Report - hexupload.net/7fq86d6orkmq/Splatoon_3

Report Overview

Submitted URL
hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
IP
185.125.171.207
ASN
#56655 TerraHost AS
Submitted
2023-04-20 15:15:13
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
6
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2014-09-09	2023-04-19	1.0 kB	55 kB	216.58.207.227
push-sdk.com	unknown	2022-12-23	2023-04-19	851 B	16 kB	157.90.33.72
s10.histats.com	15211	2012-05-21	2023-04-19	392 B	4.7 kB	46.105.201.240
uidsync.net	unknown	2021-07-23	2023-04-19	1.0 kB	1.7 kB	157.90.33.122
s4.histats.com	12782	2012-05-21	2023-04-19	657 B	184 B	149.56.240.128
cdnjs.cloudflare.com	235	2015-04-17	2023-04-19	431 B	7.7 kB	104.17.24.14
ocsp.pki.goog	175	2018-07-01	2023-04-19	1.7 kB	3.5 kB	142.250.74.131
henoticpipi.com	unknown	2022-08-16	2023-04-18	403 B	1.4 kB	142.91.159.197
embed.tawk.to	8650	2014-03-19	2023-04-19	9.0 kB	809 kB	172.67.38.66
va.tawk.to	8297	2017-01-30	2023-04-19	2.5 kB	7.8 kB	172.67.38.66
vsb4.tawk.to	114557	2020-04-04	2023-04-18	1.1 kB	441 B	104.22.25.131
hexupload.net	316864	2018-06-30	2023-04-14	9.2 kB	428 kB	185.125.171.207
www.googletagmanager.com	75	2013-05-22	2023-04-19	830 B	128 kB	142.250.74.168
cdn.jsdelivr.net	439	2012-09-30	2023-04-19	420 B	42 kB	151.101.65.229
ocsp.sectigo.com	487	2019-11-29	2023-04-19	660 B	1.9 kB	172.64.155.188

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-04-20 15:17:40	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-04-20 15:17:40	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-04-20 15:17:42	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-04-20 15:17:42	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-04-20 15:17:43	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-04-20 15:17:43	medium	Client IP	Internal IP	ET DNS Query for .to TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-04-20	medium	henoticpipi.com/gS6Tzmf1JeKCRad/54684

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (40)

	URL	Size	First Seen	Last Seen
	hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar	286 B	2023-03-08	2024-05-02
Pretty URL hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar IP 185.125.171.207 ASN #56655 TerraHost AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 05:15:30 Last Seen2024-05-02 20:51:57 Times Seen315 Hash a10faca4ada9bbdcb1b350c8d4fdbceb acb8f3cfe394c96d40e8bc0a300ab889811849b9 cd39142e37a1c495b80ad9e423875277b29731e29a0538ce4c256e4b36eb9910 Loading...

	push-sdk.com/f/sdk.js?z=711931	52 kB	2023-03-29	2023-05-31
Pretty URL push-sdk.com/f/sdk.js?z=711931 IP 157.90.33.72 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:08:35 Last Seen2023-05-31 23:03:26 Times Seen314 Hash 408b0033444f91a065b3b86e5418dcae 42839ff9e3586d4df76b8d8eb2b2497d5fd47a02 bc46e0b26b783ab6d41a72312ac1326e0727eb2029626b932e5aa0021883fe44 Loading...

	embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-common.js	197 kB	2023-04-05	2023-06-01
Pretty URL embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-common.js IP 172.67.38.66 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 07:49:38 Last Seen2023-06-01 10:45:51 Times Seen10687 Hash a9acef5db79df87d4a97ef0644902d48 e12501304cdddd5f1beee918c68284eadde212e7 cf838191c065eb8a98b4c32690462d2828259c796c95157a27cfcd3df9dc71ed Loading...

	embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-vendors.js	211 kB	2023-03-25	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-vendors.js IP 172.67.38.66 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:39:38 Last Seen2023-12-01 20:53:29 Times Seen8603 Hash 27a109773b0fdd12c9737166eb5719c2 8977473ceb692a49bac7a9a3c010d82c48857995 abd9f756ab6f8d858e73f4b8d8194ed99333d58fcadafbb50cac353fbaf9a03f Loading...

	embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-2c78ba82.js	7.1 kB	2023-03-07	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-2c78ba82.js IP 172.67.38.66 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:09 Last Seen2023-12-01 20:53:29 Times Seen7234 Hash fac25ff2d2c405e1ac7e156dca1f819c 9e7c83d4eefe4f64b4f1c43d15f21b248697a125 97ca66991150a4c1263837600fe4338f33d96b74979cd7740ab07d22b883b8e0 Loading...

	hexupload.net/ds2/js/jquery.paging.js	19 kB	2023-03-07	2024-05-04
Pretty URL hexupload.net/ds2/js/jquery.paging.js IP 185.125.171.207 ASN #56655 TerraHost AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:22 Last Seen2024-05-04 00:51:48 Times Seen3028 Hash d7a2c1c7af2a004a6d68e1e55b1cfb46 7fd6daa7076c30381880519ad06ef5639b19ee28 c8ecfe747c979fbd87624913200a9237343679923b495885bced089b80fc84f6 Loading...

	hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar	853 B	2023-03-07	2024-05-02
Pretty URL hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar IP 185.125.171.207 ASN #56655 TerraHost AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 21:43:32 Last Seen2024-05-02 20:51:57 Times Seen296 Hash 971ccce1cb82f9abada60a82500d22d6 79952a68530d1833179499a4dd44bca7437e1afb 0863118d0e302374e73b965a0c757374322b4edbe07b5dafd7f109b048bdc3b0 Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js	21 kB	2023-03-07	2024-05-04
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:27 Last Seen2024-05-04 12:41:48 Times Seen16936 Hash 56456db9d72a4b380ed3cb63095e6022 6dbce88aee15b42f29083df7a07513cf3b486ba0 66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2 Loading...

	embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-2d0b9454.js	546 B	2023-03-07	2023-12-03
Pretty URL embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-2d0b9454.js IP 172.67.38.66 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2023-12-03 21:40:45 Times Seen7208 Hash 09c3819d373bd4178a620d721429fada fc407211bc5ed4384dc85e981c5947f727254bd9 48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c Loading...

	embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-f1596d96.js	10 kB	2023-04-05	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-f1596d96.js IP 172.67.38.66 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 07:52:01 Last Seen2023-12-01 20:53:28 Times Seen5573 Hash a902d29bb2d86f4de3feae8e697eed5a 87ddb488d60df982c5a55a15e62d59c1044c2ab0 7979ef8653d67f3fa9dd237e08a359371ae1f541e62ec2b135364a0969ca7f8f Loading...

	cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js	303 kB	2023-04-05	2024-05-04
Pretty URL cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js IP 151.101.65.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 07:49:38 Last Seen2024-05-04 08:44:17 Times Seen59097 Hash 7bb7aac0cac89a90304af1c72eb4f50d 729f6f8ca5787d89743b0ed7eb27fd76406bf985 f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b Loading...

	henoticpipi.com/gS6Tzmf1JeKCRad/54684	6 B	2023-03-07	2024-05-04
Pretty URL henoticpipi.com/gS6Tzmf1JeKCRad/54684 IP 142.91.159.197 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:39 Last Seen2024-05-04 13:22:20 Times Seen9290 Hash 4fc71bf68a1d477bd1523733e34d1e90 15119105cffbe108b6cf290146ab02c9aa8517ba 74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce Loading...

	hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar	424 B	2023-03-08	2024-05-02
Pretty URL hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar IP 185.125.171.207 ASN #56655 TerraHost AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 05:15:30 Last Seen2024-05-02 03:51:50 Times Seen92 Hash 84f078443b8ae37c07299e77425f098d 8aa059b276f4eac7dc0172ba0c5381fb287a7544 75a87db6117e9c6d86f67dd0fb6f9a9b0e5e1b8c1282c2fd572dc062342ebe50 Loading...

	hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar	332 B	2023-03-08	2024-05-02
Pretty URL hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar IP 185.125.171.207 ASN #56655 TerraHost AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 05:15:30 Last Seen2024-05-02 03:51:50 Times Seen92 Hash 480a2977208031ab2b070ade6ea880b0 c75d0e3cd9793e8d1a37917ac27fed320f352d78 3290ddfa2b79b0e9ba0dd042309ba4876400566e91359cff3699252d314c04a6 Loading...

	embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-696bc286.js	17 kB	2023-04-05	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-696bc286.js IP 172.67.38.66 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 07:49:38 Last Seen2023-12-01 20:53:29 Times Seen9715 Hash 3fd68b27902043cbf7d50fa19809babb c3cf7276b06a8232edf73734d91813d46cdfdb09 1017110c7ff8f11157f5189d5bf4921401b313563af4b250163628c4fc5f26d5 Loading...

	hexupload.net/ds2/js/bootstrap.min.js	58 kB	2023-03-07	2024-05-04
Pretty URL hexupload.net/ds2/js/bootstrap.min.js IP 185.125.171.207 ASN #56655 TerraHost AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-05-04 12:44:05 Times Seen20432 Hash e1d98d47689e00f8ecbc5d9f61bdb42e 6778fed3cf095a318141a31f455c8f4663885bde 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b Loading...

	www.googletagmanager.com/gtag/js?id=UA-120931509-1	115 kB	2023-04-20	2023-04-20
Pretty URL www.googletagmanager.com/gtag/js?id=UA-120931509-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-20 17:15:15 Last Seen2023-04-20 17:15:15 Times Seen2 Hash 34e8634eb071e9d9b405c4016a2bc0e0 9ce716403092897c4b5316b4d06f3227a0d5d3b8 caea5b948d4e6725d77d789eb33d5d8b0e7a37891e0bf44702d6f817797df5e6 Loading...

	s10.histats.com/js15_as.js	11 kB	2023-03-07	2024-05-03
Pretty URL s10.histats.com/js15_as.js IP 46.105.201.240 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-03 06:50:30 Times Seen1983 Hash e959fbdd13def4b9a9d0a5fc9a7de4d4 1e39712307e3673b40c0bdb8c7d3e86a3e8b60a0 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Loading...

	hexupload.net/ds2/js/clipboard.min.js	11 kB	2023-04-05	2024-05-03
Pretty URL hexupload.net/ds2/js/clipboard.min.js IP 185.125.171.207 ASN #56655 TerraHost AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 07:49:39 Last Seen2024-05-03 07:19:10 Times Seen533 Hash 4b072870705218b33df5dea9bf90b187 c8437e774649ff1754d289aacbec00933d5cb806 122cab37fc0d2b18e47e05c9ea3d71b35be2eab34ce2ebd7e90ac1602a527ff6 Loading...

	hexupload.net/ds2/js/main.js	423 B	2023-03-08	2024-05-02
Pretty URL hexupload.net/ds2/js/main.js IP 185.125.171.207 ASN #56655 TerraHost AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:15:30 Last Seen2024-05-02 03:51:50 Times Seen328 Hash 864d81e6710edc4bc34e0036d975a725 53efcc1a076b1ecf6e47ba87d264e830fdc4007a c1bd88cc54165fd50700598361e7484401e4cc1525866fa5a73e8a463df5c226 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-04
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-04 15:54:10 Times Seen344223 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar	153 B	2023-03-13	2024-05-02
Pretty URL hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar IP 185.125.171.207 ASN #56655 TerraHost AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 06:20:24 Last Seen2024-05-02 03:51:50 Times Seen92 Hash 05107d0e24115a7bfb57576275f9f3bb db15bf232dd8d778013ee03132ab8e444eb7eef9 3c6a387c8d5c9e574753daf824da28a7086c4fb2bc6c9e62a106993484d2c0c1 Loading...

	www.googletagmanager.com/gtag/js?id=G-94BPVYM7D3	240 kB	2023-04-20	2023-04-20
Pretty URL www.googletagmanager.com/gtag/js?id=G-94BPVYM7D3 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-20 17:15:15 Last Seen2023-04-20 17:15:15 Times Seen2 Hash 22ed487832e090b16fc2c96059349da9 e154dcc753bfdb79811f653241f2f39b9ee99b38 9b982ab9571e5e8b66cb8548bc13b742834cad80bc4c8c03caff5cf2559d4a01 Loading...

	embed.tawk.to/_s/v4/app/642b759ae8c/languages/en.js	17 kB	2023-03-07	2024-02-05
Pretty URL embed.tawk.to/_s/v4/app/642b759ae8c/languages/en.js IP 172.67.38.66 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:47 Last Seen2024-02-05 02:14:35 Times Seen39084 Hash 585ba00b2c167b90c210161454f843b5 89ee8372cc6d5eb307cf5840b70d8f3dab3c57f2 e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0 Loading...

	embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-48f46bef.js	16 kB	2023-04-05	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-48f46bef.js IP 172.67.38.66 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 07:49:39 Last Seen2023-12-01 20:53:29 Times Seen9441 Hash 0d3d21546a441253c44a8c1d274a485a 721f9007bf8fb314d6c6506bf837dc6fe573e684 ce6eb52e07dc8dfb25e967feffbb8a20d4a4c9a31c99ab9a1b410253a3082a26 Loading...

	hexupload.net/ds2/js/jquery.cookie.js	3.1 kB	2023-03-07	2024-05-04
Pretty URL hexupload.net/ds2/js/jquery.cookie.js IP 185.125.171.207 ASN #56655 TerraHost AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:22 Last Seen2024-05-04 00:51:48 Times Seen2537 Hash ff14e4812b7f512e620b1ad35542bcfc c40c5f777e7a2f63e7b731b3cdb1fe9c806b23ae c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96 Loading...

	hexupload.net/ds2/js/paging.js	1.8 kB	2023-03-07	2024-05-02
Pretty URL hexupload.net/ds2/js/paging.js IP 185.125.171.207 ASN #56655 TerraHost AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:35 Last Seen2024-05-02 20:51:58 Times Seen728 Hash 3686c6282d9c94c620e42508fb5d0e18 97c9a31b1f7946d5f3ba6a5047c95cf38456fa64 e1d4f21db649ec5795e70cb72e59fdec97af300c64b5d8abbc67f00688eb0ecd Loading...

	hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar	155 B	2023-03-08	2024-05-02
Pretty URL hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar IP 185.125.171.207 ASN #56655 TerraHost AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 05:15:30 Last Seen2024-05-02 03:51:50 Times Seen94 Hash 6d6a7c1b934ab9102e45b7a2aef6e69d 901b8739341c1befa2359a48d3c4e4ceaa0d1eeb 88212c52982f98b0760e8cf348837c2bdcaddb6b218f2c10b1fafc8ae8aa060d Loading...

	embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-vendor.js	78 kB	2023-03-07	2024-01-03
Pretty URL embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-vendor.js IP 172.67.38.66 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-01-03 04:29:13 Times Seen8812 Hash 7dcb496e4882926f93f2e73fa87062c0 f84d8f772336f305bbbd882a1e5d48d9aa8bd16a 5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7 Loading...

	embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-app.js	151 B	2023-03-07	2024-05-04
Pretty URL embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-app.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2024-05-04 08:44:18 Times Seen46699 Hash e736e189edb5d0d9d5b8e7f23dd9114a bcabee193f13756fa9154fc492fe420c47140343 13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd Loading...

	embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-32507910.js	74 kB	2023-04-05	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-32507910.js IP 172.67.38.66 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 07:49:39 Last Seen2023-12-01 20:53:29 Times Seen9574 Hash 89188756a8e20dbd2b0140c3c94ed26a d40d9d3d3201e27e8fee34e48a6b57b4266b0618 023077d134c53a612af90efdbf65f7ae210b74cb3fd1148998efa4582d151978 Loading...

	hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar	713 B	2023-03-14	2024-05-02
Pretty URL hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar IP 185.125.171.207 ASN #56655 TerraHost AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 11:21:33 Last Seen2024-05-02 03:51:50 Times Seen92 Hash 385987c0962ffced8c63e14abb5a705a 320009ea3a6ab8ee41bd1cbb55babfaeab9bb469 1b47dc5a264ef3a19c5380cb82e25616197f68558cd52b0f99b2a61ee558cecc Loading...

	s4.histats.com/stats/0.php?4167218&@f16&@g1&@h1&@i1&@j1682003861264&@k0&@l1&@mDownload%20Splatoon%20(NSP)(e%20Shop)&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-60500972&@b3:1682003861&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fhexupload.net%2F7fq86d6orkmq%2FSplatoon_3_(NSP)(eShop).rar&@w	52 B	2023-04-20	2023-04-20
Pretty URL s4.histats.com/stats/0.php?4167218&@f16&@g1&@h1&@i1&@j1682003861264&@k0&@l1&@mDownload%20Splatoon%20(NSP)(e%20Shop)&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-60500972&@b3:1682003861&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fhexupload.net%2F7fq86d6orkmq%2FSplatoon_3_(NSP)(eShop).rar&@w IP 149.56.240.128 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-20 17:15:15 Last Seen2023-04-20 17:15:15 Times Seen2 Hash c7a3bc1883aaaa676bb9c2bc9f190f0f e703fbce7f4e2bcb39412572ca137833df4e8b65 41026edbcaa1b313f7c9ebe930601ddd515e078176c19afe429a69c36aa4c041 Loading...

	embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-main.js	121 B	2023-03-07	2024-05-04
Pretty URL embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-main.js IP 172.67.38.66 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-05-04 08:44:17 Times Seen46021 Hash da5bb1dc647470204df0e49f5afac2de f5cbf596ca5e4fe208e4c55af6e45b71f9febbe8 705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c Loading...

	embed.tawk.to/5e7a460e69e9320caabc8ac2/default	2.1 kB	2023-04-08	2023-05-31
Pretty URL embed.tawk.to/5e7a460e69e9320caabc8ac2/default IP 172.67.38.66 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-08 05:29:14 Last Seen2023-05-31 23:03:25 Times Seen19 Hash fa28fc010b9254d9d0f4065e72d1f93a 324e9c094a70ed3df581331780820fcd4cb6b0e9 9bc759d47e8658f678e42de339ca0a9905293378b56ffd9e2521021f194fedbb Loading...

	hexupload.net/7fq86d6orkmq/sandbox%20eval%20code	147 B	2023-04-11	2024-05-04
Pretty URL hexupload.net/7fq86d6orkmq/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-04 15:54:09 Times Seen344729 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-runtime.js	2.3 kB	2023-04-05	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-runtime.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 07:49:39 Last Seen2023-12-01 20:53:28 Times Seen5768 Hash cbcaf94cf2c68654c23d2fa971522e9e 0a49ffb52df638c073a059823136a909eebe1bae 164c3cba5ce1923d067d50221c35e4c17508356b1a4dd1eaf3aa34ab85c3567a Loading...

	hexupload.net/ds2/js/jquery-1.9.1.min.js	93 kB	2023-03-07	2024-05-04
Pretty URL hexupload.net/ds2/js/jquery-1.9.1.min.js IP 185.125.171.207 ASN #56655 TerraHost AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-05-04 11:44:19 Times Seen23767 Hash 397754ba49e9e0cf4e7c190da78dda05 ae49e56999d82802727455f0ba83b63acd90a22b c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Loading...

	embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-4fe9d5dd.js	942 B	2023-03-07	2023-12-03
Pretty URL embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-4fe9d5dd.js IP 172.67.38.66 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2023-12-03 21:40:45 Times Seen7224 Hash 5f434bdd806571a4e1b385bee9316ff6 ca69e13015a6b7769e4174179dc8befd4c543c43 fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867 Loading...

	embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-f163fcd0.js	11 kB	2023-03-07	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-f163fcd0.js IP 172.67.38.66 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2023-12-01 20:53:29 Times Seen11867 Hash a92075fd9ac5ba130387a80453676099 4b5b13cf9479b8311d574356e53f8da74200c57a 544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de Loading...

HTTP Transactions (65)

URL IP Response Size

hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar

185.125.171.207

200 OK

169 B

URL User Request GET HTTP/1.1
hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
IP
185.125.171.207:443
ASN
#56655 TerraHost AS

Certificate
IssuerLet's Encrypt
Subjecthexupload.net
FingerprintF6:90:48:6F:EB:36:14:E6:4F:AA:27:4D:12:B1:67:49:7E:43:81:51
ValidityTue, 18 Apr 2023 22:04:07 GMT - Mon, 17 Jul 2023 22:04:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
0f952b73d3f5586637ea9a5a789d48f4
b29aff4ffa1d4decd77db5160f920e1c6417e5e9
69d11528ee32902d0c47ed215877f0610399536f755db03ed02a77ecedd74751

HTTP Headers

GET /7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar HTTP/1.1
Host: hexupload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.1
Date: Thu, 20 Apr 2023 15:14:56 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar

hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar

185.125.171.207

200 OK

16 kB

URL User Request GET HTTP/1.1
hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
IP
185.125.171.207:443
ASN
#56655 TerraHost AS

Certificate
IssuerLet's Encrypt
Subjecthexupload.net
FingerprintF6:90:48:6F:EB:36:14:E6:4F:AA:27:4D:12:B1:67:49:7E:43:81:51
ValidityTue, 18 Apr 2023 22:04:07 GMT - Mon, 17 Jul 2023 22:04:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
16 kB (16155 bytes)
Hash
668612e8115e7257c05bf528678722a1
3544d6ba23c36fd064cbcf92b72d202099b645ed
6645eaf36016c7b9a9d158bf3251ce0f711f8d5b69d799ddacab18e0d9d1d9f3

HTTP Headers

GET /7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar HTTP/1.1
Host: hexupload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 20 Apr 2023 15:14:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 19 Apr 2023 15:14:56 GMT
Set-Cookie: lang=english; domain=.hexupload.net; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS

cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

104.17.24.14

200 OK

6.6 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (20831)
Size
6.6 kB (6646 bytes)
Hash
368c425fc94c424e1688caadefbed981
13d24c22c199ef6668d758434819f44307a65094
ed9c7a83e1c1300a93ecd08807a736ebe7b87ab8262a40bc7e3859d00a46a102

HTTP Headers

GET /ajax/libs/popper.js/1.14.7/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hexupload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 20 Apr 2023 15:14:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 6646
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-520c"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1281747
expires: Tue, 09 Apr 2024 15:14:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULgFvdMGmYV55%2BMu72XNVVXeDNEFrya3SdFc%2BXzfknpgisw6GGHIZS2P8c5kcZ2ddLtl1uB%2BUe0MVIY%2BCWGcpIuzoZF6GIaj6q1cj6KnYEzrjhvt9%2FeS%2FGCNMuqCotkfZ58zQY15"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7bae57042d0cb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

hexupload.net/ds2/js/jquery.paging.js

185.125.171.207

200 OK

4.3 kB

URL GET HTTP/1.1
hexupload.net/ds2/js/jquery.paging.js
IP
185.125.171.207:443
ASN
#56655 TerraHost AS

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerLet's Encrypt
Subjecthexupload.net
FingerprintF6:90:48:6F:EB:36:14:E6:4F:AA:27:4D:12:B1:67:49:7E:43:81:51
ValidityTue, 18 Apr 2023 22:04:07 GMT - Mon, 17 Jul 2023 22:04:06 GMT

File type
ASCII text
Size
4.3 kB (4311 bytes)
Hash
b9114b351d18c852d801ff8ffbf65b1f
adf996b2e5a85dc0df67b633b40019d1bde67dd0
06737fa32e7ed779db6e4225241af87deff662beec14980b4ebc5bf9b2aa8c3a

HTTP Headers

GET /ds2/js/jquery.paging.js HTTP/1.1
Host: hexupload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Cookie: lang=english
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 20 Apr 2023 15:14:57 GMT
Content-Type: application/javascript
Content-Length: 4311
Connection: keep-alive
Last-Modified: Mon, 04 Sep 2017 22:09:56 GMT
ETag: "4ba5-558645eeb3500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS

hexupload.net/ds2/js/jquery.cookie.js

185.125.171.207

200 OK

1.4 kB

URL GET HTTP/1.1
hexupload.net/ds2/js/jquery.cookie.js
IP
185.125.171.207:443
ASN
#56655 TerraHost AS

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerLet's Encrypt
Subjecthexupload.net
FingerprintF6:90:48:6F:EB:36:14:E6:4F:AA:27:4D:12:B1:67:49:7E:43:81:51
ValidityTue, 18 Apr 2023 22:04:07 GMT - Mon, 17 Jul 2023 22:04:06 GMT

File type
ASCII text
Size
1.4 kB (1365 bytes)
Hash
9f13af7a70e4e29e82237dc3c1f8aa93
fa4b103d0d60f23faa166ebc6f4947198d0614a8
22cd538ca926e0c4b303d57da3c7cd77684063560e2d9c9b7d295a277014642b

HTTP Headers

GET /ds2/js/jquery.cookie.js HTTP/1.1
Host: hexupload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Cookie: lang=english
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 20 Apr 2023 15:14:57 GMT
Content-Type: application/javascript
Content-Length: 1365
Connection: keep-alive
Last-Modified: Mon, 04 Sep 2017 22:09:56 GMT
ETag: "c31-558645eeb3500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS

hexupload.net/ds2/js/jquery-1.9.1.min.js

185.125.171.207

200 OK

33 kB

URL GET HTTP/1.1
hexupload.net/ds2/js/jquery-1.9.1.min.js
IP
185.125.171.207:443
ASN
#56655 TerraHost AS

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerLet's Encrypt
Subjecthexupload.net
FingerprintF6:90:48:6F:EB:36:14:E6:4F:AA:27:4D:12:B1:67:49:7E:43:81:51
ValidityTue, 18 Apr 2023 22:04:07 GMT - Mon, 17 Jul 2023 22:04:06 GMT

File type
ASCII text, with very long lines (32089)
Size
33 kB (32729 bytes)
Hash
9fa48afb35e8b063bad1241a35f52b5f
a6cfdd32e7c2515e274cb141549dbbe63c0d73cb
afa33160bf953c4f2522f79dad354421dc9d16bf13864278605291944a470b2b

HTTP Headers

GET /ds2/js/jquery-1.9.1.min.js HTTP/1.1
Host: hexupload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Cookie: lang=english
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 20 Apr 2023 15:14:57 GMT
Content-Type: application/javascript
Content-Length: 32729
Connection: keep-alive
Last-Modified: Mon, 04 Sep 2017 22:09:54 GMT
ETag: "169d5-558645eccb080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS

hexupload.net/ds2/js/paging.js

185.125.171.207

200 OK

662 B

URL GET HTTP/1.1
hexupload.net/ds2/js/paging.js
IP
185.125.171.207:443
ASN
#56655 TerraHost AS

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerLet's Encrypt
Subjecthexupload.net
FingerprintF6:90:48:6F:EB:36:14:E6:4F:AA:27:4D:12:B1:67:49:7E:43:81:51
ValidityTue, 18 Apr 2023 22:04:07 GMT - Mon, 17 Jul 2023 22:04:06 GMT

File type
HTML document, ASCII text
Size
662 B (662 bytes)
Hash
253927c67f4cd37f25a4c6e162cf6c24
209da722175509cc5d8dc293d7988acff92b163e
30b4432113851cbc3f64df0fe8ab8e405a0ac400648ea129fdd61c1642c2164e

HTTP Headers

GET /ds2/js/paging.js HTTP/1.1
Host: hexupload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Cookie: lang=english
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 20 Apr 2023 15:14:57 GMT
Content-Type: application/javascript
Content-Length: 662
Connection: keep-alive
Last-Modified: Mon, 04 Sep 2017 22:09:57 GMT
ETag: "739-558645efa7740-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3ab880d47371ab610d419736fd9fdf2f
a65a2f5c78d0933611fa111a2f0e8c1a44d0d508
a8d8d28848cd03e5f9e788188faee46bfaba3e321f85bfd464de1bdddbbca7cf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Apr 2023 15:14:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3ab880d47371ab610d419736fd9fdf2f
a65a2f5c78d0933611fa111a2f0e8c1a44d0d508
a8d8d28848cd03e5f9e788188faee46bfaba3e321f85bfd464de1bdddbbca7cf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Apr 2023 15:14:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-120931509-1

142.250.74.168

200 OK

45 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-120931509-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint0D:E0:7D:60:57:50:BA:EB:CA:6E:2A:3F:20:5B:C7:91:67:89:3F:09
ValidityTue, 28 Mar 2023 16:45:47 GMT - Tue, 20 Jun 2023 16:45:46 GMT

File type
ASCII text, with very long lines (2206)
Size
45 kB (44656 bytes)
Hash
7c5259322b026f4e029aff0de223f38b
0a94a46cf8f5025fb7335495f2bfd567b8e763fc
272702708cc5cbab833aa642fb6b9ea8dcb20a4501ba63afd59770f2f93aeecf

HTTP Headers

GET /gtag/js?id=UA-120931509-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hexupload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 20 Apr 2023 15:14:57 GMT
expires: Thu, 20 Apr 2023 15:14:57 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44656
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-94BPVYM7D3

142.250.74.168

200 OK

82 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-94BPVYM7D3
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint0D:E0:7D:60:57:50:BA:EB:CA:6E:2A:3F:20:5B:C7:91:67:89:3F:09
ValidityTue, 28 Mar 2023 16:45:47 GMT - Tue, 20 Jun 2023 16:45:46 GMT

File type
ASCII text, with very long lines (26280)
Size
82 kB (82001 bytes)
Hash
2cbe9cafb2b91c0422b2ea89df6ce542
bf1a37c374775c183167da321b3d239a5720d897
6ca513da6b779a0acc9b295a79c456695113521ec80f223c76fe22a3aaa8e6c5

HTTP Headers

GET /gtag/js?id=G-94BPVYM7D3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hexupload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 20 Apr 2023 15:14:57 GMT
expires: Thu, 20 Apr 2023 15:14:57 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 82001
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

hexupload.net/doup1/assets/styles/bootstrap.min.css

185.125.171.207

200 OK

21 kB

URL GET HTTP/1.1
hexupload.net/doup1/assets/styles/bootstrap.min.css
IP
185.125.171.207:443
ASN
#56655 TerraHost AS

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerLet's Encrypt
Subjecthexupload.net
FingerprintF6:90:48:6F:EB:36:14:E6:4F:AA:27:4D:12:B1:67:49:7E:43:81:51
ValidityTue, 18 Apr 2023 22:04:07 GMT - Mon, 17 Jul 2023 22:04:06 GMT

File type
ASCII text, with very long lines (65324)
Size
21 kB (20969 bytes)
Hash
e981695c33a519de689366b24b26b003
c76f2b01748ec7ef12683e6ea80897c41322de5b
642d53fb92ed00e4ed52833f78044dd86bcf5bf723e85cfba0680e31ff2e1393

HTTP Headers

GET /doup1/assets/styles/bootstrap.min.css HTTP/1.1
Host: hexupload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Cookie: lang=english
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 20 Apr 2023 15:14:57 GMT
Content-Type: text/css
Content-Length: 20969
Connection: keep-alive
Last-Modified: Fri, 25 Jun 2021 09:14:46 GMT
ETag: "22688-5c59392202d80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS

hexupload.net/ds2/js/clipboard.min.js

185.125.171.207

200 OK

3.4 kB

URL GET HTTP/1.1
hexupload.net/ds2/js/clipboard.min.js
IP
185.125.171.207:443
ASN
#56655 TerraHost AS

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerLet's Encrypt
Subjecthexupload.net
FingerprintF6:90:48:6F:EB:36:14:E6:4F:AA:27:4D:12:B1:67:49:7E:43:81:51
ValidityTue, 18 Apr 2023 22:04:07 GMT - Mon, 17 Jul 2023 22:04:06 GMT

File type
Unicode text, UTF-8 text, with very long lines (10809)
Size
3.4 kB (3395 bytes)
Hash
4ae708e6ec2b66548dcf6cadc519233d
4ca14ea5da264f5e25218af767b13cc2f89e1358
e4ac4070368b4da4d1d65aadbc6994ea5d113f92b419ef38d2eb8f523038a72c

HTTP Headers

GET /ds2/js/clipboard.min.js HTTP/1.1
Host: hexupload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Cookie: lang=english
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 20 Apr 2023 15:14:57 GMT
Content-Type: application/javascript
Content-Length: 3395
Connection: keep-alive
Last-Modified: Mon, 04 Sep 2017 22:09:53 GMT
ETag: "2aa5-558645ebd6e40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS

hexupload.net/ds2/js/bootstrap.min.js

185.125.171.207

200 OK

15 kB

URL GET HTTP/1.1
hexupload.net/ds2/js/bootstrap.min.js
IP
185.125.171.207:443
ASN
#56655 TerraHost AS

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerLet's Encrypt
Subjecthexupload.net
FingerprintF6:90:48:6F:EB:36:14:E6:4F:AA:27:4D:12:B1:67:49:7E:43:81:51
ValidityTue, 18 Apr 2023 22:04:07 GMT - Mon, 17 Jul 2023 22:04:06 GMT

File type
ASCII text, with very long lines (57791)
Size
15 kB (15371 bytes)
Hash
960e9b2b59ba32e81c7db3eb5ba6611b
e0d98bac3684f70a667a384c343d0870755e9a62
da84cbb0ca79857d57d368443596206b9b871b6598bd7a13d3deabd8a659c1b7

HTTP Headers

GET /ds2/js/bootstrap.min.js HTTP/1.1
Host: hexupload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Cookie: lang=english
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 20 Apr 2023 15:14:57 GMT
Content-Type: application/javascript
Content-Length: 15371
Connection: keep-alive
Last-Modified: Sat, 24 Aug 2019 22:42:17 GMT
ETag: "e2d8-590e4a2832440-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS

hexupload.net/ds2/js/main.js

185.125.171.207

200 OK

250 B

URL GET HTTP/1.1
hexupload.net/ds2/js/main.js
IP
185.125.171.207:443
ASN
#56655 TerraHost AS

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerLet's Encrypt
Subjecthexupload.net
FingerprintF6:90:48:6F:EB:36:14:E6:4F:AA:27:4D:12:B1:67:49:7E:43:81:51
ValidityTue, 18 Apr 2023 22:04:07 GMT - Mon, 17 Jul 2023 22:04:06 GMT

File type
ASCII text
Size
250 B (250 bytes)
Hash
bd369d7b626b14bcf34acc5d2293a5e7
689e6a09179a07cfb5a19e795fac20140dbf5ee4
8c80741ebe0378f6388cc1b8dbadfb5bf603bfe635e0981af90dfe32a36a395f

HTTP Headers

GET /ds2/js/main.js HTTP/1.1
Host: hexupload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Cookie: lang=english
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 20 Apr 2023 15:14:57 GMT
Content-Type: application/javascript
Content-Length: 250
Connection: keep-alive
Last-Modified: Thu, 31 Oct 2019 22:11:55 GMT
ETag: "1a7-5963c231f20c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS

hexupload.net/ds2/css/style.min.css?v=0.04

185.125.171.207

200 OK

34 kB

URL GET HTTP/1.1
hexupload.net/ds2/css/style.min.css?v=0.04
IP
185.125.171.207:443
ASN
#56655 TerraHost AS

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerLet's Encrypt
Subjecthexupload.net
FingerprintF6:90:48:6F:EB:36:14:E6:4F:AA:27:4D:12:B1:67:49:7E:43:81:51
ValidityTue, 18 Apr 2023 22:04:07 GMT - Mon, 17 Jul 2023 22:04:06 GMT

File type
ASCII text, with very long lines (62782)
Size
34 kB (34512 bytes)
Hash
65d1239b2ef3f14b32bffbfb71f51359
767736dff508b14531b75b124ede4156b2782134
5c03d747d1a73e81c1c9d2d13124784c56c310a6c16c0807da5b74fd451b7765

HTTP Headers

GET /ds2/css/style.min.css?v=0.04 HTTP/1.1
Host: hexupload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Cookie: lang=english
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 20 Apr 2023 15:14:57 GMT
Content-Type: text/css
Content-Length: 34512
Connection: keep-alive
Last-Modified: Wed, 23 Dec 2020 02:02:16 GMT
ETag: "2c9e3-5b71814959a00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3ab880d47371ab610d419736fd9fdf2f
a65a2f5c78d0933611fa111a2f0e8c1a44d0d508
a8d8d28848cd03e5f9e788188faee46bfaba3e321f85bfd464de1bdddbbca7cf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Apr 2023 15:14:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

hexupload.net/ds2/img/Hexupload_Black_Footer_Logo.png

185.125.171.207

200 OK

4.9 kB

URL GET HTTP/1.1
hexupload.net/ds2/img/Hexupload_Black_Footer_Logo.png
IP
185.125.171.207:443
ASN
#56655 TerraHost AS

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerLet's Encrypt
Subjecthexupload.net
FingerprintF6:90:48:6F:EB:36:14:E6:4F:AA:27:4D:12:B1:67:49:7E:43:81:51
ValidityTue, 18 Apr 2023 22:04:07 GMT - Mon, 17 Jul 2023 22:04:06 GMT

File type
PNG image data, 182 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
4.9 kB (4938 bytes)
Hash
9209c73887c21719956d9ce24ca32a8e
fa14ef3dfdd97dc91478d30f507a05340fe7fc9c
ac1d2aca95a95de73ca5f408cbeb98cb9c6411da2e5f379a0d89a875a115361e

HTTP Headers

GET /ds2/img/Hexupload_Black_Footer_Logo.png HTTP/1.1
Host: hexupload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Cookie: lang=english
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 20 Apr 2023 15:14:57 GMT
Content-Type: image/png
Content-Length: 4938
Connection: keep-alive
Last-Modified: Fri, 19 Mar 2021 16:48:52 GMT
ETag: "134a-5bde67daa6500"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS

hexupload.net/ds2/img/Hexupload_White_Header_Logo.png?v=1

185.125.171.207

200 OK

5.2 kB

URL GET HTTP/1.1
hexupload.net/ds2/img/Hexupload_White_Header_Logo.png?v=1
IP
185.125.171.207:443
ASN
#56655 TerraHost AS

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerLet's Encrypt
Subjecthexupload.net
FingerprintF6:90:48:6F:EB:36:14:E6:4F:AA:27:4D:12:B1:67:49:7E:43:81:51
ValidityTue, 18 Apr 2023 22:04:07 GMT - Mon, 17 Jul 2023 22:04:06 GMT

File type
PNG image data, 182 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
5.2 kB (5170 bytes)
Hash
16eaccfaae8fe78f3f5ab9cd80fcb24e
3cbeb8de5d1c07b9bc8f5d1bb3b5bf8df4d8cb7b
0f736697729d3e00e3d53bae48f8002f022965f6ab271efb216f1d3dff6cc901

HTTP Headers

GET /ds2/img/Hexupload_White_Header_Logo.png?v=1 HTTP/1.1
Host: hexupload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Cookie: lang=english
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 20 Apr 2023 15:14:57 GMT
Content-Type: image/png
Content-Length: 5170
Connection: keep-alive
Last-Modified: Fri, 19 Mar 2021 16:54:14 GMT
ETag: "1432-5bde690dbb980"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS

hexupload.net/images/downloadBtn.png

185.125.171.207

200 OK

20 kB

URL GET HTTP/1.1
hexupload.net/images/downloadBtn.png
IP
185.125.171.207:443
ASN
#56655 TerraHost AS

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerLet's Encrypt
Subjecthexupload.net
FingerprintF6:90:48:6F:EB:36:14:E6:4F:AA:27:4D:12:B1:67:49:7E:43:81:51
ValidityTue, 18 Apr 2023 22:04:07 GMT - Mon, 17 Jul 2023 22:04:06 GMT

File type
PNG image data, 248 x 74, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19592 bytes)
Hash
c6635002b09cf682d4d632ec37fe3ab9
87bd4bd6bbf263c5359654cc5f113bd13f1b115b
c4f57f93009f281724f10b90a8140189017ada6dffd93fd227d18e02646a8fac

HTTP Headers

GET /images/downloadBtn.png HTTP/1.1
Host: hexupload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Cookie: lang=english
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 20 Apr 2023 15:14:57 GMT
Content-Type: image/png
Content-Length: 19592
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 08:33:16 GMT
ETag: "4c88-5e954078abf47"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS

henoticpipi.com/gS6Tzmf1JeKCRad/54684

142.91.159.197

200 OK

26 B

URL GET HTTP/1.1
henoticpipi.com/gS6Tzmf1JeKCRad/54684
IP
142.91.159.197:443
ASN
#7979 SERVERS-COM

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerLet's Encrypt
Subjecthenoticpipi.com
Fingerprint09:E4:78:75:20:B0:4D:EC:25:0F:52:DB:69:6A:38:BD:27:BC:7A:62
ValiditySat, 11 Mar 2023 23:05:17 GMT - Fri, 09 Jun 2023 23:05:16 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /gS6Tzmf1JeKCRad/54684 HTTP/1.1
Host: henoticpipi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hexupload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 20 Apr 2023 15:14:57 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hexupload.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Fri, 21-Apr-2023 15:14:57 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D; expires=Fri, 21-Apr-2023 15:14:57 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

hexupload.net/ds2/css/bootstrap.min.css

185.125.171.207

200 OK

23 kB

URL GET HTTP/1.1
hexupload.net/ds2/css/bootstrap.min.css
IP
185.125.171.207:443
ASN
#56655 TerraHost AS

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerLet's Encrypt
Subjecthexupload.net
FingerprintF6:90:48:6F:EB:36:14:E6:4F:AA:27:4D:12:B1:67:49:7E:43:81:51
ValidityTue, 18 Apr 2023 22:04:07 GMT - Mon, 17 Jul 2023 22:04:06 GMT

File type
ASCII text, with very long lines (65324)
Size
23 kB (23154 bytes)
Hash
81bf95fb31c4158bcf2f411ec37a3605
38a38614b032db2f17459c2d21306ee80abb1f7e
dcf92e9b5719bc3da73e162c97e43245dbdf874a7664bd849e54b6ae7a3a7f2a

HTTP Headers

GET /ds2/css/bootstrap.min.css HTTP/1.1
Host: hexupload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hexupload.net/ds2/css/style.min.css?v=0.04
Cookie: lang=english
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 20 Apr 2023 15:14:57 GMT
Content-Type: text/css
Content-Length: 23154
Connection: keep-alive
Last-Modified: Sat, 24 Aug 2019 22:42:18 GMT
ETag: "2606e-590e4a2926680-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b1740d0f01632800ec3a073af6be1894
ba3b3d24d0867491fcd9b87260aa7fbdef52112c
60519cdb3486269908cc4150a16615d1c7c8f26fe2b6f096a8a49005b4859619

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Apr 2023 15:14:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jO.ttf

216.58.207.227

200 OK

27 kB

URL GET HTTP/2
fonts.gstatic.com/s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jO.ttf
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT

File type
TrueType Font data, 17 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Digitized data copyright 2012-2016, The Mozilla Foundation and Telefonica S.A.Fira SansRegular4.\012- data
Size
27 kB (26757 bytes)
Hash
fc93bd727d46cf6d89dcd152f979eb56
23d68715ec48a76c69036c10048c1f8d21ea1083
9e9fa491fe6946d4c66db22d5d4db9bdfc604612eafa59cd2d4b542aee44a748

HTTP Headers

GET /s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jO.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hexupload.net
Connection: keep-alive
Referer: https://hexupload.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26757
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Apr 2023 09:39:17 GMT
expires: Thu, 18 Apr 2024 09:39:17 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Jul 2019 19:21:28 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 106540
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

hexupload.net/ds2/fonts/brandon_bld-webfont.woff2

185.125.171.207

200 OK

28 kB

URL GET HTTP/1.1
hexupload.net/ds2/fonts/brandon_bld-webfont.woff2
IP
185.125.171.207:443
ASN
#56655 TerraHost AS

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerLet's Encrypt
Subjecthexupload.net
FingerprintF6:90:48:6F:EB:36:14:E6:4F:AA:27:4D:12:B1:67:49:7E:43:81:51
ValidityTue, 18 Apr 2023 22:04:07 GMT - Mon, 17 Jul 2023 22:04:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 27472, version 1.0\012- data
Size
28 kB (27472 bytes)
Hash
1ab7e604f30f32e4e9b8249bd6978229
58fce3d2ff03bba9d1e458eeda5f785e948325f6
c56fd6b910ca93a3fb1875e35074b8ce8501c319ebaa0e8b7252f7e4a7023fe6

HTTP Headers

GET /ds2/fonts/brandon_bld-webfont.woff2 HTTP/1.1
Host: hexupload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://hexupload.net/ds2/css/style.min.css?v=0.04
Cookie: lang=english
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 20 Apr 2023 15:14:57 GMT
Content-Length: 27472
Connection: keep-alive
Last-Modified: Sat, 07 Sep 2019 21:56:34 GMT
ETag: "6b50-591fda0cb8880"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS

hexupload.net/ds2/fonts/brandon_med-webfont.woff2

185.125.171.207

200 OK

28 kB

URL GET HTTP/1.1
hexupload.net/ds2/fonts/brandon_med-webfont.woff2
IP
185.125.171.207:443
ASN
#56655 TerraHost AS

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerLet's Encrypt
Subjecthexupload.net
FingerprintF6:90:48:6F:EB:36:14:E6:4F:AA:27:4D:12:B1:67:49:7E:43:81:51
ValidityTue, 18 Apr 2023 22:04:07 GMT - Mon, 17 Jul 2023 22:04:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 27980, version 1.0\012- data
Size
28 kB (27980 bytes)
Hash
91b8eabbc9622e0d31a045defa81f7b6
55ef0046653a3f89e2823ebbe0f358efb9bf5b0e
8bedd3a9d3d20f71aa28c17e75c18ddc9a323b823275ae9bec6a1b673ea646f5

HTTP Headers

GET /ds2/fonts/brandon_med-webfont.woff2 HTTP/1.1
Host: hexupload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://hexupload.net/ds2/css/style.min.css?v=0.04
Cookie: lang=english
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 20 Apr 2023 15:14:57 GMT
Content-Length: 27980
Connection: keep-alive
Last-Modified: Sat, 07 Sep 2019 21:56:34 GMT
ETag: "6d4c-591fda0cb8880"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b1740d0f01632800ec3a073af6be1894
ba3b3d24d0867491fcd9b87260aa7fbdef52112c
60519cdb3486269908cc4150a16615d1c7c8f26fe2b6f096a8a49005b4859619

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Apr 2023 15:14:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

hexupload.net/ds2/fa/webfonts/fa-duotone-900.woff2

185.125.171.207

200 OK

166 kB

URL GET HTTP/1.1
hexupload.net/ds2/fa/webfonts/fa-duotone-900.woff2
IP
185.125.171.207:443
ASN
#56655 TerraHost AS

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerLet's Encrypt
Subjecthexupload.net
FingerprintF6:90:48:6F:EB:36:14:E6:4F:AA:27:4D:12:B1:67:49:7E:43:81:51
ValidityTue, 18 Apr 2023 22:04:07 GMT - Mon, 17 Jul 2023 22:04:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 165712, version 330.15859\012- data
Size
166 kB (165712 bytes)
Hash
76b9d9788f37e68cc80dbe9349de7c65
6b3ede5185b085cc696be94d6ff7d1a389a225ae
3477023d8b7129eb517abf377492a608f2469ae91405fa62974e6771751e04ae

HTTP Headers

GET /ds2/fa/webfonts/fa-duotone-900.woff2 HTTP/1.1
Host: hexupload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://hexupload.net/ds2/css/style.min.css?v=0.04
Cookie: lang=english
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 20 Apr 2023 15:14:57 GMT
Content-Length: 165712
Connection: keep-alive
Last-Modified: Sat, 24 Aug 2019 23:45:51 GMT
ETag: "28750-590e585d829c0"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS

push-sdk.com/f/sdk.js?z=711931

157.90.33.72

200 OK

14 kB

URL GET HTTP/2
push-sdk.com/f/sdk.js?z=711931
IP
157.90.33.72:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerLet's Encrypt
Subjectpush-sdk.com
FingerprintC6:96:15:05:9D:48:47:24:04:AB:D5:43:06:BF:25:5D:CF:69:77:76
ValidityWed, 22 Feb 2023 03:30:35 GMT - Tue, 23 May 2023 03:30:34 GMT

File type
Unicode text, UTF-8 text, with very long lines (52262), with no line terminators
Size
14 kB (14465 bytes)
Hash
463456e70913ddb66469f1497b19eb53
6aeafb28226f8eaf74492b30fb1f6d1814a73b7b
bbf417aa7fef5b057a7847c09cbf774c5761285622be5ac0813c60e0e8bb9f38

HTTP Headers

GET /f/sdk.js?z=711931 HTTP/1.1
Host: push-sdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hexupload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 20 Apr 2023 15:14:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 14465
content-encoding: gzip
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2

fonts.gstatic.com/s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jO.ttf

216.58.207.227

200 OK

27 kB

URL GET HTTP/2
fonts.gstatic.com/s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jO.ttf
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT

File type
TrueType Font data, 17 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Digitized data copyright 2012-2016, The Mozilla Foundation and Telefonica S.A.Fira SansRegular4.\012- data
Size
27 kB (26757 bytes)
Hash
fc93bd727d46cf6d89dcd152f979eb56
23d68715ec48a76c69036c10048c1f8d21ea1083
9e9fa491fe6946d4c66db22d5d4db9bdfc604612eafa59cd2d4b542aee44a748

HTTP Headers

GET /s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jO.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hexupload.net
Connection: keep-alive
Referer: https://hexupload.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26757
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Apr 2023 09:39:17 GMT
expires: Thu, 18 Apr 2024 09:39:17 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Jul 2019 19:21:28 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 106541
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

push-sdk.com/event?z=711931

157.90.33.72

200 OK

0 B

URL POST HTTP/2
push-sdk.com/event?z=711931
IP
157.90.33.72:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerLet's Encrypt
Subjectpush-sdk.com
FingerprintC6:96:15:05:9D:48:47:24:04:AB:D5:43:06:BF:25:5D:CF:69:77:76
ValidityWed, 22 Feb 2023 03:30:35 GMT - Tue, 23 May 2023 03:30:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /event?z=711931 HTTP/1.1
Host: push-sdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 82
Origin: https://hexupload.net
Connection: keep-alive
Referer: https://hexupload.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 20 Apr 2023 15:14:58 GMT
content-length: 0
access-control-allow-origin: https://hexupload.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
expires: Tue, 11 Jan 1994 00:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
X-Firefox-Spdy: h2

s10.histats.com/js15_as.js

46.105.201.240

200 OK

4.4 kB

URL GET HTTP/2
s10.histats.com/js15_as.js
IP
46.105.201.240:443
ASN
#16276 OVH SAS

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerLet's Encrypt
Subjecthistats.com
FingerprintF3:F6:9F:E3:A0:B3:22:C0:B2:93:4E:22:72:B6:D1:DA:40:BA:AE:9B
ValidityWed, 15 Mar 2023 12:20:28 GMT - Tue, 13 Jun 2023 12:20:27 GMT

File type
HTML document, ASCII text, with very long lines (11440), with no line terminators
Size
4.4 kB (4364 bytes)
Hash
ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1

HTTP Headers

GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hexupload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 20 Apr 2023 15:10:33 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 697860111
content-type: text/javascript
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2

hexupload.net/7fq86d6orkmq/favicon.ico

185.125.171.207

200 OK

16 kB

URL GET HTTP/1.1
hexupload.net/7fq86d6orkmq/favicon.ico
IP
185.125.171.207:443
ASN
#56655 TerraHost AS

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerLet's Encrypt
Subjecthexupload.net
FingerprintF6:90:48:6F:EB:36:14:E6:4F:AA:27:4D:12:B1:67:49:7E:43:81:51
ValidityTue, 18 Apr 2023 22:04:07 GMT - Mon, 17 Jul 2023 22:04:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
16 kB (16108 bytes)
Hash
318d35f019c255b87968a85cbe9bb608
5272782f9e85af0899bd8883412eed73723b7686
f0d34de71efefc1ab8b5845b8acda16eb38e562e08a0d1c596e1ce9e2418b9e0

HTTP Headers

GET /7fq86d6orkmq/favicon.ico HTTP/1.1
Host: hexupload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Cookie: lang=english; _ga_94BPVYM7D3=GS1.1.1682003860.1.0.1682003860.0.0.0; _ga=GA1.1.1721111135.1682003861
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 20 Apr 2023 15:14:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 19 Apr 2023 15:14:58 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS

ocsp.sectigo.com/

172.64.155.188

471 B

URL
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
cf449fa1b5c5db4756f412104db85c9c
904ae96be7a6ef7f89418faeb218667d20ab8746
1b131c2c739c764ff1f50708cdea76eb92b4b8b1c69b1b0d98c3bdfd5a8a5fdc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 20 Apr 2023 15:14:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 17 Apr 2023 19:28:25 GMT
Expires: Mon, 24 Apr 2023 19:28:24 GMT
Etag: "904ae96be7a6ef7f89418faeb218667d20ab8746"
Cache-Control: max-age=360205,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7bae570a7ef0b4fd-OSL

ocsp.sectigo.com/

172.64.155.188

471 B

URL
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
cf449fa1b5c5db4756f412104db85c9c
904ae96be7a6ef7f89418faeb218667d20ab8746
1b131c2c739c764ff1f50708cdea76eb92b4b8b1c69b1b0d98c3bdfd5a8a5fdc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 20 Apr 2023 15:14:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 17 Apr 2023 19:28:25 GMT
Expires: Mon, 24 Apr 2023 19:28:24 GMT
Etag: "904ae96be7a6ef7f89418faeb218667d20ab8746"
Cache-Control: max-age=360205,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7bae570a7d5cb50f-OSL

uidsync.net/sync?user_id=wZBDZDLHC9Yw6tiw1k3D5h

157.90.33.122

200 OK

0 B

URL GET HTTP/2
uidsync.net/sync?user_id=wZBDZDLHC9Yw6tiw1k3D5h
IP
157.90.33.122:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerSectigo Limited
Subjectuidsync.net
Fingerprint83:76:A7:AD:F8:0D:56:B6:75:67:25:9F:B5:63:33:F0:92:31:61:23
ValidityMon, 28 Nov 2022 00:00:00 GMT - Fri, 29 Dec 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /sync?user_id=wZBDZDLHC9Yw6tiw1k3D5h HTTP/1.1
Host: uidsync.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://hexupload.net/
Origin: https://hexupload.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Thu, 20 Apr 2023 15:14:58 GMT
access-control-allow-origin: https://hexupload.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
expires: Tue, 11 Jan 1994 00:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
X-Firefox-Spdy: h2

s4.histats.com/stats/0.php?4167218&@f16&@g1&@h1&@i1&@j1682003861264&@k0&@l1&@mDownload%20Splatoon%20(NSP)(e%20Shop)&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-60500972&@b3:1682003861&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fhexupload.net%2F7fq86d6orkmq%2FSplatoon_3_(NSP)(eShop).rar&@w

149.56.240.128

200 OK

52 B

URL GET HTTP/1.1
s4.histats.com/stats/0.php?4167218&@f16&@g1&@h1&@i1&@j1682003861264&@k0&@l1&@mDownload%20Splatoon%20(NSP)(e%20Shop)&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-60500972&@b3:1682003861&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fhexupload.net%2F7fq86d6orkmq%2FSplatoon_3_(NSP)(eShop).rar&@w
IP
149.56.240.128:443
ASN
#16276 OVH SAS

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerLet's Encrypt
Subjecthistats.com
FingerprintF3:F6:9F:E3:A0:B3:22:C0:B2:93:4E:22:72:B6:D1:DA:40:BA:AE:9B
ValidityWed, 15 Mar 2023 12:20:28 GMT - Tue, 13 Jun 2023 12:20:27 GMT

File type
ASCII text, with no line terminators
Size
52 B (52 bytes)
Hash
c7a3bc1883aaaa676bb9c2bc9f190f0f
e703fbce7f4e2bcb39412572ca137833df4e8b65
41026edbcaa1b313f7c9ebe930601ddd515e078176c19afe429a69c36aa4c041

HTTP Headers

GET /stats/0.php?4167218&@f16&@g1&@h1&@i1&@j1682003861264&@k0&@l1&@mDownload%20Splatoon%20(NSP)(e%20Shop)&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-60500972&@b3:1682003861&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fhexupload.net%2F7fq86d6orkmq%2FSplatoon_3_(NSP)(eShop).rar&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hexupload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 20 Apr 2023 15:14:58 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 52
Connection: close

uidsync.net/sync?user_id=wZBDZDLHC9Yw6tiw1k3D5h

157.90.33.122

200 OK

62 B

URL GET HTTP/2
uidsync.net/sync?user_id=wZBDZDLHC9Yw6tiw1k3D5h
IP
157.90.33.122:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerSectigo Limited
Subjectuidsync.net
Fingerprint83:76:A7:AD:F8:0D:56:B6:75:67:25:9F:B5:63:33:F0:92:31:61:23
ValidityMon, 28 Nov 2022 00:00:00 GMT - Fri, 29 Dec 2023 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
62 B (62 bytes)
Hash
604b508880263af7ab996e82f956c33d
ccc7f474d2295cada31216ff7c53a95c3af35b9d
743dc6c7c44866547da94a0f03d9ec4976a7a1cf5dc9a08b278fb4c294be18e3

HTTP Headers

GET /sync?user_id=wZBDZDLHC9Yw6tiw1k3D5h HTTP/1.1
Host: uidsync.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hexupload.net/
Content-Type: application/json
Origin: https://hexupload.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 20 Apr 2023 15:14:58 GMT
content-type: application/json; charset=utf-8
content-length: 62
access-control-allow-origin: https://hexupload.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
expires: Tue, 11 Jan 1994 00:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
set-cookie: rauid=wZBDZDLHC9Yw6tiw1k3D5h; expires=Fri, 19 Apr 2024 15:14:58 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/642b759ae8c/css/min-widget.css

172.67.38.66

200 OK

46 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/642b759ae8c/css/min-widget.css
IP
172.67.38.66:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:4B:FB:03:98:59:0F:8B:45:D7:D4:DE:64:32:09:3C:EA:B0:8B:53
ValiditySat, 28 May 2022 00:00:00 GMT - Sun, 28 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (24880), with no line terminators
Size
46 kB (46202 bytes)
Hash
7fb5e8e265e8c9455cc902bfa8ee33dd
101e563c3486cc4278fc8266dfa71276aa6b477a
e355c27bd12ebd7f71b6d0cbe444a15d43ba47c080fed0e616c78ab319172cdc

HTTP Headers

GET /_s/v4/app/642b759ae8c/css/min-widget.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 20 Apr 2023 15:15:00 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=24960
access-control-allow-origin: *
etag: W/"80df9814fe6b98404ccc1df3c455ceaa"
last-modified: Tue, 04 Apr 2023 00:57:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: HIT
cf-cache-status: HIT
age: 1345411
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bae57154965b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

151.101.65.229

200 OK

41 kB

URL GET HTTP/2
cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
IP
151.101.65.229:443
ASN
#54113 FASTLY

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

File type
ASCII text, with very long lines (32014)
Size
41 kB (41275 bytes)
Hash
fdd0a7a58b37d9f155cc7fa6b00200e0
1b3253a11da97aea90eed315a7169d23e8b373d8
e8823739e5e8b0492c9e444cbe0ed35489984efca1143a9f9ab23552a2dd45ca

HTTP Headers

GET /emojione/2.2.7/lib/js/emojione.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hexupload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
content-encoding: br
accept-ranges: bytes
date: Thu, 20 Apr 2023 15:15:00 GMT
age: 1426592
x-served-by: cache-fra-eddf8230136-FRA, cache-bma1650-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 41275
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/642b759ae8c/css/bubble-widget.css

172.67.38.66

200 OK

4.3 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/642b759ae8c/css/bubble-widget.css
IP
172.67.38.66:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:4B:FB:03:98:59:0F:8B:45:D7:D4:DE:64:32:09:3C:EA:B0:8B:53
ValiditySat, 28 May 2022 00:00:00 GMT - Sun, 28 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (13521), with no line terminators
Size
4.3 kB (4253 bytes)
Hash
b8712464bef40b0bb24c43fd672d9075
689634ba57e8322d8e78f3c96208384e270bcc68
dde1792091a1eeda6dd515757d721a042e13e64dbc19b431a50fa0873ed806c6

HTTP Headers

GET /_s/v4/app/642b759ae8c/css/bubble-widget.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 20 Apr 2023 15:15:00 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=13594
access-control-allow-origin: *
etag: W/"ce7913b80c763449b3895d46419f7a6b"
last-modified: Tue, 04 Apr 2023 00:57:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: HIT
cf-cache-status: HIT
age: 1345120
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bae571599d1b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/_s/v4/app/642b759ae8c/languages/en.js

172.67.38.66

200 OK

4.5 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/642b759ae8c/languages/en.js
IP
172.67.38.66:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:4B:FB:03:98:59:0F:8B:45:D7:D4:DE:64:32:09:3C:EA:B0:8B:53
ValiditySat, 28 May 2022 00:00:00 GMT - Sun, 28 May 2023 23:59:59 GMT

File type
ASCII text, with CRLF, LF line terminators
Size
4.5 kB (4487 bytes)
Hash
9d3c8a860d1d0bbb846c7629dbbcc4f5
41408727338b57bcec6dc4deadf9f6c2547b3b9b
8ad46e8922e50fc73f8c7ef7fa41b17f13771d5f052f92fcb70b86cc81c95abf

HTTP Headers

GET /_s/v4/app/642b759ae8c/languages/en.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Referer: https://hexupload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 20 Apr 2023 15:14:58 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"585ba00b2c167b90c210161454f843b5"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 1345410
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bae570e6820b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/_s/v4/app/642b759ae8c/css/message-preview.css

172.67.38.66

200 OK

38 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/642b759ae8c/css/message-preview.css
IP
172.67.38.66:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:4B:FB:03:98:59:0F:8B:45:D7:D4:DE:64:32:09:3C:EA:B0:8B:53
ValiditySat, 28 May 2022 00:00:00 GMT - Sun, 28 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (38135), with no line terminators
Size
38 kB (38135 bytes)
Hash
f1216623b93f4cee059c5617354220b2
57bde0e4098faebd89c3581167b761c0ac450edb
b959ad2221d60430f98667e34f19ac4830d2a4e82d086aafec1d1c92aaf1a9bc

HTTP Headers

GET /_s/v4/app/642b759ae8c/css/message-preview.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Apr 2023 15:15:00 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=38268
access-control-allow-origin: *
etag: W/"949ecc85ac578750ec9a03e5680f7b0e"
last-modified: Tue, 04 Apr 2023 00:57:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: HIT
cf-cache-status: HIT
age: 1345411
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bae5715b9ebb50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/_s/v4/app/642b759ae8c/css/max-widget.css

172.67.38.66

200 OK

76 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/642b759ae8c/css/max-widget.css
IP
172.67.38.66:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:4B:FB:03:98:59:0F:8B:45:D7:D4:DE:64:32:09:3C:EA:B0:8B:53
ValiditySat, 28 May 2022 00:00:00 GMT - Sun, 28 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
76 kB (75642 bytes)
Hash
bb5f3f8136ec2154b73c02604fe6bd01
7b63db15a7fd9e9eecf8d3aaeb1d5daf33e5b173
dc9b8766ba1ad9df5f06c2da364ce4736551d12b4f3878ff78f9fd8a4079ba41

HTTP Headers

GET /_s/v4/app/642b759ae8c/css/max-widget.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Apr 2023 15:15:00 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=75771
access-control-allow-origin: *
etag: W/"0158db159e8967dbda5865ed6b2e435d"
last-modified: Tue, 04 Apr 2023 00:57:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: HIT
cf-cache-status: HIT
age: 1345411
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bae5715b9f9b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

va.tawk.to/log-performance/v3

172.67.38.66

200 OK

5 B

URL POST HTTP/3
va.tawk.to/log-performance/v3
IP
172.67.38.66:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:4B:FB:03:98:59:0F:8B:45:D7:D4:DE:64:32:09:3C:EA:B0:8B:53
ValiditySat, 28 May 2022 00:00:00 GMT - Sun, 28 May 2023 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
5 B (5 bytes)
Hash
38a8a3e3b4b6a6e4f295b2e0f899b1f0
474f5fac3d23afbaf16c5a31c98dfcd956e4c186
7652c7891ed06bce4174ab00a6ee9721daf6a4286929213ecb7daf42cd866615

HTTP Headers

POST /log-performance/v3 HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hexupload.net/
Content-Type: application/json; charset=utf-8
Content-Length: 95
Origin: https://hexupload.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Apr 2023 15:15:00 GMT
content-type: text/html; charset=utf-8
x-served-by: visitor-application-preemptive-3j2g
access-control-allow-origin: https://hexupload.net
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bae571a1ff7b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-vendors.js

172.67.38.66

200 OK

211 kB

URL GET HTTP/2
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-vendors.js
IP
172.67.38.66:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:4B:FB:03:98:59:0F:8B:45:D7:D4:DE:64:32:09:3C:EA:B0:8B:53
ValiditySat, 28 May 2022 00:00:00 GMT - Sun, 28 May 2023 23:59:59 GMT

File type

Size
211 kB (211420 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /_s/v4/app/642b759ae8c/js/twk-chunk-vendors.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hexupload.net
Connection: keep-alive
Referer: https://hexupload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 20 Apr 2023 15:14:58 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"27a109773b0fdd12c9737166eb5719c2"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 243519
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bae570d19b0b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-main.js

172.67.38.66

200 OK

121 B

URL GET HTTP/2
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-main.js
IP
172.67.38.66:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:4B:FB:03:98:59:0F:8B:45:D7:D4:DE:64:32:09:3C:EA:B0:8B:53
ValiditySat, 28 May 2022 00:00:00 GMT - Sun, 28 May 2023 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
121 B (121 bytes)
Hash
3b41342f7e3be590563e8e3b5ff770c7
c9ca54d23ea78b320f080b76e22bb6b4e704d55f
ef04d89daeed55613a63a4af62c147ce86e4a7f22c8ce700dd6bdb11ab187e43

HTTP Headers

GET /_s/v4/app/642b759ae8c/js/twk-main.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hexupload.net
Connection: keep-alive
Referer: https://hexupload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 20 Apr 2023 15:14:58 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 1334799
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bae570d09a7b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-runtime.js

104.22.24.131

200 OK

2.3 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-runtime.js
IP
104.22.24.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:4B:FB:03:98:59:0F:8B:45:D7:D4:DE:64:32:09:3C:EA:B0:8B:53
ValiditySat, 28 May 2022 00:00:00 GMT - Sun, 28 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (2349), with no line terminators
Size
2.3 kB (2306 bytes)
Hash
8d3ced0b56bcac30ac462b815cdeebaa
57271fbe4fb8ea407f415ecdc6614a567bed6fc4
f53e05fd2b57660aa6539fdf6074fe8d4e020bd4d9ff0afba57f6d5d39fd6aea

HTTP Headers

GET /_s/v4/app/642b759ae8c/js/twk-runtime.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hexupload.net
Connection: keep-alive
Referer: https://hexupload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Apr 2023 15:14:58 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"cbcaf94cf2c68654c23d2fa971522e9e"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 1334799
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bae570d2a7db500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-696bc286.js

172.67.38.66

200 OK

17 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-696bc286.js
IP
172.67.38.66:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:4B:FB:03:98:59:0F:8B:45:D7:D4:DE:64:32:09:3C:EA:B0:8B:53
ValiditySat, 28 May 2022 00:00:00 GMT - Sun, 28 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (16814), with no line terminators
Size
17 kB (16814 bytes)
Hash
3fd68b27902043cbf7d50fa19809babb
c3cf7276b06a8232edf73734d91813d46cdfdb09
1017110c7ff8f11157f5189d5bf4921401b313563af4b250163628c4fc5f26d5

HTTP Headers

GET /_s/v4/app/642b759ae8c/js/twk-chunk-696bc286.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Referer: https://hexupload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Apr 2023 15:14:59 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"3fd68b27902043cbf7d50fa19809babb"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 1345411
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bae5714a882b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-f1596d96.js

172.67.38.66

200 OK

10 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-f1596d96.js
IP
172.67.38.66:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:4B:FB:03:98:59:0F:8B:45:D7:D4:DE:64:32:09:3C:EA:B0:8B:53
ValiditySat, 28 May 2022 00:00:00 GMT - Sun, 28 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (10469), with no line terminators
Size
10 kB (10469 bytes)
Hash
a902d29bb2d86f4de3feae8e697eed5a
87ddb488d60df982c5a55a15e62d59c1044c2ab0
7979ef8653d67f3fa9dd237e08a359371ae1f541e62ec2b135364a0969ca7f8f

HTTP Headers

GET /_s/v4/app/642b759ae8c/js/twk-chunk-f1596d96.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Referer: https://hexupload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Apr 2023 15:14:59 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"a902d29bb2d86f4de3feae8e697eed5a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 1345119
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bae5714a886b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-app.js

104.22.24.131

200 OK

151 B

URL GET HTTP/3
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-app.js
IP
104.22.24.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:4B:FB:03:98:59:0F:8B:45:D7:D4:DE:64:32:09:3C:EA:B0:8B:53
ValiditySat, 28 May 2022 00:00:00 GMT - Sun, 28 May 2023 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
151 B (151 bytes)
Hash
04a9862af6efaf787bc8fb8e99ba6987
a57bb8f258eb1a60dc3b288a608ad8ef9fbecef3
ecc74c329a700e3e6ca29aed5ffe3c166cf39670c8b11573fa7f837f79a71b5c

HTTP Headers

GET /_s/v4/app/642b759ae8c/js/twk-app.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hexupload.net
Connection: keep-alive
Referer: https://hexupload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Apr 2023 15:14:58 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 1334799
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bae570d3a96b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-2c78ba82.js

172.67.38.66

200 OK

7.1 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-2c78ba82.js
IP
172.67.38.66:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:4B:FB:03:98:59:0F:8B:45:D7:D4:DE:64:32:09:3C:EA:B0:8B:53
ValiditySat, 28 May 2022 00:00:00 GMT - Sun, 28 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (7672), with no line terminators
Size
7.1 kB (7068 bytes)
Hash
07edfe7c995ad4ca565536abad5e51b0
80655f9a2d723533f8aa078d0684129994413c4a
b097fab7910c102705d91197e16f1175fe039e6740e6f79693df820708139a1b

HTTP Headers

GET /_s/v4/app/642b759ae8c/js/twk-chunk-2c78ba82.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Referer: https://hexupload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Apr 2023 15:14:59 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"fac25ff2d2c405e1ac7e156dca1f819c"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 1345411
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bae5714a880b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

va.tawk.to/log-performance/v3

172.67.38.66

200 OK

0 B

URL OPTIONS HTTP/3
va.tawk.to/log-performance/v3
IP
172.67.38.66:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:4B:FB:03:98:59:0F:8B:45:D7:D4:DE:64:32:09:3C:EA:B0:8B:53
ValiditySat, 28 May 2022 00:00:00 GMT - Sun, 28 May 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /log-performance/v3 HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hexupload.net/
Origin: https://hexupload.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Apr 2023 15:15:00 GMT
x-served-by: visitor-application-preemptive-v05f
access-control-allow-origin: https://hexupload.net
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bae5718ee44b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-common.js

172.67.38.66

200 OK

197 kB

URL GET HTTP/2
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-common.js
IP
172.67.38.66:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:4B:FB:03:98:59:0F:8B:45:D7:D4:DE:64:32:09:3C:EA:B0:8B:53
ValiditySat, 28 May 2022 00:00:00 GMT - Sun, 28 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65466)
Size
197 kB (197429 bytes)
Hash
a9acef5db79df87d4a97ef0644902d48
e12501304cdddd5f1beee918c68284eadde212e7
cf838191c065eb8a98b4c32690462d2828259c796c95157a27cfcd3df9dc71ed

HTTP Headers

GET /_s/v4/app/642b759ae8c/js/twk-chunk-common.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hexupload.net
Connection: keep-alive
Referer: https://hexupload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 20 Apr 2023 15:14:58 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"a9acef5db79df87d4a97ef0644902d48"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 1334799
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bae570d19b2b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

va.tawk.to/v1/widget-settings?propertyId=5e7a460e69e9320caabc8ac2&widgetId=default&sv=undefined

104.22.24.131

200 OK

3.9 kB

URL GET HTTP/3
va.tawk.to/v1/widget-settings?propertyId=5e7a460e69e9320caabc8ac2&widgetId=default&sv=undefined
IP
104.22.24.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:4B:FB:03:98:59:0F:8B:45:D7:D4:DE:64:32:09:3C:EA:B0:8B:53
ValiditySat, 28 May 2022 00:00:00 GMT - Sun, 28 May 2023 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (4467), with no line terminators
Size
3.9 kB (3897 bytes)
Hash
331c8b012b74967203bc8caa78efe193
0aca6db914832180fd05fb341b53691f0c311112
ea86947f8d4920493e71e742f6f4a26ee4d878bdfe7d5d00bbc96d41bbb21adf

HTTP Headers

GET /v1/widget-settings?propertyId=5e7a460e69e9320caabc8ac2&widgetId=default&sv=undefined HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hexupload.net/
Origin: https://hexupload.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Apr 2023 15:14:58 GMT
content-type: application/json
x-served-by: visitor-application-preemptive-bj28
access-control-allow-origin: *
access-control-allow-methods: GET,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
cache-control: public, max-age=7200, s-maxage=1800
etag: W/"2-84-0"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 583
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bae570e2beeb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

vsb4.tawk.to/s/?k=644156f35625d7d34e81a202&cver=0&pop=false&asver=5669&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI1ZTdhNDYwZTY5ZTkzMjBjYWFiYzhhYzIiLCJ2aWQiOiI1ZTdhNDYwZTY5ZTkzMjBjYWFiYzhhYzItUWIyTlI0WlFqRlZJYmJpTjhpa2RtIiwic2lkIjoiNjQ0MTU2ZjM1NjI1ZDdkMzRlODFhMjAyIiwiaWF0IjoxNjgyMDAzNjk5LCJleHAiOjE2ODIwMDU0OTksImp0aSI6IlotT2JUSXpLN2NxanRLZGlocnVCVCJ9.4zhqOAaQrgsHPJr9EJZPIbEnS4hFfnmbfwM7xe1LmnckBWGshs2YqUSMgSH_fNesfgYOyLCRKk71JuBmLqyawQ&EIO=3&transport=websocket&__t=OUVFYOt

104.22.25.131

101 Switching Protocols

0 B

URL GET HTTP/1.1
vsb4.tawk.to/s/?k=644156f35625d7d34e81a202&cver=0&pop=false&asver=5669&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI1ZTdhNDYwZTY5ZTkzMjBjYWFiYzhhYzIiLCJ2aWQiOiI1ZTdhNDYwZTY5ZTkzMjBjYWFiYzhhYzItUWIyTlI0WlFqRlZJYmJpTjhpa2RtIiwic2lkIjoiNjQ0MTU2ZjM1NjI1ZDdkMzRlODFhMjAyIiwiaWF0IjoxNjgyMDAzNjk5LCJleHAiOjE2ODIwMDU0OTksImp0aSI6IlotT2JUSXpLN2NxanRLZGlocnVCVCJ9.4zhqOAaQrgsHPJr9EJZPIbEnS4hFfnmbfwM7xe1LmnckBWGshs2YqUSMgSH_fNesfgYOyLCRKk71JuBmLqyawQ&EIO=3&transport=websocket&__t=OUVFYOt
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:4B:FB:03:98:59:0F:8B:45:D7:D4:DE:64:32:09:3C:EA:B0:8B:53
ValiditySat, 28 May 2022 00:00:00 GMT - Sun, 28 May 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/?k=644156f35625d7d34e81a202&cver=0&pop=false&asver=5669&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI1ZTdhNDYwZTY5ZTkzMjBjYWFiYzhhYzIiLCJ2aWQiOiI1ZTdhNDYwZTY5ZTkzMjBjYWFiYzhhYzItUWIyTlI0WlFqRlZJYmJpTjhpa2RtIiwic2lkIjoiNjQ0MTU2ZjM1NjI1ZDdkMzRlODFhMjAyIiwiaWF0IjoxNjgyMDAzNjk5LCJleHAiOjE2ODIwMDU0OTksImp0aSI6IlotT2JUSXpLN2NxanRLZGlocnVCVCJ9.4zhqOAaQrgsHPJr9EJZPIbEnS4hFfnmbfwM7xe1LmnckBWGshs2YqUSMgSH_fNesfgYOyLCRKk71JuBmLqyawQ&EIO=3&transport=websocket&__t=OUVFYOt HTTP/1.1
Host: vsb4.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://hexupload.net
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JPY0iACyQykBrvRvG5vK4A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Thu, 20 Apr 2023 15:15:00 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: u1zFcJrBlWjJgZjcu7Fkp3XWALc=
sec-websocket-extensions: permessage-deflate
strict-transport-security: max-age=0; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 7bae571528fa1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-4fe9d5dd.js

172.67.38.66

200 OK

942 B

URL GET HTTP/3
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-4fe9d5dd.js
IP
172.67.38.66:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:4B:FB:03:98:59:0F:8B:45:D7:D4:DE:64:32:09:3C:EA:B0:8B:53
ValiditySat, 28 May 2022 00:00:00 GMT - Sun, 28 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (992), with no line terminators
Size
942 B (942 bytes)
Hash
6363f547762d97e2dad37d15550527e7
761e6ff070f211fa601c9d1be21658da20e95ce8
bf85cf3737bca26569763313dcadec3362aa4ec45de16247c0c18fb2c79fa969

HTTP Headers

GET /_s/v4/app/642b759ae8c/js/twk-chunk-4fe9d5dd.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Referer: https://hexupload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Apr 2023 15:14:59 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"5f434bdd806571a4e1b385bee9316ff6"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 1345411
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bae5714b89db50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/5e7a460e69e9320caabc8ac2/default

172.67.38.66

200 OK

2.1 kB

URL GET HTTP/2
embed.tawk.to/5e7a460e69e9320caabc8ac2/default
IP
172.67.38.66:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:4B:FB:03:98:59:0F:8B:45:D7:D4:DE:64:32:09:3C:EA:B0:8B:53
ValiditySat, 28 May 2022 00:00:00 GMT - Sun, 28 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (2308), with no line terminators
Size
2.1 kB (2121 bytes)
Hash
d9192afb4edf8bda074d52667393fcd4
d55e740f85b3845ab8b2e4e793b75191aca22a34
7228c3d6b773482f0f9cf9304a4236fb22f33efd68e8696f25649d9516c3144d

HTTP Headers

GET /5e7a460e69e9320caabc8ac2/default HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hexupload.net
Connection: keep-alive
Referer: https://hexupload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 20 Apr 2023 15:14:57 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-642b759ae8c"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 4715
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bae5706f965b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

va.tawk.to/v1/session/start

104.22.24.131

200 OK

0 B

URL OPTIONS HTTP/3
va.tawk.to/v1/session/start
IP
104.22.24.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:4B:FB:03:98:59:0F:8B:45:D7:D4:DE:64:32:09:3C:EA:B0:8B:53
ValiditySat, 28 May 2022 00:00:00 GMT - Sun, 28 May 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /v1/session/start HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hexupload.net/
Origin: https://hexupload.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Apr 2023 15:14:59 GMT
x-served-by: visitor-application-preemptive-zl9j
access-control-allow-origin: https://hexupload.net
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bae570e3c06b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

va.tawk.to/v1/session/start

172.67.38.66

200 OK

990 B

URL POST HTTP/3
va.tawk.to/v1/session/start
IP
172.67.38.66:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:4B:FB:03:98:59:0F:8B:45:D7:D4:DE:64:32:09:3C:EA:B0:8B:53
ValiditySat, 28 May 2022 00:00:00 GMT - Sun, 28 May 2023 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1074), with no line terminators
Size
990 B (990 bytes)
Hash
37c7126db7b705a50ac1828f2d384153
05e0f01b8fa53ae6786c26f744eb0a98fa2b4d59
dbed79611283d9b61801e16a6b22c8708aed7b3e7a3b707facc7ad7c50a68806

HTTP Headers

POST /v1/session/start HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hexupload.net/
Content-Type: application/json; charset=utf-8
Content-Length: 213
Origin: https://hexupload.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Apr 2023 15:14:59 GMT
content-type: application/json
x-served-by: visitor-application-preemptive-brf8
access-control-allow-origin: https://hexupload.net
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bae570f4987b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-48f46bef.js

172.67.38.66

200 OK

16 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-48f46bef.js
IP
172.67.38.66:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:4B:FB:03:98:59:0F:8B:45:D7:D4:DE:64:32:09:3C:EA:B0:8B:53
ValiditySat, 28 May 2022 00:00:00 GMT - Sun, 28 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (15846), with no line terminators
Size
16 kB (15846 bytes)
Hash
0d3d21546a441253c44a8c1d274a485a
721f9007bf8fb314d6c6506bf837dc6fe573e684
ce6eb52e07dc8dfb25e967feffbb8a20d4a4c9a31c99ab9a1b410253a3082a26

HTTP Headers

GET /_s/v4/app/642b759ae8c/js/twk-chunk-48f46bef.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Referer: https://hexupload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Apr 2023 15:14:59 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"0d3d21546a441253c44a8c1d274a485a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 1345411
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bae5714b88fb50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-vendor.js

172.67.38.66

200 OK

78 kB

URL GET HTTP/2
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-vendor.js
IP
172.67.38.66:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:4B:FB:03:98:59:0F:8B:45:D7:D4:DE:64:32:09:3C:EA:B0:8B:53
ValiditySat, 28 May 2022 00:00:00 GMT - Sun, 28 May 2023 23:59:59 GMT

File type

Size
78 kB (77752 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /_s/v4/app/642b759ae8c/js/twk-vendor.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hexupload.net
Connection: keep-alive
Referer: https://hexupload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 20 Apr 2023 15:14:58 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 1334799
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bae570d19abb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-2d0b9454.js

172.67.38.66

200 OK

546 B

URL GET HTTP/3
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-2d0b9454.js
IP
172.67.38.66:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:4B:FB:03:98:59:0F:8B:45:D7:D4:DE:64:32:09:3C:EA:B0:8B:53
ValiditySat, 28 May 2022 00:00:00 GMT - Sun, 28 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (568), with no line terminators
Size
546 B (546 bytes)
Hash
c1956a61d95d03bd8abc011c705c7d3b
a5b060fabc618729ee1a9ef49059995689d19f0c
f0525a8cf45170ef8b8a6d646d23d142c2fce17134a5800dd49893a5c5e781d2

HTTP Headers

GET /_s/v4/app/642b759ae8c/js/twk-chunk-2d0b9454.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Referer: https://hexupload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Apr 2023 15:14:59 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"09c3819d373bd4178a620d721429fada"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 1285272
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bae5714c8aab50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-f163fcd0.js

172.67.38.66

200 OK

11 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-f163fcd0.js
IP
172.67.38.66:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:4B:FB:03:98:59:0F:8B:45:D7:D4:DE:64:32:09:3C:EA:B0:8B:53
ValiditySat, 28 May 2022 00:00:00 GMT - Sun, 28 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (11056), with no line terminators
Size
11 kB (11056 bytes)
Hash
a92075fd9ac5ba130387a80453676099
4b5b13cf9479b8311d574356e53f8da74200c57a
544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de

HTTP Headers

GET /_s/v4/app/642b759ae8c/js/twk-chunk-f163fcd0.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Referer: https://hexupload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Apr 2023 15:14:59 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"a92075fd9ac5ba130387a80453676099"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 1345411
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bae5714c8b1b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-32507910.js

172.67.38.66

200 OK

74 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-32507910.js
IP
172.67.38.66:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexupload.net/7fq86d6orkmq/Splatoon_3_(NSP)(eShop).rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:4B:FB:03:98:59:0F:8B:45:D7:D4:DE:64:32:09:3C:EA:B0:8B:53
ValiditySat, 28 May 2022 00:00:00 GMT - Sun, 28 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
74 kB (74292 bytes)
Hash
89188756a8e20dbd2b0140c3c94ed26a
d40d9d3d3201e27e8fee34e48a6b57b4266b0618
023077d134c53a612af90efdbf65f7ae210b74cb3fd1148998efa4582d151978

HTTP Headers

GET /_s/v4/app/642b759ae8c/js/twk-chunk-32507910.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Referer: https://hexupload.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Apr 2023 15:14:59 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"89188756a8e20dbd2b0140c3c94ed26a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 1345410
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7bae5714c8afb50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (40)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML