp9LVbca5opg0G%2FOj9pJ%2FoIkG8gJFxECVH82loOyHk60vQydE8AfTgYJoAoZwQ5zcPYXI0t4lwcHjhNFQQCUL%2BNIpBBaEqSFqB6XuQ%2FJQAjGN9A0n8YF2bgu5cqHSqTsiVJ39DFhNy5ffnkcTfLys5rN3RKs%2BkTiyGUQk5rCB7FdL8GNmuA1kcg2WfQvJfyNKTNSTxwYZVGpKXs%2FRSVpBRBSVGoNZBPv2kgzxykKcOYn5Wo81u5LrtKIwajU7AGGs0GGt2WrzJG0EncpGzqb0RsnQEpkZgZg%2Bp2UNfjmDyH2G3S1juwGYT4ry3hwEvUQiCwhIUlKCQBEVGUAzKQ66sb8sHXNk89Obdn%2FdGOdZZb58e6qwnErKfnpNrs73809Loi7Oa7weUB9QLwiD0msxr%2B60oartNwVptX9AWrCwh7aVZ1F15%2BlyKVJ4%2B8yJCegyrjsHkNdD8JdBi3PZd0O1x0HGxmzziItVWZpFUwtaZjsF1iTS7gmzH2Vfn5IWZj%2B6fVyHYyY2vvtj44zr%2FEMyUSE2Jj%2BRPBD11f3xbF%2BTgti4sebyRZjKWu3R6d3cymonL374jdgpt%2BOpNO%2FrmDTYVpvDhXWGzNZpwmfQs%2BW5Zci7MijZMkB9W7ZYIN3O7vZybJE%2FXNt9cWY1TI6yVOqlA5ekHH4PJCblq%2BrNX%2BfJfb0OaCiYvEecnZF6QugJL92DThXurCYxazISpgyIvx8YPF4dKEiix4DQsYf%2FDwwXet%2FfRMw5odg9JXGJgSgxUCapGsPnlcZaakxu%2FNmaFUDnjUBnnIFRGfXmxWivPak0vEJ2w02ach4Jxr%2B03Og3X9TkP2l3hdZHZCfvk1uf%2FAgAA%2F%2F8BAAD%2F%2Fwn2u7BtBAAA
192.243.61.225200 OK 7 B URL HTTP/1.1 reproductiontape.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3l0vq5dVL4LKHBVk0t3T88s9LMbdSDQmcXc14K26qnpSTnVXU9U9PQmCwQVZEGE86bHzJtmgLrL7BwjS8SIBIeNBcjDexLuyZ5nJwOgH3d979b7De1%2FVZ%2Fv5OXGR07PNd%2FWuVIouNetu7ZUtmXBd2Nr63Zrn1t3rtS2ZtILrteH0Zwave26z7r5ae0uwvl7yXc91PderrUgjIj1cmqmQ6cOuV%2B%2B69cCve80AQ%2FN%2FbnMHljrgg3PyLCSfPLX982NIViGJH90Utp%2Fp9LVbca5opg0G%2FOj9pJ%2FoIkG8gJFxECVH82loOyHk60vQydE8AfTgYJoAoZwQ5zcPYXI0t4lwcHjhNFQQCUL%2BNIpBBaEqSFqB6XuQ%2FJQAjGN9A0n8YF2bgu5cqHSqTsiVJ39DFhNy5ffnkcTfLys5rN3RKs%2BkTiyGUQk5rCB7FdL8GNmuA1kcg2WfQvJfyNKTNSTxwYZVGpKXs%2FRSVpBRBSVGoNZBPv2kgzxykKcOYn5Wo81u5LrtKIwajU7AGGs0GGt2WrzJG0EncpGzqb0RsnQEpkZgZg%2Bp2UNfjmDyH2G3S1juwGYT4ry3hwEvUQiCwhIUlKCQBEVGUAzKQ66sb8sHXNk89Obdn%2FdGOdZZb58e6qwnErKfnpNrs73809Loi7Oa7weUB9QLwiD0msxr%2B60oartNwVptX9AWrCwh7aVZ1F15%2BlyKVJ4%2B8yJCegyrjsHkNdD8JdBi3PZd0O1x0HGxmzziItVWZpFUwtaZjsF1iTS7gmzH2Vfn5IWZj%2B6fVyHYyY2vvtj44zr%2FEMyUSE2Jj%2BRPBD11f3xbF%2BTgti4sebyRZjKWu3R6d3cymonL374jdgpt%2BOpNO%2FrmDTYVpvDhXWGzNZpwmfQs%2BW5Zci7MijZMkB9W7ZYIN3O7vZybJE%2FXNt9cWY1TI6yVOqlA5ekHH4PJCblq%2BrNX%2BfJfb0OaCiYvEecnZF6QugJL92DThXurCYxazISpgyIvx8YPF4dKEiix4DQsYf%2FDwwXet%2FfRMw5odg9JXGJgSgxUCapGsPnlcZaakxu%2FNmaFUDnjUBnnIFRGfXmxWivPak0vEJ2w02ach4Jxr%2B03Og3X9TkP2l3hdZHZCfvk1uf%2FAgAA%2F%2F8BAAD%2F%2Fwn2u7BtBAAA
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3l0vq5dVL4LKHBVk0t3T88s9LMbdSDQmcXc14K26qnpSTnVXU9U9PQmCwQVZEGE86bHzJtmgLrL7BwjS8SIBIeNBcjDexLuyZ5nJwOgH3d979b7De1%2FVZ%2Fv5OXGR07PNd%2FWuVIouNetu7ZUtmXBd2Nr63Zrn1t3rtS2ZtILrteH0Zwave26z7r5ae0uwvl7yXc91PderrUgjIj1cmqmQ6cOuV%2B%2B69cCve80AQ%2FN%2FbnMHljrgg3PyLCSfPLX982NIViGJH90Utp%2Fp9LVbca5opg0G%2FOj9pJ%2FoIkG8gJFxECVH82loOyHk60vQydE8AfTgYJoAoZwQ5zcPYXI0t4lwcHjhNFQQCUL%2BNIpBBaEqSFqB6XuQ%2FJQAjGN9A0n8YF2bgu5cqHSqTsiVJ39DFhNy5ffnkcTfLys5rN3RKs%2BkTiyGUQk5rCB7FdL8GNmuA1kcg2WfQvJfyNKTNSTxwYZVGpKXs%2FRSVpBRBSVGoNZBPv2kgzxykKcOYn5Wo81u5LrtKIwajU7AGGs0GGt2WrzJG0EncpGzqb0RsnQEpkZgZg%2Bp2UNfjmDyH2G3S1juwGYT4ry3hwEvUQiCwhIUlKCQBEVGUAzKQ66sb8sHXNk89Obdn%2FdGOdZZb58e6qwnErKfnpNrs73809Loi7Oa7weUB9QLwiD0msxr%2B60oartNwVptX9AWrCwh7aVZ1F15%2BlyKVJ4%2B8yJCegyrjsHkNdD8JdBi3PZd0O1x0HGxmzziItVWZpFUwtaZjsF1iTS7gmzH2Vfn5IWZj%2B6fVyHYyY2vvtj44zr%2FEMyUSE2Jj%2BRPBD11f3xbF%2BTgti4sebyRZjKWu3R6d3cymonL374jdgpt%2BOpNO%2FrmDTYVpvDhXWGzNZpwmfQs%2BW5Zci7MijZMkB9W7ZYIN3O7vZybJE%2FXNt9cWY1TI6yVOqlA5ekHH4PJCblq%2BrNX%2BfJfb0OaCiYvEecnZF6QugJL92DThXurCYxazISpgyIvx8YPF4dKEiix4DQsYf%2FDwwXet%2FfRMw5odg9JXGJgSgxUCapGsPnlcZaakxu%2FNmaFUDnjUBnnIFRGfXmxWivPak0vEJ2w02ach4Jxr%2B03Og3X9TkP2l3hdZHZCfvk1uf%2FAgAA%2F%2F8BAAD%2F%2Fwn2u7BtBAAA HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 10:21:01 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: acad6148bd4169ee47ec517c2576cdff
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8f2a1391a0e6048053bf2b8c65c9cc4
617eb48d7ac5c02754ece36213a33c4d6f855516
141d6282e1790fe961b5b221e7b000642126aac4944a154ebbb8026f4f22d362
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141D6282E1790FE961B5B221E7B000642126AAC4944A154EBBB8026F4F22D362"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6926
Expires: Thu, 24 Nov 2022 12:16:28 GMT
Date: Thu, 24 Nov 2022 10:21:02 GMT
Connection: keep-alive
dfiles.eu/ps/QW13h0.js
91.226.124.76304 Not Modified 0 B IP 91.226.124.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ps/QW13h0.js HTTP/1.1
Host: dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uprand=470968d913cc183163a5671287ad394b; last_file=m5ubx6ty3; lang_current=en; u_count=%5B0%2C0%5D; sb_page_224ad4a14b4b15c1726ff705ec672ea6=1; sb_onpage_224ad4a14b4b15c1726ff705ec672ea6=1; sb_main_224ad4a14b4b15c1726ff705ec672ea6=1; sb_count_224ad4a14b4b15c1726ff705ec672ea6=1; ppu_idelay_c22dc50dc2bbe4422c7f68d26ab95eb9=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=reproductiontape.com; dom3ic8zudi28v8lr6fgphwffqoz0j6c=6eaead45-a0f5-4229-8c7d-209167b06c11%3A1%3A1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-Modified-Since: Fri, 21 Oct 2022 18:16:45 GMT
If-None-Match: "6352e20d-30"
Cache-Control: max-age=0
HTTP/1.1 304 Not Modified
Server: nginx
Date: Thu, 24 Nov 2022 10:21:02 GMT
Last-Modified: Fri, 21 Oct 2022 18:16:45 GMT
Connection: close
ETag: "6352e20d-30"
notification.tubecup.net/in/subscription-offers?href=https%3A%2F%2Fdfiles.eu%2Ffiles%2Fm5ubx6ty3%2FSPT.S01E01.Dub-CyborgPsychon.rar&tcid=0&spot_id=13971&site=tcpublisher&source_id=0
88.198.136.226200 OK 0 B URL HTTP/2 notification.tubecup.net/in/subscription-offers?href=https%3A%2F%2Fdfiles.eu%2Ffiles%2Fm5ubx6ty3%2FSPT.S01E01.Dub-CyborgPsychon.rar&tcid=0&spot_id=13971&site=tcpublisher&source_id=0
IP 88.198.136.226:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/subscription-offers?href=https%3A%2F%2Fdfiles.eu%2Ffiles%2Fm5ubx6ty3%2FSPT.S01E01.Dub-CyborgPsychon.rar&tcid=0&spot_id=13971&site=tcpublisher&source_id=0 HTTP/1.1
Host: notification.tubecup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 24 Nov 2022 10:21:02 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
cdn.adskeeper.co.uk/images/adskeeper_svg.svg
104.18.34.236200 OK 0 B URL HTTP/2 cdn.adskeeper.co.uk/images/adskeeper_svg.svg
IP 104.18.34.236:0
GET /images/adskeeper_svg.svg HTTP/1.1
Host: cdn.adskeeper.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:20:59 GMT
content-type: image/svg+xml
x-amz-id-2: 9+wK7//B9wiKymVhwJBS49yIWsknA1BYnHtl2rpiLd1F4bVgMRR1xL0U37+qHDuhswdKTk5XkFw=
x-amz-request-id: P23ZACW8NK08CPPP
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
x-amz-version-id: null
cf-cache-status: HIT
age: 6204
expires: Thu, 24 Nov 2022 14:20:59 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f16a47dbe30afe-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.wpshsdk.com/npc/sdk/push.m.js?v=1
45.133.44.24200 OK 0 B URL HTTP/2 js.wpshsdk.com/npc/sdk/push.m.js?v=1
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
GET /npc/sdk/push.m.js?v=1 HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:21:00 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 23 Nov 2022 14:38:53 GMT
etag: W/"637e307d-f291"
content-encoding: gzip
expires: Thu, 24 Nov 2022 10:26:00 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
089c42d0b4.f28fda58c5.com/f943929b93ea123cf3fe0439936a3445.js
45.133.44.24200 OK 0 B URL HTTP/2 089c42d0b4.f28fda58c5.com/f943929b93ea123cf3fe0439936a3445.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
GET /f943929b93ea123cf3fe0439936a3445.js HTTP/1.1
Host: 089c42d0b4.f28fda58c5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:20:58 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 15 Nov 2022 13:38:16 GMT
etag: W/"63739648-17810"
content-encoding: gzip
expires: Thu, 24 Nov 2022 10:25:58 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/e1/6f/bb/e16fbbe9f31c82c23d1d57f9726b5fc7/1654616215.html
45.133.44.4200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/e1/6f/bb/e16fbbe9f31c82c23d1d57f9726b5fc7/1654616215.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/e1/6f/bb/e16fbbe9f31c82c23d1d57f9726b5fc7/1654616215.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:21:00 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Tue, 07 Jun 2022 15:37:00 GMT
etag: W/"629f709c-40e"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Thu, 24 Nov 2022 11:21:00 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.10:0
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 10:21:01 GMT
date: Thu, 24 Nov 2022 10:21:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sw.wpush.org/ps/sw.js
45.133.44.24200 OK 0 B IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
GET /ps/sw.js HTTP/1.1
Host: sw.wpush.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:21:02 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 23 Nov 2022 14:38:53 GMT
etag: W/"637e307d-158c"
content-encoding: gzip
expires: Thu, 24 Nov 2022 10:26:02 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
js.wpshsdk.com/npc/sdk/push/styles.css
45.133.44.24200 OK 0 B URL HTTP/2 js.wpshsdk.com/npc/sdk/push/styles.css
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
GET /npc/sdk/push/styles.css HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 10:21:02 GMT
content-type: text/css
server: nginx/1.18.0
last-modified: Tue, 30 Aug 2022 09:15:33 GMT
etag: W/"630dd535-10f4"
content-encoding: gzip
expires: Thu, 24 Nov 2022 10:26:02 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2