dfiles.eu/ru/files/hof0emy2x
200 OK 7.4 kB URL User Request GET HTTP/1.1 dfiles.eu/ru/files/hof0emy2x
IP
Certificate IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (698), with CRLF, CR, LF line terminators
Hash 15d5f29e6723459a2e46096e52213b81
7e5c6cc4e29f7eb921c2dcf69a4de78af7b049bd
050271a55f3da701a00f360e0c30b137bb89123d6339549ba992e79491330104
GET /ru/files/hof0emy2x HTTP/1.1
Host: dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 28 May 2023 16:33:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: uprand=ea31abb0e4276a20dd163428446e064f; path=/; domain=.dfiles.eu
last_file=hof0emy2x; path=/; domain=.dfiles.eu
lang_current=ru; expires=Mon, 27-May-2024 16:33:43 GMT; Max-Age=31536000; path=/; domain=.dfiles.eu; secure
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
472 B IP
Hash 7dab4959b73106e9c3e554438411e252
3c67accef8029c644b263f937e528312a5587c51
eba66315abb8b400c8bd317cae435da5feba7d4d676706a2befa511ebd98413a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 16:33:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash bb494db5b5848c5e9833175a6e79f275
41f078137666d7c7312fcbbe7df7a26fb2237c33
86d97acae9b59a15104dfcab27a4d525f351caea4995ef305566b1ae558743e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 16:33:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-BL9163LYG1
200 OK 86 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-BL9163LYG1
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with very long lines (5048)
Hash b8941168ea00506e4050a2a7663f1cd0
c5055f617ffb04719cb920b00b66d1f1f59be357
874076e5119684e3108171f361d9e3a66e4410e3400d61753d7fe52fabcee768
GET /gtag/js?id=G-BL9163LYG1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 28 May 2023 16:33:43 GMT
expires: Sun, 28 May 2023 16:33:43 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85971
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js
200 OK 556 B URL GET HTTP/2 www.google.com/recaptcha/api.js
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint48:E3:15:66:FC:EA:15:BF:D2:34:C1:DD:60:D4:23:A3:63:57:89:8D
ValidityMon, 08 May 2023 08:25:18 GMT - Mon, 31 Jul 2023 08:25:17 GMT
File type ASCII text, with very long lines (850), with no line terminators
Hash df783ce1aff114831a54f9f75f41f66c
33148dcdac51d1a72787969900203bc0316ff82f
f75b96abf98a7f4874b54f268b85ba2b2fa261741afa891097537bcfa1e73fd3
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Sun, 28 May 2023 16:33:43 GMT
date: Sun, 28 May 2023 16:33:43 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 556
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.depositfiles.com/js/download_utils.js
200 OK 13 kB URL GET HTTP/1.1 static.depositfiles.com/js/download_utils.js
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint6E:B4:71:2B:B4:0C:D0:E6:37:CF:30:32:B8:6F:AE:4B:F2:9A:7A:E9
ValidityMon, 22 May 2023 07:33:10 GMT - Sun, 20 Aug 2023 07:33:09 GMT
File type ASCII text, with very long lines (2250)
Hash 90a706006bc709cdc974ff3e0e01b34f
89585d2c7cac44c9c03c118bbb38aefba1d8a1e4
16f1515b9938fc7de086c504fe214484d97e237647a5d7fa2cb742a93f00c1ea
GET /js/download_utils.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 28 May 2023 16:33:43 GMT
Content-Type: application/javascript
Content-Length: 13383
Last-Modified: Thu, 28 Apr 2022 10:40:27 GMT
Connection: keep-alive
ETag: "626a6f1b-3447"
Expires: Sun, 28 May 2023 16:38:43 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes
static.depositfiles.com/js/gold_offer.js
200 OK 9.9 kB URL GET HTTP/1.1 static.depositfiles.com/js/gold_offer.js
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint6E:B4:71:2B:B4:0C:D0:E6:37:CF:30:32:B8:6F:AE:4B:F2:9A:7A:E9
ValidityMon, 22 May 2023 07:33:10 GMT - Sun, 20 Aug 2023 07:33:09 GMT
File type HTML document text\012- HTML document, ASCII text
Hash 041bdbbe3ac15bc57b14933e164b55f8
790f921426d0b602424fb3077ca900af94b5ad9e
a86d8d81e5c254822628c578c40d2d62956ab3060632d1884b5080093365b97b
GET /js/gold_offer.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 28 May 2023 16:33:43 GMT
Content-Type: application/javascript
Content-Length: 9887
Last-Modified: Thu, 28 Apr 2022 10:40:27 GMT
Connection: keep-alive
ETag: "626a6f1b-269f"
Expires: Sun, 28 May 2023 16:38:43 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes
static.depositfiles.com/js/function.js
200 OK 35 kB URL GET HTTP/1.1 static.depositfiles.com/js/function.js
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint6E:B4:71:2B:B4:0C:D0:E6:37:CF:30:32:B8:6F:AE:4B:F2:9A:7A:E9
ValidityMon, 22 May 2023 07:33:10 GMT - Sun, 20 Aug 2023 07:33:09 GMT
File type ASCII text, with very long lines (4240)
Hash a5779d2f560cd50376dbba372b0fd15b
07b08e35b9254288c1372e37577db8b9e4da01b4
51d26403861d61a7842bc73f518d4a4351a7027c40c9f0347f61421226950b84
GET /js/function.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 28 May 2023 16:33:43 GMT
Content-Type: application/javascript
Content-Length: 34915
Last-Modified: Thu, 28 Apr 2022 10:40:27 GMT
Connection: keep-alive
ETag: "626a6f1b-8863"
Expires: Sun, 28 May 2023 16:38:43 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes
static.depositfiles.com/css/main.css
200 OK 47 kB URL GET HTTP/1.1 static.depositfiles.com/css/main.css
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint6E:B4:71:2B:B4:0C:D0:E6:37:CF:30:32:B8:6F:AE:4B:F2:9A:7A:E9
ValidityMon, 22 May 2023 07:33:10 GMT - Sun, 20 Aug 2023 07:33:09 GMT
File type ASCII text, with very long lines (332)
Hash af57443dfa4bc2d3299321923ae1c57f
d922badb0ed1d665302cf93268e9960d0a04c065
50d446eade67c33dc4dba74f2f2b7480b5021de5a98bfedc1f10ce5c35d966f3
GET /css/main.css HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 28 May 2023 16:33:43 GMT
Content-Type: text/css
Last-Modified: Thu, 28 Apr 2022 10:40:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"626a6f19-2f719"
Expires: Sun, 28 May 2023 16:38:43 GMT
Cache-Control: max-age=300
Content-Encoding: gzip
static.depositfiles.com/js/jquery.validate.js
200 OK 38 kB URL GET HTTP/1.1 static.depositfiles.com/js/jquery.validate.js
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint6E:B4:71:2B:B4:0C:D0:E6:37:CF:30:32:B8:6F:AE:4B:F2:9A:7A:E9
ValidityMon, 22 May 2023 07:33:10 GMT - Sun, 20 Aug 2023 07:33:09 GMT
File type Unicode text, UTF-8 text, with very long lines (1238)
Hash d5231b6378847ebdb55f64c77d5a234f
eed97aa0b2aa9486b6f6831ed8a85dc729ad6b9c
95434a8a2568a6481a1fbcf5808a75dd58e77348ed6d70b4f7aeda8842e8f0c7
GET /js/jquery.validate.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 28 May 2023 16:33:43 GMT
Content-Type: application/javascript
Content-Length: 38269
Last-Modified: Thu, 28 Apr 2022 10:40:27 GMT
Connection: keep-alive
ETag: "626a6f1b-957d"
Expires: Sun, 28 May 2023 16:38:43 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes
static.depositfiles.com/js/base2.js
200 OK 399 kB URL GET HTTP/1.1 static.depositfiles.com/js/base2.js
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint6E:B4:71:2B:B4:0C:D0:E6:37:CF:30:32:B8:6F:AE:4B:F2:9A:7A:E9
ValidityMon, 22 May 2023 07:33:10 GMT - Sun, 20 Aug 2023 07:33:09 GMT
File type Unicode text, UTF-8 text, with very long lines (65481)
Size 399 kB (398927 bytes)
Hash 2fcae8126c3fd9a626370a701f0bd887
f3496fb7bbe122a9774d7dcfcd68da03a24dc285
d29ab86f64b4fcfbc45b9ef806c147f1e42e37e37d44a559147232288063badc
GET /js/base2.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 28 May 2023 16:33:43 GMT
Content-Type: application/javascript
Content-Length: 398927
Last-Modified: Thu, 28 Apr 2022 10:40:27 GMT
Connection: keep-alive
ETag: "626a6f1b-6164f"
Expires: Sun, 28 May 2023 16:38:43 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
472 B IP
Hash 7dab4959b73106e9c3e554438411e252
3c67accef8029c644b263f937e528312a5587c51
eba66315abb8b400c8bd317cae435da5feba7d4d676706a2befa511ebd98413a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 16:33:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash 01306b55f5d6e6a8e1ff9411386a89a0
1c06c985114ad08023398fe3597371715cf6aa27
7d4df964819e827fdbd588784bff90bdb09b6938ca788e013144d1600e8ecc16
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 16:33:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pl16105218.highrevenuegate.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js
403 Forbidden 0 B URL GET HTTP/1.1 pl16105218.highrevenuegate.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subjecthighrevenuegate.com
FingerprintE3:83:9C:63:64:A5:46:F7:CE:7B:E1:4D:12:0F:29:C3:22:23:C0:14
ValidityTue, 02 May 2023 09:41:55 GMT - Mon, 31 Jul 2023 09:41:54 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js HTTP/1.1
Host: pl16105218.highrevenuegate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Sun, 28 May 2023 16:33:44 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
static.depositfiles.com/images/yes.png
200 OK 3.3 kB URL GET HTTP/1.1 static.depositfiles.com/images/yes.png
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint6E:B4:71:2B:B4:0C:D0:E6:37:CF:30:32:B8:6F:AE:4B:F2:9A:7A:E9
ValidityMon, 22 May 2023 07:33:10 GMT - Sun, 20 Aug 2023 07:33:09 GMT
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 3055b8489aeb385fb40b27f0bf0a5ae7
4cfbe45a0ba393ab8ad535cc04af30debef0a1ab
b325d6cb153b02050e59230e2abfb01e05f4bda708ad54bd8f6d9693fa9c2dac
GET /images/yes.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 28 May 2023 16:33:44 GMT
Content-Type: image/png
Content-Length: 3275
Last-Modified: Thu, 28 Apr 2022 10:40:27 GMT
Connection: keep-alive
ETag: "626a6f1b-ccb"
Accept-Ranges: bytes
static.depositfiles.com/images/no.png
200 OK 3.1 kB URL GET HTTP/1.1 static.depositfiles.com/images/no.png
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint6E:B4:71:2B:B4:0C:D0:E6:37:CF:30:32:B8:6F:AE:4B:F2:9A:7A:E9
ValidityMon, 22 May 2023 07:33:10 GMT - Sun, 20 Aug 2023 07:33:09 GMT
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 1724ae7b4437c460dafe40dfe9f96d41
8dc80d5b802f180254a8ee1bf1edf0b843205f1e
9b95b8f24b2b0808d611f4fd9bf5f3c548b352ae6100ab7b298b99a86905db79
GET /images/no.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 28 May 2023 16:33:44 GMT
Content-Type: image/png
Content-Length: 3146
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-c4a"
Accept-Ranges: bytes
static.depositfiles.com/images/speed_small_gold.gif
200 OK 14 kB URL GET HTTP/1.1 static.depositfiles.com/images/speed_small_gold.gif
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint6E:B4:71:2B:B4:0C:D0:E6:37:CF:30:32:B8:6F:AE:4B:F2:9A:7A:E9
ValidityMon, 22 May 2023 07:33:10 GMT - Sun, 20 Aug 2023 07:33:09 GMT
File type GIF image data, version 89a, 200 x 200\012- data
Hash c5f8f0e9ecd16637e267912376c24bed
324567a641d318ecfafe6374dfba86ccb2f90dd7
13678b229b6c4224bcb9578a2f29bc3686958f4bea73af7645eb39af4246e6a9
GET /images/speed_small_gold.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 28 May 2023 16:33:44 GMT
Content-Type: image/gif
Content-Length: 14492
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-389c"
Expires: Fri, 02 Jun 2023 16:33:44 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
static.depositfiles.com/images/speed_small.gif
200 OK 24 kB URL GET HTTP/1.1 static.depositfiles.com/images/speed_small.gif
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint6E:B4:71:2B:B4:0C:D0:E6:37:CF:30:32:B8:6F:AE:4B:F2:9A:7A:E9
ValidityMon, 22 May 2023 07:33:10 GMT - Sun, 20 Aug 2023 07:33:09 GMT
File type GIF image data, version 89a, 200 x 200\012- data
Hash 5cbc96bbb7230dd17ed38b5dd6e3271c
6ee1f0b9e29ac3e824cccd6e5135d51c8d3aaea1
01edcbb65e514def555b1e999d3a72f118f67e572f628293b91893b3758c6991
GET /images/speed_small.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 28 May 2023 16:33:44 GMT
Content-Type: image/gif
Content-Length: 23980
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-5dac"
Expires: Fri, 02 Jun 2023 16:33:44 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
static.depositfiles.com/images/logo.png
200 OK 3.6 kB URL GET HTTP/1.1 static.depositfiles.com/images/logo.png
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint6E:B4:71:2B:B4:0C:D0:E6:37:CF:30:32:B8:6F:AE:4B:F2:9A:7A:E9
ValidityMon, 22 May 2023 07:33:10 GMT - Sun, 20 Aug 2023 07:33:09 GMT
File type PNG image data, 176 x 43, 8-bit/color RGBA, non-interlaced\012- data
Hash c41fdd84b04e45a91cb17cfdeccb1b38
fec7fffe104c7e169aeb159032078c4b71ff2cdc
7f89eb8ab03684f4db282ca30eb231b1e254bca10c7b511950df5e0eab0a68a0
GET /images/logo.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 28 May 2023 16:33:44 GMT
Content-Type: image/png
Content-Length: 3623
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-e27"
Accept-Ranges: bytes
static.depositfiles.com/images/member_menu_bg.gif
200 OK 78 B URL GET HTTP/1.1 static.depositfiles.com/images/member_menu_bg.gif
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint6E:B4:71:2B:B4:0C:D0:E6:37:CF:30:32:B8:6F:AE:4B:F2:9A:7A:E9
ValidityMon, 22 May 2023 07:33:10 GMT - Sun, 20 Aug 2023 07:33:09 GMT
File type GIF image data, version 89a, 1 x 48\012- data
Hash 20a24b56dcedf6a71a71ebec771e1f7d
d7bed493d5d4eeaed5dbbf7d30d45107840790a0
6f57f29224d8e9e51ed0839e329055426fba7dcd97ef31e93ed495f93a6063df
GET /images/member_menu_bg.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 28 May 2023 16:33:44 GMT
Content-Type: image/gif
Content-Length: 78
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-4e"
Expires: Fri, 02 Jun 2023 16:33:44 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
static.depositfiles.com/images/sprite64.png
200 OK 29 kB URL GET HTTP/1.1 static.depositfiles.com/images/sprite64.png
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint6E:B4:71:2B:B4:0C:D0:E6:37:CF:30:32:B8:6F:AE:4B:F2:9A:7A:E9
ValidityMon, 22 May 2023 07:33:10 GMT - Sun, 20 Aug 2023 07:33:09 GMT
File type PNG image data, 64 x 1088, 8-bit/color RGBA, non-interlaced\012- data
Hash e50649ecf6a2094c25da755ea0ea7bd1
e1c3e229a62f049442fa16cf43ec07f384b27362
a9ed59ab3bbcfdf66224664aeb14fa0f0e8f034d8472a58dadcf65cfff17685d
GET /images/sprite64.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 28 May 2023 16:33:44 GMT
Content-Type: image/png
Content-Length: 28747
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-704b"
Accept-Ranges: bytes
static.depositfiles.com/images/upload_btn_bg.gif
200 OK 9.0 kB URL GET HTTP/1.1 static.depositfiles.com/images/upload_btn_bg.gif
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint6E:B4:71:2B:B4:0C:D0:E6:37:CF:30:32:B8:6F:AE:4B:F2:9A:7A:E9
ValidityMon, 22 May 2023 07:33:10 GMT - Sun, 20 Aug 2023 07:33:09 GMT
File type GIF image data, version 89a, 209 x 75\012- data
Hash 6f312f0f4ff138758bae76420f6efd78
b40a28f162140fedff9ee5ce0d687868b1f73d17
c667d75c7f916bf8b140b0e1f7ab0c996f76d4642faed85bd9fef3c738f0912b
GET /images/upload_btn_bg.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 28 May 2023 16:33:44 GMT
Content-Type: image/gif
Content-Length: 9010
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-2332"
Expires: Fri, 02 Jun 2023 16:33:44 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
static.depositfiles.com/images/flags/lang24.png
200 OK 9.2 kB URL GET HTTP/1.1 static.depositfiles.com/images/flags/lang24.png
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint6E:B4:71:2B:B4:0C:D0:E6:37:CF:30:32:B8:6F:AE:4B:F2:9A:7A:E9
ValidityMon, 22 May 2023 07:33:10 GMT - Sun, 20 Aug 2023 07:33:09 GMT
File type PNG image data, 24 x 552, 8-bit/color RGBA, non-interlaced\012- data
Hash efdcd1ca23d564ddd811f41152a2b83c
0b5aa064e7f8f241363c55fa17eb448f42a5f8df
ce23be242e34c5b420f8ba0390aef20fa50ffc69f700091029616eff524e8f9b
GET /images/flags/lang24.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 28 May 2023 16:33:44 GMT
Content-Type: image/png
Content-Length: 9172
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-23d4"
Accept-Ranges: bytes
static.depositfiles.com/images/sprite.png
200 OK 37 kB URL GET HTTP/1.1 static.depositfiles.com/images/sprite.png
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint6E:B4:71:2B:B4:0C:D0:E6:37:CF:30:32:B8:6F:AE:4B:F2:9A:7A:E9
ValidityMon, 22 May 2023 07:33:10 GMT - Sun, 20 Aug 2023 07:33:09 GMT
File type PNG image data, 102 x 630, 8-bit/color RGBA, non-interlaced\012- data
Hash 2333675d7e431d5313c6dbb5230a14cd
93c4032e5b8b85793a9cda7167804445d950dd96
b287134a60667ce8e2c3fa1603e3a8f2ffa59c64e746d026d1a13ef19f3f38a0
GET /images/sprite.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 28 May 2023 16:33:44 GMT
Content-Type: image/png
Content-Length: 36802
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-8fc2"
Accept-Ranges: bytes
static.depositfiles.com/images/sprite16.png
200 OK 28 kB URL GET HTTP/1.1 static.depositfiles.com/images/sprite16.png
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint6E:B4:71:2B:B4:0C:D0:E6:37:CF:30:32:B8:6F:AE:4B:F2:9A:7A:E9
ValidityMon, 22 May 2023 07:33:10 GMT - Sun, 20 Aug 2023 07:33:09 GMT
File type PNG image data, 32 x 1072, 8-bit/color RGBA, non-interlaced\012- data
Hash 2e86fe2d2c2650c5f4663f0fc135ebc1
ba86e14a9abcff0581eda84a307594ef1288b982
604187f8828381a47ae70249f55f21c78c53ab1401d20a5f2230a0d6c9ae50d1
GET /images/sprite16.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 28 May 2023 16:33:44 GMT
Content-Type: image/png
Content-Length: 28501
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-6f55"
Accept-Ranges: bytes
loader.unblockia.com/c/dfiles.eu/config.json
200 OK 47 kB URL GET HTTP/2 loader.unblockia.com/c/dfiles.eu/config.json
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerAmazon
Subject*.unblockia.com
FingerprintF2:6F:03:00:E3:4A:B1:87:3C:4D:28:BB:E6:CE:8F:F1:2A:6E:1B:5D
ValidityTue, 21 Feb 2023 00:00:00 GMT - Fri, 22 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (46747), with no line terminators
Hash f365c1e4619a90bbadadacf55598fe90
1623c939b72aecd3831e1da35e4c0a5229383e91
23e2e4d868bb2652b97e9e13d36df1dfeeba338d4e9c4d1d737fba6b2b2b2d52
GET /c/dfiles.eu/config.json HTTP/1.1
Host: loader.unblockia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 46747
last-modified: Fri, 12 May 2023 12:21:43 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 9pI8Ts97IpPXbRP2Kcl6CF4_Ph.rjMBr
accept-ranges: bytes
server: AmazonS3
date: Sun, 28 May 2023 07:06:06 GMT
etag: "f365c1e4619a90bbadadacf55598fe90"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: z-erv8pdZ2NAFvguYT8nh5GyuTQEZKgNxrWE5mScrJPjjDra9T8ZEw==
age: 34058
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
adsbb.dfiles.eu//ad.php?z=58&c=NO&g=gateway
303 See Other 0 B URL GET HTTP/1.1 adsbb.dfiles.eu//ad.php?z=58&c=NO&g=gateway
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET //ad.php?z=58&c=NO&g=gateway HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: uprand=ea31abb0e4276a20dd163428446e064f; last_file=hof0emy2x; lang_current=ru; _ga_BL9163LYG1=GS1.1.1685291623.1.0.1685291623.0.0.0; _ga=GA1.1.77600936.1685291624
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 303 See Other
Server: nginx
Date: Sun, 28 May 2023 16:33:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.30-0+deb8u1
Set-Cookie: _nf58=1; expires=Mon, 29-May-2023 16:33:44 GMT; Max-Age=86400
Location: /upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
adsbb.dfiles.eu//ad.php?z=56&c=NO
303 See Other 0 B URL GET HTTP/1.1 adsbb.dfiles.eu//ad.php?z=56&c=NO
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET //ad.php?z=56&c=NO HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: uprand=ea31abb0e4276a20dd163428446e064f; last_file=hof0emy2x; lang_current=ru; _ga_BL9163LYG1=GS1.1.1685291623.1.0.1685291623.0.0.0; _ga=GA1.1.77600936.1685291624
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 303 See Other
Server: nginx
Date: Sun, 28 May 2023 16:33:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.30-0+deb8u1
Set-Cookie: _nf56=1; expires=Mon, 29-May-2023 16:33:44 GMT; Max-Age=86400
Location: /upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
js.wpadmngr.com/static/adManager.js
200 OK 1.1 kB URL GET HTTP/2 js.wpadmngr.com/static/adManager.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subjectjs.wpadmngr.com
FingerprintA9:7C:F8:A4:B8:B3:E3:98:76:72:9E:0B:4A:FB:FB:39:D4:F4:54:3D
ValidityTue, 16 May 2023 02:02:19 GMT - Mon, 14 Aug 2023 02:02:18 GMT
File type gzip compressed data, from Unix\012- data
Hash 173960e88f7fa6036d9e16be1a1d9e13
ddf86bd329345db310be8998f0e39ba24c2d0131
1df5aa123631ad5e107bdc416fbfe641bbd02d441485d262d7fd2838f33e6cd7
GET /static/adManager.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 16:33:43 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Mon, 05 Dec 2022 13:37:26 GMT
etag: W/"638df416-4dd"
content-encoding: gzip
expires: Sun, 28 May 2023 16:38:43 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
js.wpshsdk.com/npc/sdk/wp-banners.js
200 OK 0 B URL GET HTTP/2 js.wpshsdk.com/npc/sdk/wp-banners.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subjectjs.wpshsdk.com
FingerprintC6:79:B3:47:76:9F:50:8D:16:89:5C:EF:0E:BB:24:99:45:66:B6:C2
ValidityFri, 26 May 2023 02:01:30 GMT - Thu, 24 Aug 2023 02:01:29 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 16:33:44 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Sun, 28 May 2023 16:38:44 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
adsbb.dfiles.eu/upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
200 OK 678 B URL GET HTTP/1.1 adsbb.dfiles.eu/upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 9f8ef1da3904a037ae113a32021b116a
9e577c4f9d427d5e1b18f49c4be2936f7590e0bd
c9a4399d37ea40752f054221e08232163f15d306baf84a8aa044d7d5855cdb45
GET /upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
DNT: 1
Connection: keep-alive
Cookie: uprand=ea31abb0e4276a20dd163428446e064f; last_file=hof0emy2x; lang_current=ru; _ga_BL9163LYG1=GS1.1.1685291623.1.0.1685291623.0.0.0; _ga=GA1.1.77600936.1685291624; _nf58=1; _nf56=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 28 May 2023 16:33:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Last-Modified: Sun, 28 May 2023 16:30:01 GMT
Content-Encoding: gzip
js.wpadmngr.com/static/adManager.m.js
200 OK 58 kB URL GET HTTP/2 js.wpadmngr.com/static/adManager.m.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subjectjs.wpadmngr.com
FingerprintA9:7C:F8:A4:B8:B3:E3:98:76:72:9E:0B:4A:FB:FB:39:D4:F4:54:3D
ValidityTue, 16 May 2023 02:02:19 GMT - Mon, 14 Aug 2023 02:02:18 GMT
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 3a9b44f1b81284f46a67706d8396bd4e
ef4e46530b90af4ce8cf19c4040cc316007c8141
63fc9e0b8d5286bb769e1f8b4dc45d5a5b012376ad8e355f70faddcd439e8a58
GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 28 May 2023 16:33:44 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 19 May 2023 08:16:51 GMT
etag: W/"64673073-26990"
content-encoding: gzip
expires: Sun, 28 May 2023 16:38:44 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
na.nawpush.com/tags/46445?version_name=a
200 OK 578 B URL GET HTTP/2 na.nawpush.com/tags/46445?version_name=a
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subjectna.nawpush.com
Fingerprint06:8A:2E:29:09:91:41:F0:6E:1C:15:DE:41:23:FB:9C:E4:5B:47:B0
ValidityMon, 03 Apr 2023 01:01:43 GMT - Sun, 02 Jul 2023 01:01:42 GMT
File type JSON data\012- , ASCII text, with very long lines (578), with no line terminators
Hash 48cf99226e98595889e80d389697c90c
6c6f7b9047532c20c72d68b246dafe3db8ca16b5
e81d3360bc9596b20a9ea1289549039c2b4d0350a4cd9122c1578605b56f7055
GET /tags/46445?version_name=a HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 16:33:44 GMT
content-type: application/json
content-length: 578
server: nginx/1.18.0
cache-control: max-age=300, public
x-proxy-cache: EXPIRED
access-control-allow-origin: *
X-Firefox-Spdy: h2
static.depositfiles.com/images/favicon.ico
200 OK 318 B URL GET HTTP/1.1 static.depositfiles.com/images/favicon.ico
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint6E:B4:71:2B:B4:0C:D0:E6:37:CF:30:32:B8:6F:AE:4B:F2:9A:7A:E9
ValidityMon, 22 May 2023 07:33:10 GMT - Sun, 20 Aug 2023 07:33:09 GMT
File type MS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel\012- data
Hash 0f0b975ee529197ec75780ebc2de5907
59688c6aafca5606e388ba9a44fc9dc25fc32cd3
28a0b52229f05b66354ca38b6b813d2281af3efb7e8b0a424ef8b4c68b9e583c
GET /images/favicon.ico HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 28 May 2023 16:33:44 GMT
Content-Type: image/x-icon
Content-Length: 318
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-13e"
Accept-Ranges: bytes
ip2geo.pubfuture-ad.com/detail
200 OK 33 B URL GET HTTP/2 ip2geo.pubfuture-ad.com/detail
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA4:70:A9:B9:AC:49:1E:53:23:43:41:25:CD:10:7C:01:2E:87:01:01
ValidityTue, 07 Feb 2023 00:00:00 GMT - Tue, 06 Feb 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 007af5ffed017e37943df31888ef8666
2877ed4c460ba9164b3625e32502a9d83a2a1d4a
bfb9d45766b6f87ee2c5f55862cdffe168aa7df0ff6ed0917b0fbcb035fdcdd2
GET /detail HTTP/1.1
Host: ip2geo.pubfuture-ad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 16:33:44 GMT
content-type: application/json; charset=utf-8
content-length: 33
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
access-control-allow-origin: *
etag: W/"21-KHftTEYLqRZLNiXjJQKp2DoqHUo"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1LNrGOtD%2BBNoL0Seu3dOB2YZ6w3QHJT1UNTLYBXbdnPMI49P31qVh8OeMbsX4HKgBa8TEl4W%2Bi54Lby74Aw83EDvEL2ZknmNzFjo6D%2FU7Wmmyu3uEj5MIEQo9pVoTzuTPqjLPoTSVgr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce7e6ad78aeb50b-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash bb63f1caaf551e76a88f326c8db516ce
513533cccfb522767abf37082518f766adc3c070
cfe2e32528181d9ff75d3946d789811d6d2c71e153c39aa72c0a586b922ebeb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 16:33:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
200 OK 166 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (660)
Size 166 kB (166449 bytes)
Hash 95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981
GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 May 2023 23:49:29 GMT
expires: Tue, 21 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 492256
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
85 kB URL adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
IP
Certificate IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT
File type Unicode text, UTF-8 text, with very long lines (65168)
Hash b04a3bccd23ddeb7982143707a63ccf9
4a5dc1389aad050a44ee5e81408238a317ab3413
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=ea31abb0e4276a20dd163428446e064f; last_file=hof0emy2x; lang_current=ru; _ga_BL9163LYG1=GS1.1.1685291623.1.0.1685291623.0.0.0; _ga=GA1.1.77600936.1685291624; _nf58=1; _nf56=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 28 May 2023 16:33:45 GMT
Content-Type: application/javascript
Content-Length: 85260
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
472 B IP
Hash e75b43e8a7beaf5ded692008749eb5b0
5f96a142b29fc6ca88b33a9cb5c2c5b4b95b8635
a100d74db29961c793a7254e52dd854c8f85761876369b45073d911be95bab3a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 16:33:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
85 kB URL adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
IP
Certificate IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT
File type Unicode text, UTF-8 text, with very long lines (65168)
Hash b04a3bccd23ddeb7982143707a63ccf9
4a5dc1389aad050a44ee5e81408238a317ab3413
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=ea31abb0e4276a20dd163428446e064f; last_file=hof0emy2x; lang_current=ru; _ga_BL9163LYG1=GS1.1.1685291623.1.0.1685291623.0.0.0; _ga=GA1.1.77600936.1685291624; _nf58=1; _nf56=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 28 May 2023 16:33:45 GMT
Content-Type: application/javascript
Content-Length: 85260
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes
adsbb.dfiles.eu/view.gif?c=2685&z=56&b=2758&u=64738189ac3c35661873977168275
43 B URL adsbb.dfiles.eu/view.gif?c=2685&z=56&b=2758&u=64738189ac3c35661873977168275
IP
Certificate IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /view.gif?c=2685&z=56&b=2758&u=64738189ac3c35661873977168275 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=ea31abb0e4276a20dd163428446e064f; last_file=hof0emy2x; lang_current=ru; _ga_BL9163LYG1=GS1.1.1685291623.1.0.1685291623.0.0.0; _ga=GA1.1.77600936.1685291624; _nf58=1; _nf56=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 28 May 2023 16:33:45 GMT
Content-Type: image/gif
Content-Length: 43
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes
adsbb.dfiles.eu/view.gif?c=2973&z=58&b=2775&u=64738189b72d1822778564395804
43 B URL adsbb.dfiles.eu/view.gif?c=2973&z=58&b=2775&u=64738189b72d1822778564395804
IP
Certificate IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /view.gif?c=2973&z=58&b=2775&u=64738189b72d1822778564395804 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=ea31abb0e4276a20dd163428446e064f; last_file=hof0emy2x; lang_current=ru; _ga_BL9163LYG1=GS1.1.1685291623.1.0.1685291623.0.0.0; _ga=GA1.1.77600936.1685291624; _nf58=1; _nf56=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 28 May 2023 16:33:45 GMT
Content-Type: image/gif
Content-Length: 43
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes
c.mgid.com/pv/?pv=5&cbuster=1685291624945945776520&lct=1684800000&jsv=es6&iframe=1&ref=https%3A%2F%2Fdfiles.eu%2Fru%2Ffiles%2Fhof0emy2x&cxurl=https%3A%2F%2Fdfiles.eu%2Fru%2Ffiles%2Fhof0emy2x&lu=https%3A%2F%2Fdfiles.eu%2Fru%2Ffiles%2Fhof0emy2x&sessionId=64738269-0b54b&pageView=1&pvid=188633569f3bb02fdf9&site=437&implVersion=11&dpr=1&tfre=424
0 B URL c.mgid.com/pv/?pv=5&cbuster=1685291624945945776520&lct=1684800000&jsv=es6&iframe=1&ref=https%3A%2F%2Fdfiles.eu%2Fru%2Ffiles%2Fhof0emy2x&cxurl=https%3A%2F%2Fdfiles.eu%2Fru%2Ffiles%2Fhof0emy2x&lu=https%3A%2F%2Fdfiles.eu%2Fru%2Ffiles%2Fhof0emy2x&sessionId=64738269-0b54b&pageView=1&pvid=188633569f3bb02fdf9&site=437&implVersion=11&dpr=1&tfre=424
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pv/?pv=5&cbuster=1685291624945945776520&lct=1684800000&jsv=es6&iframe=1&ref=https%3A%2F%2Fdfiles.eu%2Fru%2Ffiles%2Fhof0emy2x&cxurl=https%3A%2F%2Fdfiles.eu%2Fru%2Ffiles%2Fhof0emy2x&lu=https%3A%2F%2Fdfiles.eu%2Fru%2Ffiles%2Fhof0emy2x&sessionId=64738269-0b54b&pageView=1&pvid=188633569f3bb02fdf9&site=437&implVersion=11&dpr=1&tfre=424 HTTP/1.1
Host: c.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adsbb.dfiles.eu/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=nxBVmGpTfzt62jSQ7Whl8GsDXdvLuSpmrB863Dw3JBc-1685291624-0-AQaN7MfDuw1nl8Z20tW8ynbUEh4sYQ9Cg1q/G3nz2jXivXuCKFiCNulqd843XsR9D4W3HlA5wWFT7Hq94SuGP+o=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 28 May 2023 16:33:45 GMT
content-length: 0
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7ce7e6b1fd86b521-OSL
alt-svc: h3=":443"; ma=86400
cdn.unblockia.com/autopromos/unicef3.jpg?unblockia=true
200 OK 54 kB URL GET HTTP/2 cdn.unblockia.com/autopromos/unicef3.jpg?unblockia=true
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerAmazon
Subject*.unblockia.com
FingerprintF2:6F:03:00:E3:4A:B1:87:3C:4D:28:BB:E6:CE:8F:F1:2A:6E:1B:5D
ValidityTue, 21 Feb 2023 00:00:00 GMT - Fri, 22 Mar 2024 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 160x600, components 3\012- data
Hash 5dcf47442fc7fbb8d0263bbf4869537e
2c8232ac93448bbc06b5464f1839a5cdb2ed3e07
81804a1b2b20350ec009ba6429a4f58124c16ca30683af0af255544cd98c8fa6
GET /autopromos/unicef3.jpg?unblockia=true HTTP/1.1
Host: cdn.unblockia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 54292
last-modified: Tue, 12 Apr 2022 08:41:27 GMT
x-amz-version-id: iA22.ytP0i4dmuIhnc0eyNVgJlt2K4fl
accept-ranges: bytes
server: AmazonS3
date: Sun, 28 May 2023 03:38:10 GMT
etag: "5dcf47442fc7fbb8d0263bbf4869537e"
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YKVWccG9rD_l97kRyHbKGYAl6SROEKAUhEEHB_yF4qpjzqB1_6G-cg==
age: 46536
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
cdn.unblockia.com/autopromos/unicef2.jpg?unblockia=true
200 OK 37 kB URL GET HTTP/2 cdn.unblockia.com/autopromos/unicef2.jpg?unblockia=true
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerAmazon
Subject*.unblockia.com
FingerprintF2:6F:03:00:E3:4A:B1:87:3C:4D:28:BB:E6:CE:8F:F1:2A:6E:1B:5D
ValidityTue, 21 Feb 2023 00:00:00 GMT - Fri, 22 Mar 2024 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 728x90, components 3\012- data
Hash 58fbb6ffe72ac0c1aa468de39ee18e13
d25230f1ef89aecc6048b0ceb09dd0af609ee7b6
e8ff7f3a8926e5b5497d2ab7a1bf47c5655e287a51045f11846f426ac6c7d180
GET /autopromos/unicef2.jpg?unblockia=true HTTP/1.1
Host: cdn.unblockia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 36773
last-modified: Tue, 12 Apr 2022 08:41:28 GMT
x-amz-version-id: xUurxjfnscsyJn430NFsrgfbabIFowSl
accept-ranges: bytes
server: AmazonS3
date: Sun, 28 May 2023 03:10:24 GMT
etag: "58fbb6ffe72ac0c1aa468de39ee18e13"
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RNg1Sg-plQvF_tmDXBZcxc2Oriovt6NdkkoBcCv7pvAfUnYbIcfMuA==
age: 56732
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
t.unblockia.com/?sid=140&o=3&b=2&p=1&t=1
200 OK 0 B URL POST HTTP/2 t.unblockia.com/?sid=140&o=3&b=2&p=1&t=1
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerAmazon
Subject*.unblockia.com
FingerprintF2:6F:03:00:E3:4A:B1:87:3C:4D:28:BB:E6:CE:8F:F1:2A:6E:1B:5D
ValidityTue, 21 Feb 2023 00:00:00 GMT - Fri, 22 Mar 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?sid=140&o=3&b=2&p=1&t=1 HTTP/1.1
Host: t.unblockia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
content-type: application/json
content-length: 0
server: nginx/1.20.0
date: Sun, 28 May 2023 16:33:45 GMT
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zZQX6ECS4gpjPuff95b5jKBOEV9zHW1BLQOFGiJPOHS9gEqZxfyrqw==
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
notification.tubecup.net/tags?tag_id=46445&timezone_olson=UTC&version_name=a
204 No Content 0 B URL GET HTTP/2 notification.tubecup.net/tags?tag_id=46445&timezone_olson=UTC&version_name=a
IP
ASN #24940 Hetzner Online GmbH
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subjectnotification.tubecup.net
FingerprintC3:3A:0A:7D:9C:4B:21:97:39:A7:AD:B8:87:47:F1:35:32:D9:84:53
ValidityFri, 28 Apr 2023 11:39:09 GMT - Thu, 27 Jul 2023 11:39:08 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tags?tag_id=46445&timezone_olson=UTC&version_name=a HTTP/1.1
Host: notification.tubecup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx/1.18.0
date: Sun, 28 May 2023 16:33:45 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
fp.metricswpsh.com/fp?tag_id=46445
204 No Content 0 B URL OPTIONS HTTP/1.1 fp.metricswpsh.com/fp?tag_id=46445
IP
ASN #24940 Hetzner Online GmbH
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subjectnotification.tubecup.net
FingerprintC3:3A:0A:7D:9C:4B:21:97:39:A7:AD:B8:87:47:F1:35:32:D9:84:53
ValidityFri, 28 Apr 2023 11:39:09 GMT - Thu, 27 Jul 2023 11:39:08 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=46445 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Sun, 28 May 2023 16:33:45 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://dfiles.eu
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
c.mgid.com/widget-ssp-performance?time=51
43 B URL c.mgid.com/widget-ssp-performance?time=51
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /widget-ssp-performance?time=51 HTTP/1.1
Host: c.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Cookie: __cf_bm=nxBVmGpTfzt62jSQ7Whl8GsDXdvLuSpmrB863Dw3JBc-1685291624-0-AQaN7MfDuw1nl8Z20tW8ynbUEh4sYQ9Cg1q/G3nz2jXivXuCKFiCNulqd843XsR9D4W3HlA5wWFT7Hq94SuGP+o=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 28 May 2023 16:33:45 GMT
content-type: image/gif
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7ce7e6b29e57b521-OSL
alt-svc: h3=":443"; ma=86400
fp.metricswpsh.com/fp?tag_id=46445
204 No Content 27 B URL OPTIONS HTTP/1.1 fp.metricswpsh.com/fp?tag_id=46445
IP
ASN #24940 Hetzner Online GmbH
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subjectnotification.tubecup.net
FingerprintC3:3A:0A:7D:9C:4B:21:97:39:A7:AD:B8:87:47:F1:35:32:D9:84:53
ValidityFri, 28 Apr 2023 11:39:09 GMT - Thu, 27 Jul 2023 11:39:08 GMT
File type JSON data\012- , ASCII text
Hash c4bea7951aaa542768f63f72d171ff83
7f57b3ce5d3a9bb0a15c32b34745b0214710e185
d4fbb24457a99cbf28127e8a416979ca0f2ab97c64a59b8d38760c40d4934756
POST /fp?tag_id=46445 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 23165
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 28 May 2023 16:33:45 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 27
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://dfiles.eu
Set-Cookie: id=12037205136818929367; Expires=Mon, 27 May 2024 16:33:45 GMT; Secure; SameSite=None
Vary: Origin
ocsp.r2m02.amazontrust.com/
471 B URL ocsp.r2m02.amazontrust.com/
IP
Hash 3322a1867c5704976f98033af8b4803c
439523c2d4516b958c4448d684060984caf1a744
0457b4d4baf0f1bc4927c41754077fdc0b90451b1732498598d51b17fcbfdd2e
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Sun, 28 May 2023 16:33:46 GMT
Last-Modified: Sun, 28 May 2023 15:00:45 GMT
Server: ECAcc (nya/7946)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: KLaMsoRcRqtwEbbMe2KqPz8J6dn1fric84-w1lRodtyZ-PgzwcaXeg==
Age: 5582
ocsp.r2m02.amazontrust.com/
471 B URL ocsp.r2m02.amazontrust.com/
IP
Hash 3322a1867c5704976f98033af8b4803c
439523c2d4516b958c4448d684060984caf1a744
0457b4d4baf0f1bc4927c41754077fdc0b90451b1732498598d51b17fcbfdd2e
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Sun, 28 May 2023 16:33:46 GMT
Last-Modified: Sun, 28 May 2023 15:00:32 GMT
Server: ECAcc (dcb/7339)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: uodwHAi7AJbDzNQc3048aLcgMtSBoN8QpBKZQrNN-cE-Jrz-O8LLig==
Age: 5594
ocsp.pki.goog/gts1c3
472 B IP
Hash 4195d3f97e59fc4f34d523d0195d8d0b
244cd9dd441c530c8e03405819eb759e95f25cb0
1fc6101023c68883ddf2cb7eb133e96a3e3cf96d7657223e38621f9fc9a7653d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 16:33:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash 5eb2d0db01496946784367a1c6a22c28
2d0a58aa819ca13f208af62e0c21996bd123de9f
8c16e79ed32ccf5baf793a07ad6128fa85ea0f0877da7da7145ae6a33e811a1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 May 2023 16:33:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.prplads.com/load.js?publisherId=64df4768ef6a3d343387f03963cc6d27:a3fc5ba00d8a1e88f69e3c15e8e8c501507f1b2063b64e48a97000a1c4480fda350894047ca3535d3ce8fc5253d0214840300a723dc6ecae38a57d550d5ed683
200 OK 12 kB URL GET HTTP/2 cdn.prplads.com/load.js?publisherId=64df4768ef6a3d343387f03963cc6d27:a3fc5ba00d8a1e88f69e3c15e8e8c501507f1b2063b64e48a97000a1c4480fda350894047ca3535d3ce8fc5253d0214840300a723dc6ecae38a57d550d5ed683
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerGoogle Trust Services LLC
Subjectprplads.com
Fingerprint44:46:5A:F0:A0:B0:25:70:06:3F:E4:EB:02:D5:A2:67:7A:E3:7D:0E
ValidityWed, 19 Apr 2023 12:34:16 GMT - Tue, 18 Jul 2023 12:34:15 GMT
File type Unicode text, UTF-8 text, with very long lines (44009), with no line terminators
Hash e7f2069322ec42bbceeeb82aa038ad97
ff19fb5f2a8acaaa6e5690ac8a4a18d4e3a96239
e925958da62482fd49a37dde6b3d8b2429ab1a7f7d531ab0c15e3fe112f464ef
GET /load.js?publisherId=64df4768ef6a3d343387f03963cc6d27:a3fc5ba00d8a1e88f69e3c15e8e8c501507f1b2063b64e48a97000a1c4480fda350894047ca3535d3ce8fc5253d0214840300a723dc6ecae38a57d550d5ed683 HTTP/1.1
Host: cdn.prplads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 16:33:45 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"103f53a915d53d541a023f9c8352e84c"
last-modified: Wed, 03 May 2023 17:14:59 GMT
x-amz-id-2: c0BBo0bTVFeShG8i+7lo2b2VE/UirvGjsaEwxq/wwMJ6ns1s3aKZvOG0lzRnXyQ2PtAWUDAre3c=
x-amz-request-id: VF6G331VR5CZSWHS
cache-control: max-age=86400
cf-cache-status: HIT
age: 7017
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FgdcRBK8MvK54lVRIly%2FD18kYojb5vQWXqgLQgEQdqcMhtRXImIQl6o%2B8uXBf3bQ%2BtYXz2C4lLcADq5Y7qqQSt%2FJWVPU6BrMKq9blW0TQsf4Mv34U6NT9515WwXVz8GX2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce7e6b48d9fb4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
api.purpleads.io/x/v2/f?pid=7e15bb629d214677bd3c5758c79bca15&ts=1685291625418
200 OK 2.3 kB URL GET HTTP/2 api.purpleads.io/x/v2/f?pid=7e15bb629d214677bd3c5758c79bca15&ts=1685291625418
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerAmazon
Subject*.purpleads.io
Fingerprint2C:07:41:61:C9:75:ED:6A:72:5B:30:CE:B3:18:1C:47:DB:07:BF:D4
ValidityFri, 24 Feb 2023 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (2889), with no line terminators
Hash a96e539c125567eeaff4d65c2ff659c9
65bf4468543a22fb4854fc817a89e8d312059e7d
58874599db09e5ee0abe4c23528a1e62b7e4388a0917005a666bbaabe39801d0
GET /x/v2/f?pid=7e15bb629d214677bd3c5758c79bca15&ts=1685291625418 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Content-Type: application/json
x-purpleads-version: 2.0.2
x-request-url: aHR0cHM6Ly9kZmlsZXMuZXUvcnUvZmlsZXMvaG9mMGVteTJ4
Authorization: Bearer 64df4768ef6a3d343387f03963cc6d27:a3fc5ba00d8a1e88f69e3c15e8e8c501507f1b2063b64e48a97000a1c4480fda350894047ca3535d3ce8fc5253d0214840300a723dc6ecae38a57d550d5ed683
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 28 May 2023 16:33:46 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dfiles.eu
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
set-cookie: pa-user-id=ac3c776f-6042-4153-b096-c7588a73277b; Domain=.purpleads.io; Path=/
pa-user-id: ac3c776f-6042-4153-b096-c7588a73277b
etag: W/"b49-Zb9EaFQ6IvtIVPyBeono0xIFnn0"
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
200 OK 24 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 May 2023 04:04:41 GMT
expires: Fri, 24 May 2024 04:04:41 GMT
cache-control: public, max-age=31536000
age: 304146
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
script.4dex.io/adagio.js
23 kB IP
File type ASCII text, with very long lines (65354)
Hash c56b6332dacf72f135afcd153ae22448
78efc5939cc29a3e9ca16fadfbd26e7057fd27fd
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 28 May 2023 16:33:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Vary: Origin, Accept-Encoding
Access-Control-Expose-Headers:
CF-Cache-Status: HIT
Age: 474115
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fH%2F0y%2F%2BOov1jHl%2BbbfJDf5gO4PMhVwjmhQxGB%2Bt%2FugAGD2QWzm7PheIeh0x2Q%2Fs4%2BSjxe83YKLIQs%2BuZaxSkRT888%2BR64Uy%2F5OZqvfyjYW96p8KaBY0MArtSEOYMpuZr"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ce7e6c13aa4b503-OSL
Content-Encoding: br
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
1.5 kB URL ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
Hash 1eafa673a6f311918f472d2571cf341b
c9aeea106b5c679e6efcf96d8f73c16b00381b75
8129acfc1f0c458587a83e37b7d0a01b80ce49cf30d46eb7ae0a90774bb8c264
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 28 May 2023 16:33:47 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "BB4659F80D1E50BB04CBDEAB77364810D5B843D4"
Expires: Mon, 29 May 2023 03:00:00 GMT
Last-Modified: Sun, 28 May 2023 15:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2140
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ce7e6c16e361bfa-OSL
ocsp.globalsign.com/gseccovsslca2018
938 B URL ocsp.globalsign.com/gseccovsslca2018
IP
Hash dff7b9cf1d31a9079d683be440928540
68203d1909b5ee0f6cca2b728ffce300a4174b5d
7ae4d7bc5b92472dc9ee74f49b573713f52da740cb75342557a46a54e1c2e8dd
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 28 May 2023 16:33:47 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Thu, 01 Jun 2023 14:43:58 GMT
ETag: "68203d1909b5ee0f6cca2b728ffce300a4174b5d"
Last-Modified: Sun, 28 May 2023 14:43:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 505
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ce7e6c17e860b39-OSL
prebid.a-mo.net/a/c
0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1301
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://dfiles.eu
cache-control: max-age=0, private, must-revalidate
date: Sun, 28 May 2023 16:33:46 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato&display=swap
200 OK 354 B URL GET HTTP/3 fonts.googleapis.com/css?family=Lato&display=swap
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
Hash ea1a6fa59a6e95be4b1d23b7e4532600
e07c931f2fdd33d7fe5fd679638d58a17efe1f25
f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c
GET /css?family=Lato&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 28 May 2023 16:33:47 GMT
date: Sun, 28 May 2023 16:33:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
onetag-sys.com/prebid-request
41 B URL onetag-sys.com/prebid-request
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash c6a1847e6d7bb4295ecdae2664affb5d
b332217021c4a707f950ebc9294cda83cb2eb77f
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1241
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://dfiles.eu
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
bs.yandex.ru/metadsp/2360912?imp-id=1&target-ref=dfiles.eu&ssp-id=10500
0 B URL bs.yandex.ru/metadsp/2360912?imp-id=1&target-ref=dfiles.eu&ssp-id=10500
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /metadsp/2360912?imp-id=1&target-ref=dfiles.eu&ssp-id=10500 HTTP/1.1
Host: bs.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 197
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
content-length: 0
timing-allow-origin: *
uniformat: true
date: Sun, 28 May 2023 16:33:47 GMT
access-control-allow-origin: https://dfiles.eu
set-cookie: yabs-vdrf=A0; domain=an.yandex.ru; path=/; expires=Sun, 04-Jun-2023 16:33:47 GMT
access-control-allow-credentials: true
pragma: no-cache
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
expires: Sun, 28 May 2023 16:33:47 GMT
last-modified: Sun, 28 May 2023 16:33:47 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
200 OK 24 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 May 2023 04:04:41 GMT
expires: Fri, 24 May 2024 04:04:41 GMT
cache-control: public, max-age=31536000
age: 304149
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
images.outbrainimg.com/transform/v3/eyJpdSI6IjdmNGE2NGJhZjQ0Yzc0ZjBkYjEyMTBmMzlhZWI1MjViODViYjE3MTY0ZTk2MWI3M2U2ZjkzMzdiZmVjMGE2MGIiLCJ3IjoxODAsImgiOjE2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
200 OK 9.7 kB URL GET HTTP/2 images.outbrainimg.com/transform/v3/eyJpdSI6IjdmNGE2NGJhZjQ0Yzc0ZjBkYjEyMTBmMzlhZWI1MjViODViYjE3MTY0ZTk2MWI3M2U2ZjkzMzdiZmVjMGE2MGIiLCJ3IjoxODAsImgiOjE2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerDigiCert Inc
Subject*.outbrainimg.com
Fingerprint4F:05:15:71:93:78:ED:64:53:30:81:ED:DA:9C:FE:4F:7B:F9:41:BE
ValidityThu, 02 Mar 2023 00:00:00 GMT - Sat, 02 Mar 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 270x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8420fb003842cc873ea157141d3188de
b6e0a5e647a1b419c7f6d301948d11b86503638c
893e8ab3f5b03e8ac78a7a7a031f2098005125774d498bf0c2d410122406197f
GET /transform/v3/eyJpdSI6IjdmNGE2NGJhZjQ0Yzc0ZjBkYjEyMTBmMzlhZWI1MjViODViYjE3MTY0ZTk2MWI3M2U2ZjkzMzdiZmVjMGE2MGIiLCJ3IjoxODAsImgiOjE2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp HTTP/1.1
Host: images.outbrainimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/webp
content-length: 9654
last-modified: Sat, 29 Apr 2023 11:42:57 GMT
x-traceid: 5f8d3b7162cafe8972b5479c8fdddb3a
cache-control: max-age=1437637
date: Sun, 28 May 2023 16:33:50 GMT
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
timing-allow-origin: *, *
X-Firefox-Spdy: h2
api.purpleads.io/x/a/0a28d5d02214ff2a481e2a62d01d4d50:8a9cbcb7e4f160ebe820055bdbc68a81cb47957882f3cc63881e4be141d25ce0bc98181c8fdd4c9fe5dfb7a3212cc2dd45c057e2a1b89fab38be054d67e0c829b0789527dd9d16730381289c53c8f86024bebc45ecb9e062adb260ea3c58e9c6/i?id=68f98497-a2b7-4b92-aa23-ef5a4f73da86
204 No Content 0 B URL GET HTTP/2 api.purpleads.io/x/a/0a28d5d02214ff2a481e2a62d01d4d50:8a9cbcb7e4f160ebe820055bdbc68a81cb47957882f3cc63881e4be141d25ce0bc98181c8fdd4c9fe5dfb7a3212cc2dd45c057e2a1b89fab38be054d67e0c829b0789527dd9d16730381289c53c8f86024bebc45ecb9e062adb260ea3c58e9c6/i?id=68f98497-a2b7-4b92-aa23-ef5a4f73da86
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerAmazon
Subject*.purpleads.io
Fingerprint2C:07:41:61:C9:75:ED:6A:72:5B:30:CE:B3:18:1C:47:DB:07:BF:D4
ValidityFri, 24 Feb 2023 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/a/0a28d5d02214ff2a481e2a62d01d4d50:8a9cbcb7e4f160ebe820055bdbc68a81cb47957882f3cc63881e4be141d25ce0bc98181c8fdd4c9fe5dfb7a3212cc2dd45c057e2a1b89fab38be054d67e0c829b0789527dd9d16730381289c53c8f86024bebc45ecb9e062adb260ea3c58e9c6/i?id=68f98497-a2b7-4b92-aa23-ef5a4f73da86 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sun, 28 May 2023 16:33:50 GMT
access-control-allow-origin: api.purpleads.io
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
X-Firefox-Spdy: h2
log.outbrainimg.com/loggerServices/log-viewability?requestId=ded2c0fb4f627391ebbe4297597d5092&position=0
200 OK 4 B URL GET HTTP/1.1 log.outbrainimg.com/loggerServices/log-viewability?requestId=ded2c0fb4f627391ebbe4297597d5092&position=0
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerDigiCert Inc
Subject*.outbrainimg.com
Fingerprint20:D2:F0:B3:C3:92:99:66:27:4F:78:12:57:9F:4D:C0:BF:9A:8F:C4
ValidityTue, 14 Mar 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
GET /loggerServices/log-viewability?requestId=ded2c0fb4f627391ebbe4297597d5092&position=0 HTTP/1.1
Host: log.outbrainimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 28 May 2023 16:33:50 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 4
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
X-TraceId: cd85916357e9e8369701ccaac5ece6f4
log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=ded2c0fb4f627391ebbe4297597d5092&pvId=ded2c0fb4f627391ebbe4297597d5092&sid=10054537&pid=45718&idx=0&wId=140&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent
200 OK 4 B URL GET HTTP/1.1 log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=ded2c0fb4f627391ebbe4297597d5092&pvId=ded2c0fb4f627391ebbe4297597d5092&sid=10054537&pid=45718&idx=0&wId=140&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerDigiCert Inc
Subject*.outbrainimg.com
Fingerprint20:D2:F0:B3:C3:92:99:66:27:4F:78:12:57:9F:4D:C0:BF:9A:8F:C4
ValidityTue, 14 Mar 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
GET /loggerServices/widgetGlobalEvent?rId=ded2c0fb4f627391ebbe4297597d5092&pvId=ded2c0fb4f627391ebbe4297597d5092&sid=10054537&pid=45718&idx=0&wId=140&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent HTTP/1.1
Host: log.outbrainimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 28 May 2023 16:33:50 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 4
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
X-TraceId: b1bd6d0baa74b218d15fb91c2ce478b0
cdn.pubfuture-ad.com/v2/unit/pt.js
200 OK 6.6 kB URL GET HTTP/2 cdn.pubfuture-ad.com/v2/unit/pt.js
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA4:70:A9:B9:AC:49:1E:53:23:43:41:25:CD:10:7C:01:2E:87:01:01
ValidityTue, 07 Feb 2023 00:00:00 GMT - Tue, 06 Feb 2024 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (6778), with no line terminators
Hash 0111fa8d579e88268584595c79ad05d8
557bd8adf0625893e0ede25162f2cee913ae702c
0e2968fc4d954021c6a483bf6195122c7934c97b6bc495e2c46e4382b2ee0ae4
GET /v2/unit/pt.js HTTP/1.1
Host: cdn.pubfuture-ad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 16:33:43 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=172800
cf-bgj: minify
access-control-allow-origin: *
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
etag: W/"19d4-fKxMfwaT/pKWztkbnqHGCyR1YAs"
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
cf-cache-status: HIT
age: 103392
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1QggL9qmpG7xijaH%2BSPB99Ny4JmsThVGuLPoJCTwgA3cce9lhCx5ydKsInAAVtUH%2BTPCaT66Ld2PXgn2BhmQOkm3mdpaWXOGHRFG5S0EkLEc1Sz27idwP%2Bz9rO%2BzoUBm2wkEUuc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce7e6a808830b49-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.unblockia.com/h.js
200 OK 166 kB IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerAmazon
Subject*.unblockia.com
FingerprintF2:6F:03:00:E3:4A:B1:87:3C:4D:28:BB:E6:CE:8F:F1:2A:6E:1B:5D
ValidityTue, 21 Feb 2023 00:00:00 GMT - Fri, 22 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 166 kB (166192 bytes)
Hash 3d75dc8f7c4000ccdac0fff2f09d78a8
9008e9830c5f3a690cbb6cc94ddb34b59fc12677
203af4ee7878df10c428ce6599c619695219f48681b832ef3f856abdd299b8e8
GET /h.js HTTP/1.1
Host: cdn.unblockia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Mon, 22 May 2023 09:17:35 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-content-sha256: 3b11cd91ab382736a9ba8e63029f318e3177aa77903aa4fa093a80765fac8c07
x-amz-version-id: gKayxwShEzJAnBjNaPvAM9Fj3A2ZU3Kt
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:987257285531:build/unblockia-loader-codebuild-project:6a48fce0-eba0-40cc-8a72-49f5d7d1abde
x-amz-meta-codebuild-content-md5: 60511405d11f9acd0880a4539ae338cb
server: AmazonS3
content-encoding: gzip
date: Sun, 28 May 2023 02:31:48 GMT
etag: W/"3d75dc8f7c4000ccdac0fff2f09d78a8"
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YL_K8Pm-wdRHhEdgdcwz5mOOzyBpHA65oy8lsZlWNNGdrg1kti1SOA==
age: 70534
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
js.wpshsdk.com/npc/sdk/push.m.js?v=1
200 OK 67 kB URL GET HTTP/2 js.wpshsdk.com/npc/sdk/push.m.js?v=1
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subjectjs.wpshsdk.com
FingerprintC6:79:B3:47:76:9F:50:8D:16:89:5C:EF:0E:BB:24:99:45:66:B6:C2
ValidityFri, 26 May 2023 02:01:30 GMT - Thu, 24 Aug 2023 02:01:29 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npc/sdk/push.m.js?v=1 HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 16:33:45 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 25 May 2023 11:16:50 GMT
etag: W/"646f43a2-10599"
content-encoding: gzip
expires: Sun, 28 May 2023 16:38:45 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.pubfuture-ad.com/v2/config/645b13aa2bbd92003f72bf8a?v=6&d=b3RoZXJz&ip=OTEuOTAuNDIuMTU0&c=&cc=Tk8=&s=ZGZpbGVzLmV1L3J1L2ZpbGVzL2hvZjBlbXkyeA==
200 OK 466 B URL GET HTTP/2 cdn.pubfuture-ad.com/v2/config/645b13aa2bbd92003f72bf8a?v=6&d=b3RoZXJz&ip=OTEuOTAuNDIuMTU0&c=&cc=Tk8=&s=ZGZpbGVzLmV1L3J1L2ZpbGVzL2hvZjBlbXkyeA==
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA4:70:A9:B9:AC:49:1E:53:23:43:41:25:CD:10:7C:01:2E:87:01:01
ValidityTue, 07 Feb 2023 00:00:00 GMT - Tue, 06 Feb 2024 23:59:59 GMT
File type HTML document text\012- troff or preprocessor input, ASCII text, with very long lines (506), with no line terminators
Hash 46d6a279ed0c6af60678f0a09c202f89
4e0160faaa294fc142665fe766c6e7dd456e410e
fcffad7fd6d1eb1fdcc362a4392ea8302c836108d3f004a97611b0fedb7bf83e
GET /v2/config/645b13aa2bbd92003f72bf8a?v=6&d=b3RoZXJz&ip=OTEuOTAuNDIuMTU0&c=&cc=Tk8=&s=ZGZpbGVzLmV1L3J1L2ZpbGVzL2hvZjBlbXkyeA== HTTP/1.1
Host: cdn.pubfuture-ad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 16:33:45 GMT
content-type: application/json; charset=utf-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
access-control-allow-origin: *
etag: W/"1d2-3F/O2YfTCSHzwaBOO6iIIw6CFEY"
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGoGVjvsMNnH5D47JKAuf%2BObrtw%2FLVhS4OIU3V9bpq0JgeELX4ydVqWvKy9hz6YmEtPHXbmtHa%2FmlPfivDV7QC2XKXpCJ0%2FijlsE%2Bu5d2e%2Fv3%2FJUo1Fj4Ofg552J9tCNSTXGszbz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce7e6b309f4b50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
api.purpleads.io/x/v2/f?pid=7e15bb629d214677bd3c5758c79bca15&demand=unifiedPb&ts=1685291627680
200 OK 0 B URL OPTIONS HTTP/2 api.purpleads.io/x/v2/f?pid=7e15bb629d214677bd3c5758c79bca15&demand=unifiedPb&ts=1685291627680
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerAmazon
Subject*.purpleads.io
Fingerprint2C:07:41:61:C9:75:ED:6A:72:5B:30:CE:B3:18:1C:47:DB:07:BF:D4
ValidityFri, 24 Feb 2023 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /x/v2/f?pid=7e15bb629d214677bd3c5758c79bca15&demand=unifiedPb&ts=1685291627680 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 16:33:48 GMT
access-control-allow-origin: https://dfiles.eu
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
access-control-allow-headers: authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-max-age: 86400
X-Firefox-Spdy: h2
api.purpleads.io/x/v2/f?pid=7e15bb629d214677bd3c5758c79bca15&demand=unifiedPb&ts=1685291627680
200 OK 1.4 kB URL GET HTTP/2 api.purpleads.io/x/v2/f?pid=7e15bb629d214677bd3c5758c79bca15&demand=unifiedPb&ts=1685291627680
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerAmazon
Subject*.purpleads.io
Fingerprint2C:07:41:61:C9:75:ED:6A:72:5B:30:CE:B3:18:1C:47:DB:07:BF:D4
ValidityFri, 24 Feb 2023 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (1467), with no line terminators
Hash 2d46e8a31e8b5cc4c045fe58fee7bcf8
914f6fbaa9029f7d1c4576fd3cfca9b3bb9a0392
28ec46fa80602021fe2b5774d0f984bfba51e19fa7179e7fd02ba4e666928dc0
GET /x/v2/f?pid=7e15bb629d214677bd3c5758c79bca15&demand=unifiedPb&ts=1685291627680 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Content-Type: application/json
x-purpleads-version: 2.0.2
x-request-url: aHR0cHM6Ly9kZmlsZXMuZXUvcnUvZmlsZXMvaG9mMGVteTJ4
Authorization: Bearer 64df4768ef6a3d343387f03963cc6d27:a3fc5ba00d8a1e88f69e3c15e8e8c501507f1b2063b64e48a97000a1c4480fda350894047ca3535d3ce8fc5253d0214840300a723dc6ecae38a57d550d5ed683
pa-user-id: ac3c776f-6042-4153-b096-c7588a73277b
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 16:33:48 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dfiles.eu
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
etag: W/"583-E9Q7Vl08+NOvS5vfJlxIZvSqu9c"
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
b6e5ef2d8a.8b7abaa862.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxODI5MTU5OTYxNDEyMDMxNTAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjQ5LjAiLCJ0YWdfaWQiOjQ2NDQ1LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjozLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjEuMTUsImlzX3YyIjoxLCJpc192Ml9lbXB0eSI6MCwidXNlcl9rZXl3b3JkcyI6IkRlcG9zaXRGaWxlcyUyQ0RlcG9zaXRGaWxlcyUyQ3Byb3ZpZGVzJTJDeW91JTJDd2l0aCUyQ2ElMkNsZWdpdGltYXRlJTJDdGVjaG5pY2FsJTJDc29sdXRpb24lMkN3aGljaCUyQ2VuYWJsZXMlMkN5b3UlMkN0byUyQ3VwbG9hZCUyQ3N0b3JlJTJDYWNjZXNzJTJDYW5kJTJDZG93bmxvYWQlMkN0ZXh0JTJDc29mdHdhcmUlMkMlMkNzY3JpcHRzJTJDaW1hZ2VzJTJDc291bmRzJTJDdmlkZW9zJTJDYW5pbWF0aW9ucyUyQ2FuZCUyQ2FueSUyQ290aGVyJTJDbWF0ZXJpYWxzJTJDaW4lMkNmb3JtJTJDb2YlMkNvbmUlMkNvciUyQ3NldmVyYWwlMkNlbGVjdHJvbmljJTJDZmlsZXMuIn0=
200 OK 0 B URL GET HTTP/2 b6e5ef2d8a.8b7abaa862.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxODI5MTU5OTYxNDEyMDMxNTAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjQ5LjAiLCJ0YWdfaWQiOjQ2NDQ1LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjozLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjEuMTUsImlzX3YyIjoxLCJpc192Ml9lbXB0eSI6MCwidXNlcl9rZXl3b3JkcyI6IkRlcG9zaXRGaWxlcyUyQ0RlcG9zaXRGaWxlcyUyQ3Byb3ZpZGVzJTJDeW91JTJDd2l0aCUyQ2ElMkNsZWdpdGltYXRlJTJDdGVjaG5pY2FsJTJDc29sdXRpb24lMkN3aGljaCUyQ2VuYWJsZXMlMkN5b3UlMkN0byUyQ3VwbG9hZCUyQ3N0b3JlJTJDYWNjZXNzJTJDYW5kJTJDZG93bmxvYWQlMkN0ZXh0JTJDc29mdHdhcmUlMkMlMkNzY3JpcHRzJTJDaW1hZ2VzJTJDc291bmRzJTJDdmlkZW9zJTJDYW5pbWF0aW9ucyUyQ2FuZCUyQ2FueSUyQ290aGVyJTJDbWF0ZXJpYWxzJTJDaW4lMkNmb3JtJTJDb2YlMkNvbmUlMkNvciUyQ3NldmVyYWwlMkNlbGVjdHJvbmljJTJDZmlsZXMuIn0=
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subjectb6e5ef2d8a.8b7abaa862.com
Fingerprint9A:E0:52:BE:BE:3E:4C:F8:91:D3:92:F6:CE:FD:3F:20:4D:0B:EF:AE
ValidityThu, 25 May 2023 02:50:29 GMT - Wed, 23 Aug 2023 02:50:28 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxODI5MTU5OTYxNDEyMDMxNTAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjQ5LjAiLCJ0YWdfaWQiOjQ2NDQ1LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjozLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjEuMTUsImlzX3YyIjoxLCJpc192Ml9lbXB0eSI6MCwidXNlcl9rZXl3b3JkcyI6IkRlcG9zaXRGaWxlcyUyQ0RlcG9zaXRGaWxlcyUyQ3Byb3ZpZGVzJTJDeW91JTJDd2l0aCUyQ2ElMkNsZWdpdGltYXRlJTJDdGVjaG5pY2FsJTJDc29sdXRpb24lMkN3aGljaCUyQ2VuYWJsZXMlMkN5b3UlMkN0byUyQ3VwbG9hZCUyQ3N0b3JlJTJDYWNjZXNzJTJDYW5kJTJDZG93bmxvYWQlMkN0ZXh0JTJDc29mdHdhcmUlMkMlMkNzY3JpcHRzJTJDaW1hZ2VzJTJDc291bmRzJTJDdmlkZW9zJTJDYW5pbWF0aW9ucyUyQ2FuZCUyQ2FueSUyQ290aGVyJTJDbWF0ZXJpYWxzJTJDaW4lMkNmb3JtJTJDb2YlMkNvbmUlMkNvciUyQ3NldmVyYWwlMkNlbGVjdHJvbmljJTJDZmlsZXMuIn0= HTTP/1.1
Host: b6e5ef2d8a.8b7abaa862.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 28 May 2023 16:33:45 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
ntvpwpush.com/dl/cookies
200 OK 620 B IP
ASN #24940 Hetzner Online GmbH
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subjectnotification.tubecup.net
FingerprintC3:3A:0A:7D:9C:4B:21:97:39:A7:AD:B8:87:47:F1:35:32:D9:84:53
ValidityFri, 28 Apr 2023 11:39:09 GMT - Thu, 27 Jul 2023 11:39:08 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (656), with no line terminators
Hash 0f28ac8b62710210d8c20200cb32caf2
e5cf4c2df4e48eff5fe877531dd3f12351c0c37d
2e6743f06e4cc09ff077b579b75511eaaf5ccf370f70fd2075d74725bf5b872c
GET /dl/cookies HTTP/1.1
Host: ntvpwpush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 28 May 2023 16:33:45 GMT
content-type: text/html
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
200 OK 1.4 kB URL GET HTTP/1.1 adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
IP
Requested by https://dfiles.eu/ru/files/hof0emy2x
Certificate IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1476), with no line terminators
Hash b48b338d653a1d8aeab0f9fc93e016ad
946a8555901f302c2a1dffe62221973ac32401c0
5d3724ee29516c2e3799947127ad94ecce0c6182ce938ad31cda509ce9d27d0b
GET /upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
DNT: 1
Connection: keep-alive
Cookie: uprand=ea31abb0e4276a20dd163428446e064f; last_file=hof0emy2x; lang_current=ru; _ga_BL9163LYG1=GS1.1.1685291623.1.0.1685291623.0.0.0; _ga=GA1.1.77600936.1685291624; _nf58=1; _nf56=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 28 May 2023 16:33:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Last-Modified: Sun, 28 May 2023 16:30:01 GMT
Content-Encoding: gzip
91.226.124.76
104.26.8.169
2.18.173.172
168.119.25.102
104.19.135.78
93.158.134.90
147.75.84.158
51.38.120.206