Report - noisecollar.icu/v1hrz4?click_id=1531206133248205828&o=235&s1=aprspe&s3=662466&source=1158643&t=download_c2&title=COE33_Update_from_v56180_to

Report Overview

Visited public
2025-05-27 08:15:59
Tags
URL
noisecollar.icu/v1hrz4?click_id=1531206133248205828&o=235&s1=aprspe&s3=662466&source=1158643&t=download_c2&title=COE33_Update_from_v56180_to_v56289-ElAmigos.rar
Finishing URL
downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e
IP / ASN
104.21.29.228
#13335 CLOUDFLARENET
Title
Download COE33_Update_from_v56180_to_v56289-ElAmigos.rar

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
stats.webanalyticscounter.com	unknown	2024-05-24	2024-07-25	2025-05-26	3.0 kB	1.1 MB	172.67.183.158
downfunfile.com	unknown	2025-04-14	2025-05-19	2025-05-26	2.0 kB	14 kB	104.21.53.184
ajax.googleapis.com	12905	2005-01-25	2012-05-22	2025-05-21	445 B	98 kB	142.250.74.74
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-05-21	1.1 kB	98 kB	142.250.74.35
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-05-21	462 B	20 kB	104.17.25.14
noisecollar.icu	unknown	2025-04-09	2025-04-25	2025-05-21	628 B	8.1 kB	172.67.171.224
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-05-21	470 B	13 kB	142.250.178.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-05-27 08:15:27	medium	Client IP	172.67.171.224	ET INFO Suspicious Domain (*.icu) in TLS SNI
2025-05-27 08:15:50	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2025-05-27 08:15:50	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2025-05-27 08:15:50	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2025-05-27 08:15:50	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2025-05-27 08:15:50	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2025-05-27 08:15:50	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2025-05-27 08:15:50	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2025-05-27 08:15:50	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2025-05-27 08:15:50	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2025-05-27 08:15:50	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (9)

	URL	From	Size	First Seen	Last Seen
	cdnjs.cloudflare.com:8443/ajax/libs/underscore.js/1.12.0/underscore-min.js	ScriptElement	1.0 kB	2025-03-30	2025-06-17
Pretty URL cdnjs.cloudflare.com:8443/ajax/libs/underscore.js/1.12.0/underscore-min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-30 13:16 Last Seen2025-06-17 00:48 Times Seen243 Hash d77a36788ce11bcd420cfe5ca05cb5ca 6b3532d84ca9757eede6b312668ea465a65f8804 da066e352be4fe3db665f92adb26f3c1c6ced53ac4971770f9a62f1790df860c Loading...

	downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e	Function	34 B	2023-04-14	2025-06-18
Pretty URL downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e IP 104.21.53.184 ASN #13335 CLOUDFLARENET Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-06-18 04:39 Times Seen5285 Hash 7bcdb973ab8af8e24ab11cb554a1ba6e 24e8a10f240f2b06f81d7c173cd0a90606641fc1 916ec4eb9b485eb47f43a17fe212e84e4b72600b45eb6d4588599ad495a57fcd Loading...

	downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e	Function	44 B	2023-04-14	2025-06-18
Pretty URL downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e IP 104.21.53.184 ASN #13335 CLOUDFLARENET Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-06-18 04:39 Times Seen5276 Hash 00beb9884d0391b342eadd30744b539a 3124c0bd593822379d22f13d3e08e70a1bf5ea14 92394eec5690449a4f6cfc9a7f97497a69e926b2365cb9a9aad3507a844f835c Loading...

	downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e	Function	47 B	2023-04-14	2025-06-18
Pretty URL downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e IP 104.21.53.184 ASN #13335 CLOUDFLARENET Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-06-18 04:39 Times Seen5271 Hash a01893d8e129ad16c1e0fc5c7537f411 0e46d1bf2718f848d9d596fa269eaedb31204772 cbe7b89533bcd75b69f3e54807308551d68242ec1761e63bee1a99fc6e560175 Loading...

	downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e	Function	47 B	2023-04-14	2025-06-18
Pretty URL downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e IP 104.21.53.184 ASN #13335 CLOUDFLARENET Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-06-18 04:39 Times Seen5273 Hash 580b3e56fc9ab6e8b4655f43ee057cc1 5dfce565e446f4a167195de9a1a5dd26163c711c 446f07b6e56de61d2c2d5b6ba408cc580b492a6d1ede8fc51cfde4ef75a2b382 Loading...

	downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e	ScriptElement	724 B	2025-05-27	2025-05-27
Pretty URL downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e IP 104.21.53.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-27 08:16 Last Seen2025-05-27 08:16 Times Seen1 Hash bc1beb1b948b3dcbeca566e597b9b4c0 d8920b2646f98ea1121518332af267a6f7d28b3b 3cfbf3252541750e80bef5c34a681647464e5c59511a2fd1c9e1b74855ab02cd Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.12.0/jquery.min.js	ScriptElement	97 kB	2023-03-07	2025-06-17
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.12.0/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-06-17 11:34 Times Seen2943 Hash cbb11b58473b2d672f4ed53abbb67336 66f47b885d587aa9a6c453ae3f2c9a382e5c7ec7 5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf Loading...

	yourjsdelivery.com/dl.min.js	ScriptElement	18 kB	2024-06-18	2025-06-17
Pretty URL yourjsdelivery.com/dl.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-18 15:26 Last Seen2025-06-17 12:55 Times Seen1386 Hash 92a61d7deeeba56e60419c586eaadcb8 e94dfbcd81b5b5f066ebe7dfd66d50f6f0370936 e8c2f349ba55b5535973c1ec9a9ca11055628a11de616f587630830874e0cb40 Loading...

	downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e	Function	39 B	2023-04-14	2025-06-18
Pretty URL downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e IP 104.21.53.184 ASN #13335 CLOUDFLARENET Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-06-18 04:39 Times Seen5278 Hash bc51ed8c76553717f10d58b2df60fd76 e2d03a8fd8d280074b226c288880f9df299c7cb1 bee994eaf88453f6343ba57571a069054c12c9b4e42f8cbad4f2ad75c7fb264c Loading...

HTTP Transactions (16)

	URL	IP	Response	Size
	stats.webanalyticscounter.com/favicon.ico	172.67.183.158	200 OK	0 B
URL GET stats.webanalyticscounter.com/favicon.ico IP 172.67.183.158:443 ASN #13335 CLOUDFLARENET Requested by https://downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e Certificate IssuerGoogle Trust Services Subjectwebanalyticscounter.com Fingerprint5E:D5:1A:C4:57:96:20:EA:09:51:91:CE:49:E5:C8:E1:37:BA:B0:4D ValidityTue, 13 May 2025 20:59:01 GMT - Mon, 11 Aug 2025 21:57:34 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: stats.webanalyticscounter.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://downfunfile.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Tue, 27 May 2025 08:15:31 GMT content-type: text/html; charset=UTF-8 nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yRkW%2FjxtObdL05tRK8qAphUZvWd6vdJeJO1bDPkdiMnrbaMdmByLwJdSRzqcU6reD4zbXP0d9XDLObnYf2GE7gZjVv3GoiaBHlmNtybLLHb2gE0vumRY%2BcbNolaWK5j%2FMymP%2BJPEbF6YOIC7nEMmxw%3D%3D"}],"group":"cf-nel","max_age":604800} x-powered-by: PHP/7.4.24 cf-cache-status: DYNAMIC content-encoding: br cf-ray: 9464109ba82456bd-OSL server: cloudflare alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=6321&min_rtt=3695&rtt_var=5599&sent=19&recv=20&lost=0&retrans=0&sent_bytes=4159&recv_bytes=1819&delivery_rate=647457&cwnd=12000&unsent_bytes=0&cid=b017910dfdf6f4b5&ts=1188&x=80"

	stats.webanalyticscounter.com/stats.php	172.67.183.158	503 Service Unavailable	0 B
URL POST stats.webanalyticscounter.com/stats.php IP 172.67.183.158:443 ASN #13335 CLOUDFLARENET Requested by https://downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e Certificate IssuerGoogle Trust Services Subjectwebanalyticscounter.com Fingerprint5E:D5:1A:C4:57:96:20:EA:09:51:91:CE:49:E5:C8:E1:37:BA:B0:4D ValidityTue, 13 May 2025 20:59:01 GMT - Mon, 11 Aug 2025 21:57:34 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /stats.php HTTP/1.1 Host: stats.webanalyticscounter.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 1425 Origin: https://downfunfile.com DNT: 1 Connection: keep-alive Referer: https://downfunfile.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 503 Service Unavailable date: Tue, 27 May 2025 08:15:40 GMT content-type: text/html; charset=UTF-8 nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FpRzPj8GA%2FM3sHLVzixpAGpllXPVfw7HJZrRDQDjHxT0Hwkrp%2BJd8tJlzAViFrVISXZ%2BunNK6Fcs7OAeKLiTWJZR8%2BYuhJOjBSIWX3Azk47c%2Fe%2BBsyqgIQQHFq2WNcvl9Nznc8Bn%2BcTpyPAXvCZtnw%3D%3D"}],"group":"cf-nel","max_age":604800} x-powered-by: PHP/7.4.24 access-control-allow-origin: * cf-cache-status: DYNAMIC cf-ray: 946410d21b9256bd-OSL server: cloudflare alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=6017&min_rtt=3695&rtt_var=4806&sent=22&recv=23&lost=0&retrans=0&sent_bytes=4878&recv_bytes=3631&delivery_rate=647457&cwnd=12000&unsent_bytes=0&cid=b017910dfdf6f4b5&ts=9883&x=80"

	stats.webanalyticscounter.com/stats.php	172.67.183.158	503 Service Unavailable	0 B
URL POST stats.webanalyticscounter.com/stats.php IP 172.67.183.158:443 ASN #13335 CLOUDFLARENET Requested by https://downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e Certificate IssuerGoogle Trust Services Subjectwebanalyticscounter.com Fingerprint5E:D5:1A:C4:57:96:20:EA:09:51:91:CE:49:E5:C8:E1:37:BA:B0:4D ValidityTue, 13 May 2025 20:59:01 GMT - Mon, 11 Aug 2025 21:57:34 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /stats.php HTTP/1.1 Host: stats.webanalyticscounter.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 325 Origin: https://downfunfile.com DNT: 1 Connection: keep-alive Referer: https://downfunfile.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 503 Service Unavailable date: Tue, 27 May 2025 08:15:46 GMT content-type: text/html; charset=UTF-8 nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UdZuJ7YtrqX%2BwN8b0YajEpHKTPi0VlDXQezYFFqnbdxKO2AdPu9jHmStnpDuMIt4mphzMQIRkbvARyVR%2F1PkdQzU7gljNc9aSiJjTJ7dLdoQ%2FLZzlJ5VyVt3CE2m5OW8jOtZgaaJku3MOmAusB2koA%3D%3D"}],"group":"cf-nel","max_age":604800} x-powered-by: PHP/7.4.24 access-control-allow-origin: * cf-cache-status: DYNAMIC cf-ray: 946410f80ec856bd-OSL server: cloudflare alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=10425&min_rtt=3695&rtt_var=9178&sent=30&recv=35&lost=0&retrans=0&sent_bytes=6900&recv_bytes=14329&delivery_rate=647457&cwnd=12000&unsent_bytes=0&cid=b017910dfdf6f4b5&ts=15960&x=80"

	downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e	104.21.53.184	200 OK	7.5 kB
URL User Request GET downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e IP 104.21.53.184:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services Subjectdownfunfile.com Fingerprint5E:9F:55:10:40:71:E2:CE:A1:93:71:A7:D4:06:97:73:E4:1C:20:05 ValidityFri, 16 May 2025 07:45:34 GMT - Thu, 14 Aug 2025 08:43:59 GMT File type HTML document, ASCII text, with very long lines (582), with CRLF line terminators Size 7.5 kB (7479 bytes) Hash 444a579ba2a92f87b821d8f97fded2ca 757fb444e30273a28895a9ee28958c76136a226f 7056915f35a0800b783a85fa6cbde566f50662b68cd5ee62dc50cca8eab17b70 HTTP Headers GET /34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e HTTP/1.1 Host: downfunfile.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 27 May 2025 08:15:28 GMT content-type: text/html; charset=UTF-8 server: cloudflare nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} x-powered-by: PHP/7.1.27 cf-cache-status: DYNAMIC report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=pHcO4lunj61iukPilKKm2vkBffvrGyloE8814gq%2B1PKJMEOJq%2BSBkFhD5fhoNioRY02b%2BAxdcyOEsy4wMYcEhVolQsubzgPSkgbK"}]} content-encoding: br cf-ray: 946410870ba4b4fa-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ajax.googleapis.com/ajax/libs/jquery/1.12.0/jquery.min.js	142.250.74.74	200 OK	97 kB
URL GET ajax.googleapis.com/ajax/libs/jquery/1.12.0/jquery.min.js IP 142.250.74.74:443 ASN #15169 GOOGLE Requested by https://downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e Certificate IssuerGoogle Trust Services Subjectupload.video.google.com FingerprintE8:3A:D1:2C:16:97:56:94:8B:01:F8:ED:EB:81:17:F8:D7:6C:B2:41 ValidityTue, 29 Apr 2025 19:29:18 GMT - Tue, 22 Jul 2025 19:29:17 GMT File type JavaScript source, ASCII text, with very long lines (32060) Size 97 kB (97362 bytes) Hash cbb11b58473b2d672f4ed53abbb67336 66f47b885d587aa9a6c453ae3f2c9a382e5c7ec7 5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf HTTP Headers `GET /ajax/libs/jquery/1.12.0/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://downfunfile.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 34044 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 22 May 2025 10:45:11 GMT expires: Fri, 22 May 2026 10:45:11 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 age: 423017 last-modified: Tue, 03 Mar 2020 19:15:00 GMT content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2	142.250.74.35	200 OK	48 kB
URL GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP 142.250.74.35:443 ASN #15169 GOOGLE Requested by https://downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e Certificate IssuerGoogle Trust Services Subject.gstatic.com Fingerprint58:93:D6:74:22:41:22:FC:10:8C:BD:51:81:F5:29:DE:00:91:9B:FD ValidityTue, 29 Apr 2025 19:29:18 GMT - Tue, 22 Jul 2025 19:29:17 GMT File type Web Open Font Format (Version 2), TrueType, length 48236, version 1.0 Size 48 kB (48236 bytes) Hash 015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa HTTP Headers GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://downfunfile.com DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 48236 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 26 May 2025 21:26:44 GMT expires: Tue, 26 May 2026 21:26:44 GMT cache-control: public, max-age=31536000 last-modified: Thu, 14 Dec 2023 02:08:40 GMT content-type: font/woff2 age: 38925 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	cdnjs.cloudflare.com:8443/ajax/libs/underscore.js/1.12.0/underscore-min.js	104.17.25.14	200 OK	19 kB
URL GET cdnjs.cloudflare.com:8443/ajax/libs/underscore.js/1.12.0/underscore-min.js IP 104.17.25.14:8443 ASN #13335 CLOUDFLARENET Requested by https://downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e Certificate IssuerGoogle Trust Services Subjectcdnjs.cloudflare.com Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77 ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT File type JavaScript source, ASCII text, with very long lines (18888) Size 19 kB (19358 bytes) Hash 5e69b8b4c93891157f2dac3721873c59 ac0bc40622bb3babcb228f3662b67ed8ae1012a3 1bc0ea4e2fe66ac337fb1863bbdb4c8f044ee4e84dbe0f0f1b3959bebfa539c1 HTTP Headers `GET /ajax/libs/underscore.js/1.12.0/underscore-min.js HTTP/1.1 Host: cdnjs.cloudflare.com:8443 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://downfunfile.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 27 May 2025 08:15:31 GMT content-type: application/javascript; charset=utf-8 content-length: 6749 server: cloudflare strict-transport-security: max-age=15780000 cf-ray: 9464109bf8ef56c7-OSL access-control-allow-origin: * cache-control: no-transform, public, max-age=30672000 content-encoding: br etag: "5fe06887-4b9e" last-modified: Mon, 21 Dec 2020 09:19:03 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fNnlXCr2ao98QM1EHNJv4MfQvPLf8r3taebB%2FJ2B3eTbVLxB4DE6Bvvzub5LxYd6bOSiYk0UbepbhHQrdoCTtPGeQxwDiWixWKov9Ok30OJ4MoGLwlC3WA2%2FsRC4OnPfCAOlSLUcP3WwWDo%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} alt-svc: h3=":8443"; ma=86400 X-Firefox-Spdy: h2

	noisecollar.icu/v1hrz4?click_id=1531206133248205828&o=235&s1=aprspe&s3=662466&source=1158643&t=download_c2&title=COE33_Update_from_v56180_to_v56289-ElAmigos.rar	172.67.171.224	302 Found	7.5 kB
URL User Request GET noisecollar.icu/v1hrz4?click_id=1531206133248205828&o=235&s1=aprspe&s3=662466&source=1158643&t=download_c2&title=COE33_Update_from_v56180_to_v56289-ElAmigos.rar IP 172.67.171.224:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services Subjectnoisecollar.icu Fingerprint6D:D8:C6:FA:32:C4:4D:15:41:5E:84:E5:09:27:AA:C1:4C:DB:64:6E ValidityThu, 10 Apr 2025 02:48:54 GMT - Wed, 09 Jul 2025 03:39:27 GMT File type Size 7.5 kB (7479 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /v1hrz4?click_id=1531206133248205828&o=235&s1=aprspe&s3=662466&source=1158643&t=download_c2&title=COE33_Update_from_v56180_to_v56289-ElAmigos.rar HTTP/1.1 Host: noisecollar.icu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found date: Tue, 27 May 2025 08:15:27 GMT content-type: text/html; charset=UTF-8 location: https://downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e server: cloudflare nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} x-powered-by: PHP/7.1.27 cf-cache-status: DYNAMIC vary: accept-encoding report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=lVmz5UWZG1ZXXgaSAzJQoarvAZp4itmOQW8d%2FC6vGxUEvhhNh0gZT0F25zCqv0T7WD7Qhw2AfJwrmbn9iwibeIfVq%2FQ2jaNV2SEk"}]} cf-ray: 94641084dbaa56c6-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	fonts.googleapis.com/css2?family=Open+Sans:wght@300;600&display=swap	142.250.178.106	200 OK	12 kB
URL GET fonts.googleapis.com/css2?family=Open+Sans:wght@300;600&display=swap IP 142.250.178.106:443 ASN #15169 GOOGLE Requested by https://downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e Certificate IssuerGoogle Trust Services Subjectupload.video.google.com FingerprintE8:3A:D1:2C:16:97:56:94:8B:01:F8:ED:EB:81:17:F8:D7:6C:B2:41 ValidityTue, 29 Apr 2025 19:29:18 GMT - Tue, 22 Jul 2025 19:29:17 GMT File type ASCII text, with very long lines (1572) Size 12 kB (12028 bytes) Hash 512b680c8b0c5904b3f0f0ff7529193b fdf6d844254d9c5dd82bfa352401bd42f59f4ccd a34ae23f99423dc2d8bfec0899e96c34c6b0b57ed80769801f4a9dd36fa56065 HTTP Headers `GET /css2?family=Open+Sans:wght@300;600&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://downfunfile.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/css; charset=utf-8 vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Tue, 27 May 2025 08:15:29 GMT date: Tue, 27 May 2025 08:15:29 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	downfunfile.com/images/generalbundle.css	104.21.53.184	200 OK	1.6 kB
URL GET downfunfile.com/images/generalbundle.css IP 104.21.53.184:443 ASN #13335 CLOUDFLARENET Requested by https://downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e Certificate IssuerGoogle Trust Services Subjectdownfunfile.com Fingerprint5E:9F:55:10:40:71:E2:CE:A1:93:71:A7:D4:06:97:73:E4:1C:20:05 ValidityFri, 16 May 2025 07:45:34 GMT - Thu, 14 Aug 2025 08:43:59 GMT File type ASCII text, with CRLF line terminators Size 1.6 kB (1643 bytes) Hash 3812f9cd2878cee0009f81c2d1ad9412 34ea0838799ad09877d925ac79ec0ba960963a80 91c9d18aa99b2fd6719c5dfcfa9df9655acf9725b9677579ba39e079e029d929 HTTP Headers `GET /images/generalbundle.css HTTP/1.1 Host: downfunfile.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 27 May 2025 08:15:28 GMT content-type: text/css server: cloudflare last-modified: Mon, 10 Jan 2022 19:22:59 GMT nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} vary: accept-encoding report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=UVkivKdW1mlvU64C4ioSHnOPzSpMOI%2FHFhT%2B5qqnwXgHX4RJwAG%2FgWLT6kdKpAMp9NRlaVyGNjryL%2BMUEpN1y0ULcSEm1rJ9L5FI"}]} age: 3419 cache-control: max-age=14400 cf-cache-status: HIT etag: W/"61dc8793-66b" content-encoding: br cf-ray: 9464108cddadb4fa-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	stats.webanalyticscounter.com/stats.js	172.67.183.158	200 OK	1.1 MB
URL GET stats.webanalyticscounter.com/stats.js IP 172.67.183.158:443 ASN #13335 CLOUDFLARENET Requested by https://downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e Certificate IssuerGoogle Trust Services Subjectwebanalyticscounter.com Fingerprint5E:D5:1A:C4:57:96:20:EA:09:51:91:CE:49:E5:C8:E1:37:BA:B0:4D ValidityTue, 13 May 2025 20:59:01 GMT - Mon, 11 Aug 2025 21:57:34 GMT File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 1.1 MB (1075224 bytes) Hash d394fb9ed2790e60e4e49f04ba6ee58b fd24219b09c5883d9a5648e8495d7c200fe34850 98335defb854fc032623041d5f988eefd7e8e05714116f8395ddb1bcdf6597b0 HTTP Headers `GET /stats.js HTTP/1.1 Host: stats.webanalyticscounter.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://downfunfile.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 27 May 2025 08:15:29 GMT content-type: application/javascript server: cloudflare last-modified: Fri, 21 Jun 2024 21:25:59 GMT nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=MvyAYQ6QbRkfK87GMscofRq0qhfHsf%2FxRJoPNGG4VBbBhFUG%2Fxr9MOOc91pxJCYLRI00W7oclNLxo41580izHjqO0kapeuaA022pN8wU9bUkMPofc5hgihqcpg%3D%3D"}]} cf-cache-status: DYNAMIC etag: W/"106818-61b6d13ead2cd" content-encoding: br cf-ray: 946410900d55568e-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	stats.webanalyticscounter.com/stats.php	172.67.183.158	503 Service Unavailable	0 B
URL POST stats.webanalyticscounter.com/stats.php IP 172.67.183.158:443 ASN #13335 CLOUDFLARENET Requested by https://downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e Certificate IssuerGoogle Trust Services Subjectwebanalyticscounter.com Fingerprint5E:D5:1A:C4:57:96:20:EA:09:51:91:CE:49:E5:C8:E1:37:BA:B0:4D ValidityTue, 13 May 2025 20:59:01 GMT - Mon, 11 Aug 2025 21:57:34 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /stats.php HTTP/1.1 Host: stats.webanalyticscounter.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 8773 Origin: https://downfunfile.com DNT: 1 Connection: keep-alive Referer: https://downfunfile.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 503 Service Unavailable date: Tue, 27 May 2025 08:15:40 GMT content-type: text/html; charset=UTF-8 nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dqCD4PhcbfQcLI%2BF%2BINX3hwp1KOLk7kKMe3A7W5gIg8xm5ngnSV5SzjFtNuonrnzpLRlaJWfUPr1J%2BDVTJs0I8T58mxu8tT8J8mgIEdhrFTEHmqVJnppFJ3nVsRxIcwvUfXhJ4Y4FbKC4b4W6n%2BZfg%3D%3D"}],"group":"cf-nel","max_age":604800} x-powered-by: PHP/7.4.24 access-control-allow-origin: * cf-cache-status: DYNAMIC cf-ray: 946410d5dbd556bd-OSL server: cloudflare alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=6836&min_rtt=3695&rtt_var=5241&sent=27&recv=32&lost=0&retrans=0&sent_bytes=5615&recv_bytes=13615&delivery_rate=647457&cwnd=12000&unsent_bytes=0&cid=b017910dfdf6f4b5&ts=10495&x=80"

	stats.webanalyticscounter.com/stats.php	172.67.183.158	503 Service Unavailable	0 B
URL POST stats.webanalyticscounter.com/stats.php IP 172.67.183.158:443 ASN #13335 CLOUDFLARENET Requested by https://downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e Certificate IssuerGoogle Trust Services Subjectwebanalyticscounter.com Fingerprint5E:D5:1A:C4:57:96:20:EA:09:51:91:CE:49:E5:C8:E1:37:BA:B0:4D ValidityTue, 13 May 2025 20:59:01 GMT - Mon, 11 Aug 2025 21:57:34 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /stats.php HTTP/1.1 Host: stats.webanalyticscounter.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 313 Origin: https://downfunfile.com DNT: 1 Connection: keep-alive Referer: https://downfunfile.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 503 Service Unavailable date: Tue, 27 May 2025 08:15:40 GMT content-type: text/html; charset=UTF-8 nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8MSb%2Be878sfm0cr6KeseszAvdkycaF3Gc8MI1QpLZlH8YQyASJbyJsljCGLS2LB3RQq5AqYN%2B8vPACsjIX8dpjchASkadD2dx%2B342itWfRL8KdIUaZHRDDtR%2BNrceDUfbd%2BYtDgZjRdmkagwx2wSWA%3D%3D"}],"group":"cf-nel","max_age":604800} x-powered-by: PHP/7.4.24 access-control-allow-origin: * cf-cache-status: DYNAMIC cf-ray: 946410d61bdb56bd-OSL server: cloudflare alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=8731&min_rtt=3695&rtt_var=7720&sent=28&recv=33&lost=0&retrans=0&sent_bytes=6245&recv_bytes=13659&delivery_rate=647457&cwnd=12000&unsent_bytes=0&cid=b017910dfdf6f4b5&ts=10528&x=80"

	downfunfile.com/images/firefox/bundlehelp.css	104.21.53.184	200 OK	2.2 kB
URL GET downfunfile.com/images/firefox/bundlehelp.css IP 104.21.53.184:443 ASN #13335 CLOUDFLARENET Requested by https://downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e Certificate IssuerGoogle Trust Services Subjectdownfunfile.com Fingerprint5E:9F:55:10:40:71:E2:CE:A1:93:71:A7:D4:06:97:73:E4:1C:20:05 ValidityFri, 16 May 2025 07:45:34 GMT - Thu, 14 Aug 2025 08:43:59 GMT File type ASCII text, with CRLF line terminators Size 2.2 kB (2166 bytes) Hash 41fe9c5474ae1f51b2941f45b0e1e5b3 bd44fd7e9991cda5318cf56036d9a8644a5ccd60 b15b6fd698377d50ec470fedae69c52813e2d210ad87212c2cef4c950599b028 HTTP Headers `GET /images/firefox/bundlehelp.css HTTP/1.1 Host: downfunfile.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 27 May 2025 08:15:28 GMT content-type: text/css server: cloudflare last-modified: Wed, 07 Oct 2020 11:38:48 GMT nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} vary: accept-encoding report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=8HtnmaM0F6cffN1n7cwYim6QD8FFirjVOpF5vccgLtya5iJTkNGm2LKCCgExghN1UYdA%2BzNicsLNmr0yzZa4ttDunYxd%2FUTzlDmT"}]} age: 3419 cache-control: max-age=14400 cf-cache-status: HIT etag: W/"5f7da8c8-876" content-encoding: br cf-ray: 9464108cddb1b4fa-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2	142.250.74.35	200 OK	48 kB
URL GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP 142.250.74.35:443 ASN #15169 GOOGLE Requested by https://downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e Certificate IssuerGoogle Trust Services Subject.gstatic.com Fingerprint58:93:D6:74:22:41:22:FC:10:8C:BD:51:81:F5:29:DE:00:91:9B:FD ValidityTue, 29 Apr 2025 19:29:18 GMT - Tue, 22 Jul 2025 19:29:17 GMT File type Web Open Font Format (Version 2), TrueType, length 48236, version 1.0 Size 48 kB (48236 bytes) Hash 015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa HTTP Headers GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://downfunfile.com DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 48236 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 26 May 2025 21:26:44 GMT expires: Tue, 26 May 2026 21:26:44 GMT cache-control: public, max-age=31536000 last-modified: Thu, 14 Dec 2023 02:08:40 GMT content-type: font/woff2 age: 38925 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	downfunfile.com/favicon.ico	104.21.53.184	404 Not Found	571 B
URL GET downfunfile.com/favicon.ico IP 104.21.53.184:443 ASN #13335 CLOUDFLARENET Requested by https://downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e Certificate IssuerGoogle Trust Services Subjectdownfunfile.com Fingerprint5E:9F:55:10:40:71:E2:CE:A1:93:71:A7:D4:06:97:73:E4:1C:20:05 ValidityFri, 16 May 2025 07:45:34 GMT - Thu, 14 Aug 2025 08:43:59 GMT File type HTML document, ASCII text, with CRLF line terminators Size 571 B (571 bytes) Hash 88b3e708aadc2bcc04fc3096b124baa0 512ddc0be378047a8ae8171fe01bec4b1e203b34 023c54a1285c76d07951260b121e14893cd199ae0e557e479c7796f5212709dc HTTP Headers `GET /favicon.ico HTTP/1.1 Host: downfunfile.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://downfunfile.com/34f6bb70cc1db67025012a62b79cce5ab41f54e81420325e Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 404 Not Found date: Tue, 27 May 2025 08:15:29 GMT content-type: text/html nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uWTVI%2B03eVgJz3evT6LztU%2FAzGjp7QHDYY6gInDZshWDGrprbJaR2PbRtbxLa2vT%2FkOhaCHIfJ5TYj1d%2BAFvPTDPsXNB1C3%2FG5GrRs2BvY1dQeDIdKduSNWWmnAaDppjcps%3D"}],"group":"cf-nel","max_age":604800} age: 53 cache-control: max-age=14400 cf-cache-status: HIT content-encoding: br cf-ray: 946410919f55568b-OSL server: cloudflare vary: Accept-Encoding alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=4138&min_rtt=662&rtt_var=3345&sent=116&recv=188&lost=0&retrans=0&sent_bytes=9420&recv_bytes=10600&delivery_rate=389443&cwnd=12000&unsent_bytes=0&cid=2328102ae48f506f&ts=1114&x=80"

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (16)

URL GET

IP

ASN

Requested by