Report - depositfiles.com/files/7saf9opey

Report Overview

Submitted URL
depositfiles.com/files/7saf9opey
IP
91.226.124.80
ASN
#35415 Webzilla B.V.
Submitted
2023-05-24 09:33:15
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
30

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
bs.yandex.ru	35988	1997-09-23	2012-11-03	2023-05-23	512 B	600 B	213.180.193.90
cdn.barscreative1.com	25648	2021-09-08	2021-09-16	2023-05-23	481 B	1.7 kB	45.133.44.3
na.nawpush.com	38563	2020-12-21	2020-12-23	2023-05-23	433 B	813 B	45.133.44.25
toothbrushconceitedsemi.com	unknown	2023-05-05	2023-05-05	2023-05-23	491 B	467 B	192.243.59.13
ex.ingage.tech	15627	2018-07-26	2020-09-04	2023-05-23	505 B	445 B	172.67.41.84
js.wpadmngr.com	25762	2021-06-02	2021-06-02	2023-05-23	814 B	188 kB	45.133.44.52
fp.metricswpsh.com	unknown	2021-10-29	2022-04-22	2023-05-23	1.0 kB	773 B	157.90.84.242
images.outbrainimg.com	2085	2018-04-09	2018-05-15	2023-05-23	581 B	8.8 kB	2.18.173.172
t.unblockia.com	unknown	2019-10-17	2023-01-30	2023-05-23	413 B	408 B	54.230.111.104
fe16743433.1c9ca7ac71.com	unknown	unknown	No data	No data	1.3 kB	320 B	45.133.44.52
friendshipmale.com	unknown	2022-10-21	2022-10-21	2023-05-23	397 B	86 kB	104.21.234.93
depositfiles.com	149089	2005-11-05	2012-05-21	2023-05-23	488 B	198 B	91.226.124.76
js.wpshsdk.com	12130	2021-06-04	2021-06-04	2023-05-23	814 B	68 kB	45.133.44.53
c.mgid.com	5843	2001-12-30	2017-01-30	2023-05-23	880 B	201 B	104.19.135.78
api.purpleads.io	146037	2020-01-29	2020-02-18	2023-05-23	3.0 kB	13 kB	3.229.139.30
simplewebanalysis.com	unknown	2022-02-15	2022-02-25	2023-05-23	912 B	708 B	18.192.155.180
unseenreport.com	unknown	2022-03-30	2022-03-30	2023-05-23	1.5 kB	846 B	192.243.59.20
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-05-23	867 B	8.5 kB	142.250.74.74
www.googletagmanager.com	75	2011-11-11	2013-05-22	2023-05-23	418 B	86 kB	142.250.74.40
ip2geo.pubfuture-ad.com	unknown	2022-09-30	2023-03-27	2023-05-23	423 B	1.2 kB	104.26.1.97
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-05-23	2.1 kB	82 kB	216.58.207.227
prebid.a-mo.net	1148	2017-09-08	2020-07-14	2023-05-23	461 B	310 B	147.75.84.158
addresseepaper.com	18169	2021-11-01	2021-11-01	2023-05-23	397 B	0 B	0.0.0.0
cdn.prplads.com	unknown	2023-02-19	2023-02-20	2023-05-23	569 B	45 kB	104.26.3.51
ntvpwpush.com	unknown	2020-12-15	2020-12-15	2023-05-23	509 B	972 B	168.119.25.102
www.gstatic.com	unknown	2008-02-11	2016-07-26	2023-05-23	470 B	168 kB	142.250.74.35
handbaggather.com	unknown	2023-04-28	2023-04-28	2023-05-24	7.4 kB	94 kB	173.233.137.44
jsc.mgid.com	7902	2001-12-30	2012-09-30	2023-05-23	1.0 kB	95 kB	104.19.135.78
loader.unblockia.com	unknown	2019-10-17	2023-01-30	2023-05-23	437 B	47 kB	54.230.111.124
notification.tubecup.net	8210	2008-09-26	2019-08-30	2023-05-23	469 B	309 B	88.198.136.228
script.4dex.io	2135	2018-04-02	2018-07-23	2023-05-23	815 B	25 kB	172.67.75.241
dfiles.eu	434493	unknown	2012-12-23	2023-05-23	481 B	5.9 kB	91.226.124.78
static.depositfiles.com	unknown	2005-11-05	2012-05-24	2023-05-23	4.9 kB	612 kB	91.226.124.81
pl16105218.highrevenuegate.com	unknown	2023-03-02	2023-03-03	2023-05-23	445 B	14 kB	192.243.59.12
cdn.unblockia.com	20316	2019-10-17	2019-12-02	2023-05-23	1.3 kB	259 kB	54.230.111.2
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15	2023-05-23	2.4 kB	62 kB	172.64.197.23
log.outbrainimg.com	2177	2018-04-09	2018-09-04	2023-05-23	1.1 kB	646 B	64.202.112.63
www.google.com	7	1997-09-15	2015-05-10	2023-05-23	401 B	1.1 kB	216.58.207.228
adsbb.dfiles.eu	unknown	unknown	2017-03-18	2023-05-23	11 kB	350 kB	91.226.124.80
cdn.pubfuture-ad.com	unknown	2022-09-30	2022-11-16	2023-05-23	939 B	34 kB	172.67.70.21

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-05-24	medium	pl16105218.highrevenuegate.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator
2023-05-24	medium	highrevenuegate.com
2023-05-24	medium	handbaggather.com
2023-05-24	medium	toothbrushconceitedsemi.com
2023-05-24	medium	handbaggather.com
2023-05-24	medium	handbaggather.com
2023-05-24	medium	handbaggather.com
2023-05-24	medium	handbaggather.com
2023-05-24	medium	handbaggather.com
2023-05-24	medium	handbaggather.com
2023-05-23	medium	unseenreport.com
2023-05-23	medium	unseenreport.com
2023-05-24	medium	addresseepaper.com
2023-05-24	medium	handbaggather.com
2023-05-24	medium	handbaggather.com

ThreatFox

No alerts detected

JavaScript (69)

	URL	Size	First Seen	Last Seen
	dfiles.eu/files/7saf9opey	154 B	2023-03-13	2024-04-19
Pretty URL dfiles.eu/files/7saf9opey IP 91.226.124.78 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 20:01:53 Last Seen2024-04-19 05:23:57 Times Seen593 Hash a5d30d6e8f7d127b22036f0cba694312 48b3fda0a81aeee349d1d58c1064e6028ad01500 3535afb4b7453318c16fd30caa8ed102f9e880596bd4391c7aff5be03295cdf0 Loading...

	cdn.unblockia.com/h.js	166 kB	2023-05-22	2023-06-12
Pretty URL cdn.unblockia.com/h.js IP 54.230.111.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 12:38:11 Last Seen2023-06-12 08:45:06 Times Seen211 Hash 3d75dc8f7c4000ccdac0fff2f09d78a8 9008e9830c5f3a690cbb6cc94ddb34b59fc12677 203af4ee7878df10c428ce6599c619695219f48681b832ef3f856abdd299b8e8 Loading...

	adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js	85 kB	2023-03-07	2024-04-19
Pretty URL adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js IP 91.226.124.78 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:20 Last Seen2024-04-19 09:16:42 Times Seen3829 Hash b04a3bccd23ddeb7982143707a63ccf9 4a5dc1389aad050a44ee5e81408238a317ab3413 764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b Loading...

	adsbb.dfiles.eu/upload/2303/ad2769296150a424.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752	0 B	2023-03-07	2024-04-19
Pretty URL adsbb.dfiles.eu/upload/2303/ad2769296150a424.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 IP 91.226.124.78 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 22:40:13 Times Seen36967822 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js	418 kB	2023-05-18	2023-06-28
Pretty URL www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-18 01:27:56 Last Seen2023-06-28 00:20:35 Times Seen22262 Hash 213e1a6e418f3df36f2ec077314ef525 7a553e545a48271f3afec47b3ed5f3518cfdd7b4 ad5008998005064af73229fb144d5f8e789641f8a846e2064ec18788a37e9e2d Loading...

	dfiles.eu/files/7saf9opey	148 B	2023-03-07	2024-04-19
Pretty URL dfiles.eu/files/7saf9opey IP 91.226.124.78 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:26:56 Last Seen2024-04-19 05:23:57 Times Seen593 Hash 39f8fffd2249f3bb9deb92a533243df9 ee75ba64aea887c758cd24407d003bc9494237f3 62cdfe74dd5ba57340776bc53ee95b20c286efbc7c467ece9594d27e24b48dcd Loading...

	js.wpshsdk.com/npc/sdk/wp-banners.js	0 B	2023-03-07	2024-04-19
Pretty URL js.wpshsdk.com/npc/sdk/wp-banners.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 22:40:13 Times Seen36967822 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.googletagmanager.com/gtag/js?id=G-BL9163LYG1	252 kB	2023-05-24	2023-05-24
Pretty URL www.googletagmanager.com/gtag/js?id=G-BL9163LYG1 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-24 11:33:24 Last Seen2023-05-24 11:33:24 Times Seen2 Hash 30b54016a5ab1dc07044b5088673fc32 4b8e296a9583a500ab20836039bf0d6321a8afd3 d88cd90b1715ac5aaa714f4d6337b39411c80f817a6174ad6ad25c42230e4bf3 Loading...

	cdn.prplads.com/load.js?publisherId=64df4768ef6a3d343387f03963cc6d27:a3fc5ba00d8a1e88f69e3c15e8e8c501507f1b2063b64e48a97000a1c4480fda350894047ca3535d3ce8fc5253d0214840300a723dc6ecae38a57d550d5ed683	44 kB	2023-05-04	2023-07-06
Pretty URL cdn.prplads.com/load.js?publisherId=64df4768ef6a3d343387f03963cc6d27:a3fc5ba00d8a1e88f69e3c15e8e8c501507f1b2063b64e48a97000a1c4480fda350894047ca3535d3ce8fc5253d0214840300a723dc6ecae38a57d550d5ed683 IP 104.26.3.51 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-04 19:00:26 Last Seen2023-07-06 12:03:28 Times Seen91 Hash e7f2069322ec42bbceeeb82aa038ad97 ff19fb5f2a8acaaa6e5690ac8a4a18d4e3a96239 e925958da62482fd49a37dde6b3d8b2429ab1a7f7d531ab0c15e3fe112f464ef Loading...

	dfiles.eu/files/7saf9opey	781 B	2023-03-07	2024-04-19
Pretty URL dfiles.eu/files/7saf9opey IP 91.226.124.78 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:26:57 Last Seen2024-04-19 05:23:57 Times Seen580 Hash fc579ba1ff4c0c2e22ba979c418178d1 87d25254a57e673bc1a10500c9a7f887d8dfa6a9 455914aff0c5916e2978af037cddc01aca97fe3c14c6cd1b8f2c6dfc557931bc Loading...

	js.wpadmngr.com/static/adManager.js	1.2 kB	2023-03-08	2023-09-14
Pretty URL js.wpadmngr.com/static/adManager.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:37:08 Last Seen2023-09-14 04:40:07 Times Seen1254 Hash 51b1a71b0add99b35a138609b191ca0a 49f6306d517f897883dcadb89fb725a3cd5f017d 902269f1228994ac73ce1a3ed21d948beb250b5c3d945b459ac6a48a097968fe Loading...

	friendshipmale.com/sfp.js	86 kB	2023-04-05	2023-08-25
Pretty URL friendshipmale.com/sfp.js IP 104.21.234.93 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 07:35:42 Last Seen2023-08-25 11:30:02 Times Seen8520 Hash 8bf542db65f0ff20d510889d62e5e092 1b1b7cc04275b7641e2f07b0f4bf99b5387303bf 77a3bebee72af7beb49cd94b7f16852a532aac5f3db8f610160440fe75ca4711 Loading...

	dfiles.eu/files/7saf9opey	125 B	2023-05-12	2023-05-28
Pretty URL dfiles.eu/files/7saf9opey IP 91.226.124.78 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-12 04:04:52 Last Seen2023-05-28 18:34:04 Times Seen32 Hash 69f459f4a109591677c3a6f6a2bddaed 28bd2335b141b1a261aacfc369bf73512d9b58ce b8ba0b9fcbb384c36eaa76e8afa547a2b5f91516ba0e2b3b275de0570f7d1a91 Loading...

	unknown	133 B	2023-05-12	2024-04-16
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-12 09:11:43 Last Seen2024-04-16 22:06:44 Times Seen81 Hash 377d3b2e03fc6f8306740f08a9727c40 a793b245d9de493b5312872d6675482f2c8c64d7 799899af28a256c42da96652251db4b655b4f6c0db0d5752bfe7d1c605a20817 Loading...

	static.depositfiles.com/js/function.js	35 kB	2023-03-07	2024-04-19
Pretty URL static.depositfiles.com/js/function.js IP 91.226.124.81 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2024-04-19 05:23:57 Times Seen1120 Hash a5779d2f560cd50376dbba372b0fd15b 07b08e35b9254288c1372e37577db8b9e4da01b4 51d26403861d61a7842bc73f518d4a4351a7027c40c9f0347f61421226950b84 Loading...

	jsc.mgid.com/d/e/depositfiles.com.3334.es6.js	300 kB	2023-05-24	2023-05-26
Pretty URL jsc.mgid.com/d/e/depositfiles.com.3334.es6.js IP 104.19.135.78 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-24 11:33:24 Last Seen2023-05-26 21:24:46 Times Seen4 Hash 1eeedf021e01b774c05b8c672b09f66c 275896b8d7e41b4a1d517ea72ebac02aac3a4d13 c6118a1dc680f817266171594c36e0a4a0b61df5ccbf5d7cba76f2be783585f8 Loading...

	unknown	80 B	2023-04-11	2024-04-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:41:08 Last Seen2024-04-18 08:05:50 Times Seen1509 Hash 985fc03237c0627c6917c1318eddb2dd bc7ed05f47cdccd9678eb254287fd852a315b09e 25e130b987458c7e6c8f17c8b2a170f1f53800b163b9832711eabd699a3693e9 Loading...

	dfiles.eu/files/7saf9opey	475 B	2023-03-07	2024-04-19
Pretty URL dfiles.eu/files/7saf9opey IP 91.226.124.78 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:26:57 Last Seen2024-04-19 05:23:57 Times Seen593 Hash 7d5b8ae86ab79df757399336af6dc4e6 d80237486fe292a185a576578308234114e302ce bf66c6e0c4ea53d83f6c17058e513aee1ff1c1fd319fe8fca1970ccc2151fed7 Loading...

	www.google.com/recaptcha/api.js	850 B	2023-05-19	2023-05-26
Pretty URL www.google.com/recaptcha/api.js IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-19 05:24:48 Last Seen2023-05-26 00:37:24 Times Seen2423 Hash b7b728964630ecd7e800d650f14695c5 473f7633fea7e2f828c3df9ab19356286f10a692 f4de494b6cfd42ce31b244cd84410cd4259d82773485f6c7b4ffd2a7ca2d6217 Loading...

	dfiles.eu/files/7saf9opey	139 B	2023-03-07	2024-04-19
Pretty URL dfiles.eu/files/7saf9opey IP 91.226.124.78 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:26:56 Last Seen2024-04-19 05:23:57 Times Seen591 Hash 096fbc4b579acc65367920b87875c1f0 53a8d0be557838d6912339a6f684ac434f9cedc0 4a590c7532c8fdd5e2f6fe223990b525091f9412faf8b2971bfdc1e69be03cd2 Loading...

	handbaggather.com/c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js	86 kB	2023-05-24	2023-05-24
Pretty URL handbaggather.com/c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-24 11:33:24 Last Seen2023-05-24 11:33:25 Times Seen2 Hash 13c4563a17f6dc9e1300a518fc3fc0d6 81f80c27a9e4fa28366d5c622b19ec5c011468f4 3902335dbf9162261d54a5bd11e5a91baf52ef1aa798d04da48b6cfbc101e44d Loading...

	static.depositfiles.com/js/base2.js	399 kB	2023-03-07	2024-04-19
Pretty URL static.depositfiles.com/js/base2.js IP 91.226.124.81 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:54 Last Seen2024-04-19 05:23:57 Times Seen1089 Hash 2fcae8126c3fd9a626370a701f0bd887 f3496fb7bbe122a9774d7dcfcd68da03a24dc285 d29ab86f64b4fcfbc45b9ef806c147f1e42e37e37d44a559147232288063badc Loading...

	js.wpshsdk.com/npc/sdk/push.m.js?v=1	67 kB	2023-04-05	2023-05-24
Pretty URL js.wpshsdk.com/npc/sdk/push.m.js?v=1 IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 16:56:19 Last Seen2023-05-24 12:50:30 Times Seen3968 Hash feb36403b62b67278b7e2678eadade8a d9fb0f995c7a6d93af6cc01794d60a3e4ea10220 2802e4618ec30ec53ea5296b1b832279514ea2325caae829c549aed796ce53ff Loading...

	pl16105218.highrevenuegate.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js	37 kB	2023-05-24	2023-05-24
Pretty URL pl16105218.highrevenuegate.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-24 11:33:24 Last Seen2023-05-24 11:33:24 Times Seen2 Hash ff272e448475d3739c4d5d4274d4c02b 79b158277dfd2b8afb2348a5f1ab8206a1a3632f f46832dccaedff00b2c4e47fd280431ad9350f6950652d1185e721725e96d7fd Loading...

	js.wpadmngr.com/static/adManager.m.js	158 kB	2023-05-17	2023-05-29
Pretty URL js.wpadmngr.com/static/adManager.m.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-17 12:38:28 Last Seen2023-05-29 08:19:12 Times Seen1499 Hash dab0e6f83f75fb629b93faf638b0768c b1d129ba6836895c5025831ee1a2f13fd7694c11 032e1167d424f8908b3a76a84fe3151136ab45852d52ab951f81f5e89547c19b Loading...

	cdn.pubfuture-ad.com/v2/unit/pt.js	6.6 kB	2023-05-08	2023-07-18
Pretty URL cdn.pubfuture-ad.com/v2/unit/pt.js IP 172.67.70.21 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-08 18:57:55 Last Seen2023-07-18 10:00:36 Times Seen253 Hash 682292a8592cf915768cad01e4b3222d 7cac4c7f0693fe9296ced91b9ea1c60b2475600b 74075ecdd502ca9121a9d6a11e8824771cea3c7e158726e01a2964c750766e1d Loading...

	dfiles.eu/files/7saf9opey	365 B	2023-05-24	2023-05-24
Pretty URL dfiles.eu/files/7saf9opey IP 91.226.124.78 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-24 11:33:24 Last Seen2023-05-24 11:33:24 Times Seen1 Hash f6be0c465081abda54a382e6c8c969af f4261a2b4e1d23ff702b16aa7128ded0ee36d71f af8d5c6cd1a1bb896820493f8eb7af23a7d5c828e974f74891e5de968fc39e62 Loading...

	jsc.mgid.com/d/e/depositfiles.com.3334.js	2.7 kB	2023-04-29	2023-09-02
Pretty URL jsc.mgid.com/d/e/depositfiles.com.3334.js IP 104.19.135.78 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-29 04:38:32 Last Seen2023-09-02 16:51:34 Times Seen26 Hash 0fcaf139ba4779f96ff73f21e25c5fcd d682d1547e69aeace79744c953966b136d8123fb fa26488d3d63a885506d39afecbf0e24a120024974e51c13fbaebec607cde633 Loading...

	dfiles.eu/files/7saf9opey	145 B	2023-03-07	2024-04-18
Pretty URL dfiles.eu/files/7saf9opey IP 91.226.124.78 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:21 Last Seen2024-04-18 04:40:14 Times Seen187 Hash 8e0bb0377b950a499dd16480355eca2c 822db1f872585dd852a5f38e9e6122d5bd9be03a 4aedd119b24a9d2c17490da75d1a3d7ee77301d780fd5bbd5e304ed57b764bb7 Loading...

	dfiles.eu/files/7saf9opey	313 B	2023-03-07	2024-04-18
Pretty URL dfiles.eu/files/7saf9opey IP 91.226.124.78 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:21 Last Seen2024-04-18 04:40:14 Times Seen172 Hash 64eb5b1c65942cd9115f1f07e23ef1bf c41b603bb92b894b215c529117258bf431a8e9d4 65a32bd21267edccaf887e2ca0f3b8721770bbbe8446d228c544e2aa022cd7ab Loading...

	dfiles.eu/files/7saf9opey	139 B	2023-03-07	2024-04-18
Pretty URL dfiles.eu/files/7saf9opey IP 91.226.124.78 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:21 Last Seen2024-04-18 04:40:14 Times Seen188 Hash d216fd9e4ad59099ae10c493bd427be0 cacbc365461a636115168dcf44664d3bef0d7ffd eb39e9be913618bba6aa1af386b20578ac614d93d8ff5425f8c6ada9330b7de6 Loading...

	dfiles.eu/files/7saf9opey	26 B	2023-03-07	2024-04-19
Pretty URL dfiles.eu/files/7saf9opey IP 91.226.124.78 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:26:57 Last Seen2024-04-19 05:23:57 Times Seen593 Hash ed91f0c19cbcd50a62fe290680800145 b42572f05f14b93093f64b146245b32b3d0cbf9e c67d0cfcd4c4e9eb4c73c9ac4c4545d5628603946d522a5fca6f3106749df1e0 Loading...

	dfiles.eu/files/7saf9opey	107 B	2023-03-07	2024-04-18
Pretty URL dfiles.eu/files/7saf9opey IP 91.226.124.78 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29:21 Last Seen2024-04-18 04:40:14 Times Seen188 Hash fa5cbfd2df4296e8149b3d8dc839e73b 9225470d8e39272fbe2966c3133cbc4b28c0b8fb d0e6b3ab7a4acedc68c7e282dd0f0a565f4bf832a3b0acba5b3855a44a12123d Loading...

	unknown	601 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:57 Last Seen2024-04-19 00:48:54 Times Seen142 Hash d06d3ac0e19b88c449b951e14f241106 67bd1dff869fa33027f7a17d145156ffd8478fa7 17b621fa95aa5faba31bd1084de0c6dc4126072485e654eafe7f24a49a922cfd Loading...

	static.depositfiles.com/js/jquery.validate.js	38 kB	2023-04-05	2024-04-19
Pretty URL static.depositfiles.com/js/jquery.validate.js IP 91.226.124.81 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 16:56:19 Last Seen2024-04-19 05:23:57 Times Seen541 Hash f6d96c36018433b4c22c84fa072983df 3db792e82c157ffc093a3cea08e873343beb6452 df875197ee9dd42c13d717a36886997f9daa05e02641daa025c9039bb37b6126 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 76c4793055e5506049c3d1a3ca7c9961	39 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 76c4793055e5506049c3d1a3ca7c9961 20339a96f3b80e1543d7834aa40915986a6ecb28 aaa8c0ab87c7070701d0a29a610c65a4c1d29153c2d14623602acef3eea646dd Loading...

	#2 Eval - 88d55cacec67fdda96068949334b0499	25 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 88d55cacec67fdda96068949334b0499 78575799753ceb53d79fd7ce691b691adfbcddcd cfd8889f26f46323b63c7766e414faf4a4171cc959c4c2b2e6a64c0ec3edf13f Loading...

	#3 Eval - 77c872a879b679ddb8628ee5ac827690	26 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 77c872a879b679ddb8628ee5ac827690 895799a91a5f4cac4be6c5b5de261dccc02cf157 59d45abada49f5b514521b527330402a2d826ae3f0dab2199c58c38f1e511777 Loading...

	#4 Eval - cb78ba36cac064165e41253b248d1e96	36 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash cb78ba36cac064165e41253b248d1e96 1d1f956853fd2f2d7d4e291b5d615537bb96713f 2d498779a32244d72a8a7d953918ce95c00fab9d3b129b2a1c3125fb263ccb45 Loading...

	#5 Eval - 1fedf6baa87d9b256a83e8e3e1b65056	35 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 1fedf6baa87d9b256a83e8e3e1b65056 0263fde258ce38794a920a672a854204bd618bcc 7013ec5264e02f54f3b42e05b51fd1ad0f180fa3870b71acd2f1a384cc81d601 Loading...

	#6 Eval - b9c95d7df82ab576585babc9b933f844	36 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash b9c95d7df82ab576585babc9b933f844 3855cdde37780e1b763b995bfb977036917f803a a612f8985aebacd5c5fa6b17d16982a29983ae9131bae94403ff9abe1ce2ded2 Loading...

	#7 Eval - 6ae367f7d7c3f08e67a16f4ad82e7dca	42 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 6ae367f7d7c3f08e67a16f4ad82e7dca 81424a630ea828a1b783bedccbe3614e2702c299 2fc752a40595d1d6681e6be3ebd8f44cdda99876ff9ee19fe654647a6a11415e Loading...

	#8 Eval - deadc7431ca60c864078c7b1b57b0382	45 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash deadc7431ca60c864078c7b1b57b0382 088b94c9b490d0454434bfafb684c6ef4c3c3d1d d7fff9897aaa9675a3652e7cac1a8c2a3427b896b5cc0ab5ffd628f9bb106e34 Loading...

	#9 Eval - 308ce9eddcf87856319c6e887a328f7a	28 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 308ce9eddcf87856319c6e887a328f7a e0741915340fd264162316bc3bd1749265d0ec9b 4f6a557989f79654728dcb244539b604c5329db30b964d6e8c524c72517b9fa6 Loading...

	#10 Eval - 4e70865b8eb7f390c3e82cb023ec718e	39 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 4e70865b8eb7f390c3e82cb023ec718e 2242a0ee3b512687bd55789854529cb4f2106e20 04f881dff1163e4e36943700ddbcf25667dfe7e0b154d21e181a771955264d60 Loading...

	#11 Eval - cef0b78101ef9c4812fae1e6cafda473	21 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1123 Hash cef0b78101ef9c4812fae1e6cafda473 f8fb9a7ff103d095cd4f5a80f5b6f0e2cfce4356 5f7d79033f82e1d81e2e6490b1fe43f241e2889aae35ea6d5f968ca697f5a577 Loading...

	#12 Eval - bcfc797a1fd15c07566cb8930dde093f	41 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash bcfc797a1fd15c07566cb8930dde093f 564385b812a1c00532b2f7e6c66ddd6f8d0d4200 e9d851c02746b7bd4d9207264c143f76480b69aa3552b1cdaa79ee537d83f5ac Loading...

	#13 Eval - c046c71777b1d9ff147a8d04d76771e5	32 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1124 Hash c046c71777b1d9ff147a8d04d76771e5 c3c7716eab0ed9ea66365a6f9f7bac166dfaca94 a535a9a97ed5a801419c63a6e764dd3b24c8456f177155717caf9ba3411ef756 Loading...

	#14 Eval - 97976045385267c941449d1ba56a276e	33 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 97976045385267c941449d1ba56a276e 3ffc8cc59740faafcf3b0f0efb3f12f6b689dc90 92cc9c48ca7d897742a37b1578ba7c99e9d9c405fced233bb9a3270ef84fddfc Loading...

	#15 Eval - 0e5f4da7554e493ccd00e092e4fd85ff	31 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 0e5f4da7554e493ccd00e092e4fd85ff 78f043bc3bb59baf65185e29f3fa75b5f22d024d fb71685befff6e5c6fb9e2dd5f9bea6c71a2a162b39920f3927ef5ebfcf0134d Loading...

	#16 Eval - 282b4cc68a675357c3ca24fe28d8ab04	19 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 282b4cc68a675357c3ca24fe28d8ab04 c8b868fb5effed4b8596709293518ce4caf64131 67909fba812519f6eced963d195970a41923b591290d48f96704719fc6b74ec5 Loading...

	#17 Eval - aa4b04f82e6a9ea00c22ad12c62ae537	31 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash aa4b04f82e6a9ea00c22ad12c62ae537 43b5422f1f6b61b34e126bdf039b8cbc6f0d697c 0408d20a8555f96ab5cced9f89880c477f78d4ade576e5618b04094f034fb081 Loading...

	#18 Eval - da9b396eb92f6b099e8d0e01044e253d	19 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1124 Hash da9b396eb92f6b099e8d0e01044e253d 929359434c1f79501f2dd778c5a9a6af9034476b 631bd9a13534679ce526b007d4fc8352793377d89bcc321392b01ecf075c4101 Loading...

	#19 Eval - 3f22c207dbad59397f7a3414ecfa6587	43 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 3f22c207dbad59397f7a3414ecfa6587 8509ea5b1d728f5be0f7eae7548d3593f98c5402 0220aceb9c3413632235ce2598b94dd7a130a95558114c04ad41f9386b69777b Loading...

	#20 Eval - 3dd772ed2472872392d0a81700b9ccca	28 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 3dd772ed2472872392d0a81700b9ccca b070cf82068fd167e47ef731788cb29ef6f85516 fca3cd5a7ca3a44b75f81e0c169fe599fb48741835c83b5616e304b3f722522b Loading...

	#21 Eval - 4e96dc12176baffec5f6c2b824b8b037	21 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1124 Hash 4e96dc12176baffec5f6c2b824b8b037 cbffdfa5e083b9ff6d40f059aed02ad96cdcd77d 37ceb2a749341c51c7b8c25daaa71dc167b4aba7485c9b398b8ab004b685e492 Loading...

	#22 Eval - 45ce5d15da1dc1603f56d0399b3399c6	30 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 45ce5d15da1dc1603f56d0399b3399c6 285d4d78fc31669c66f2e463ebe81cc020356b3b 7ceacb36606d6f6599d3ed5454c31152cb4417fb3c02ebb66431c4227a653726 Loading...

	#23 Eval - e116d02f42e23573c47a3e5d2a93e2e7	46 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1124 Hash e116d02f42e23573c47a3e5d2a93e2e7 34a847abb13bc8a6607d118069415661c48ffafc e218a1ac15f252350ef2646dead414bf35db450215962e63da301cb7c3f064eb Loading...

	#24 Eval - c4c99d99e150fd4661e8259b8f0baac8	35 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1124 Hash c4c99d99e150fd4661e8259b8f0baac8 77772ffc0d98ada5f46c88c69fd7ba7cc1c3a96d 022ae916a59e1d7cb709a35e757c60e6626bfccd2c1e87c5ad6b432f0f1b1538 Loading...

	#25 Eval - 6417cc1e9a41402a403a38f10e401182	41 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1124 Hash 6417cc1e9a41402a403a38f10e401182 c0ef1ed95155ccd56c01207ad2e42b9e2edbbd8e 25fde17ee6ee622be6ebf83118c8802af55f2721a375a4017d6dec6edaf3b37b Loading...

	#26 Eval - 4df9c33be035899035ba28356b2bc2c0	22 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 4df9c33be035899035ba28356b2bc2c0 e438d9658895c6c7a57a5eda1bb97d3715360ccf c624a79f9c72c617d0ed1ad3207a67a39f6243071e14c4ebeace5dcff97313a3 Loading...

	#27 Eval - 1877f709235efe3edcf15b14afba4ca2	35 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash 1877f709235efe3edcf15b14afba4ca2 b2b3bc3c703e869ae5f190981b0354bbd8abbbf6 41aae560d6dd4b675e6e45d30c1572db537659e580ac434c4b89b76e4f3dc5ac Loading...

	#28 Eval - adcadd21e1cc9b9d64a652b7179b929a	45 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 01:06:24 Last Seen2023-10-31 22:34:33 Times Seen1125 Hash adcadd21e1cc9b9d64a652b7179b929a d4433f6c1d1b07f13e8380cfd95c542b9c2535df e44d38f746ee1fa3b3ef03ed6ea3f298c25e173b6daea3c4505afce8bb869508 Loading...

	#29 Eval - b326b5062b2f0e69046810717534cb09	4 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:03:44 Last Seen2024-04-19 18:00:52 Times Seen23206 Hash b326b5062b2f0e69046810717534cb09 5ffe533b830f08a0326348a9160afafc8ada44db b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b Loading...

		Size	First Seen	Last Seen
	#1 Write - 0de70140d21b469ab28e90b962538360	2.4 kB	2023-05-24	2023-05-24
Pretty Observations First Seen2023-05-24 11:33:24 Last Seen2023-05-24 11:33:24 Times Seen1 Hash 0de70140d21b469ab28e90b962538360 7ff1618c119d1fad446a4f4d6ae9c7487b57f79e 0fafa319d01f625aaac4b383674cbcaddab41f8a0f21c43b5c79a14bf2761560 Loading...

	#2 Write - 3bc42f03b3f1761ea9f95a335ab2bbba	77 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:26:57 Last Seen2024-04-19 05:23:57 Times Seen580 Hash 3bc42f03b3f1761ea9f95a335ab2bbba 4ab15b6c153a542425f02baadcc1ed4867078b8d 1f8c7edef8c37d8821755ee623f481f29d6584195b327d15ac5abe6d243d8ec0 Loading...

	#3 Write - f846a6f7f9f77ee64de243dd2e11c9ae	164 B	2023-05-06	2024-04-19
Pretty Observations First Seen2023-05-06 12:18:48 Last Seen2024-04-19 05:23:57 Times Seen473 Hash f846a6f7f9f77ee64de243dd2e11c9ae 81b65f57f43372a490c1a82b0a40c3d18b40b0bf 63f0d3c423380243710222e2b275efa59ab2ed4eec8aab35781707f6459c407d Loading...

	#4 Write - 3e931d5c0ce8a94e81104c08d67872ba	164 B	2023-03-13	2024-04-19
Pretty Observations First Seen2023-03-13 12:53:25 Last Seen2024-04-19 05:23:57 Times Seen548 Hash 3e931d5c0ce8a94e81104c08d67872ba f13674fd6a6089aee16a19b1807f2f0fd2d9a0e2 18dea144f4b37879ae8916760ee75a30bb0e4d06fc7fa341029a70593a89d669 Loading...

	#5 Write - 2252dce4ea7721d2af589d45c5149b49	2.9 kB	2023-05-23	2023-05-24
Pretty Observations First Seen2023-05-23 12:35:46 Last Seen2023-05-24 11:33:24 Times Seen5 Hash 2252dce4ea7721d2af589d45c5149b49 a2c580408f586fc897065f4f9b5b021437efaf9b 13668237fb6c97541153dfc852a8fe8cd0e4fba81a7c554306ba6cea14af9ca9 Loading...

HTTP Transactions (94)

URL IP Response Size

depositfiles.com/files/7saf9opey

91.226.124.76

302 Found

0 B

URL User Request GET HTTP/1.1
depositfiles.com/files/7saf9opey
IP
91.226.124.76:443
ASN
#35415 Webzilla B.V.

Certificate
IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint90:44:8D:18:D5:0B:6D:4B:AA:47:FB:C3:D9:B4:43:28:E2:A9:58:14
ValidityMon, 27 Feb 2023 10:18:03 GMT - Sun, 28 May 2023 10:18:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /files/7saf9opey HTTP/1.1
Host: depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 24 May 2023 09:32:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Location: //dfiles.eu/files/7saf9opey

dfiles.eu/files/7saf9opey

91.226.124.78

200 OK

5.4 kB

URL User Request GET HTTP/1.1
dfiles.eu/files/7saf9opey
IP
91.226.124.78:443
ASN
#35415 Webzilla B.V.

Certificate
IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, CR, LF line terminators
Size
5.4 kB (5381 bytes)
Hash
071e3ed397906304f1961981cc33fca2
4677ecf8359959a189d8c76530c3274d0960634c
7f041a5bbc0eda2744de0f181f445f61cc2562898a13d9d89f94228358918155

HTTP Headers

GET /files/7saf9opey HTTP/1.1
Host: dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; path=/; domain=.dfiles.eu
last_file=7saf9opey; path=/; domain=.dfiles.eu
lang_current=en; expires=Thu, 23-May-2024 09:32:55 GMT; Max-Age=31536000; path=/; domain=.dfiles.eu; secure
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

www.google.com/recaptcha/api.js

216.58.207.228

200 OK

557 B

URL GET HTTP/2
www.google.com/recaptcha/api.js
IP
216.58.207.228:443
ASN
#15169 GOOGLE

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint85:AD:43:66:C0:73:07:1B:B5:5D:4A:83:4B:76:3F:DA:4B:2B:E1:F8
ValidityMon, 24 Apr 2023 12:01:16 GMT - Mon, 17 Jul 2023 12:01:15 GMT

File type
ASCII text, with very long lines (850), with no line terminators
Size
557 B (557 bytes)
Hash
b7b728964630ecd7e800d650f14695c5
473f7633fea7e2f828c3df9ab19356286f10a692
f4de494b6cfd42ce31b244cd84410cd4259d82773485f6c7b4ffd2a7ca2d6217

HTTP Headers

GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
expires: Wed, 24 May 2023 09:32:56 GMT
date: Wed, 24 May 2023 09:32:56 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 557
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-BL9163LYG1

142.250.74.40

200 OK

86 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-BL9163LYG1
IP
142.250.74.40:443
ASN
#15169 GOOGLE

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint55:51:32:58:36:72:A1:C8:50:5E:5A:8D:CE:A5:2F:DC:D7:1E:62:03
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT

File type
ASCII text, with very long lines (5048)
Size
86 kB (85720 bytes)
Hash
30b54016a5ab1dc07044b5088673fc32
4b8e296a9583a500ab20836039bf0d6321a8afd3
d88cd90b1715ac5aaa714f4d6337b39411c80f817a6174ad6ad25c42230e4bf3

HTTP Headers

GET /gtag/js?id=G-BL9163LYG1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 May 2023 09:32:56 GMT
expires: Wed, 24 May 2023 09:32:56 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85720
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.depositfiles.com/js/function.js

91.226.124.81

200 OK

35 kB

URL GET HTTP/1.1
static.depositfiles.com/js/function.js
IP
91.226.124.81:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint90:44:8D:18:D5:0B:6D:4B:AA:47:FB:C3:D9:B4:43:28:E2:A9:58:14
ValidityMon, 27 Feb 2023 10:18:03 GMT - Sun, 28 May 2023 10:18:02 GMT

File type
ASCII text, with very long lines (4240)
Size
35 kB (34915 bytes)
Hash
a5779d2f560cd50376dbba372b0fd15b
07b08e35b9254288c1372e37577db8b9e4da01b4
51d26403861d61a7842bc73f518d4a4351a7027c40c9f0347f61421226950b84

HTTP Headers

GET /js/function.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:56 GMT
Content-Type: application/javascript
Content-Length: 34915
Last-Modified: Tue, 26 Apr 2022 10:45:43 GMT
Connection: keep-alive
ETag: "6267cd57-8863"
Expires: Wed, 24 May 2023 09:37:56 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes

static.depositfiles.com/css/main.css

91.226.124.81

200 OK

47 kB

URL GET HTTP/1.1
static.depositfiles.com/css/main.css
IP
91.226.124.81:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint90:44:8D:18:D5:0B:6D:4B:AA:47:FB:C3:D9:B4:43:28:E2:A9:58:14
ValidityMon, 27 Feb 2023 10:18:03 GMT - Sun, 28 May 2023 10:18:02 GMT

File type
ASCII text, with very long lines (332)
Size
47 kB (46819 bytes)
Hash
af57443dfa4bc2d3299321923ae1c57f
d922badb0ed1d665302cf93268e9960d0a04c065
50d446eade67c33dc4dba74f2f2b7480b5021de5a98bfedc1f10ce5c35d966f3

HTTP Headers

GET /css/main.css HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:56 GMT
Content-Type: text/css
Last-Modified: Tue, 26 Apr 2022 10:45:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6267cd55-2f719"
Expires: Wed, 24 May 2023 09:37:56 GMT
Cache-Control: max-age=300
Content-Encoding: gzip

static.depositfiles.com/js/jquery.validate.js

91.226.124.81

200 OK

38 kB

URL GET HTTP/1.1
static.depositfiles.com/js/jquery.validate.js
IP
91.226.124.81:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint90:44:8D:18:D5:0B:6D:4B:AA:47:FB:C3:D9:B4:43:28:E2:A9:58:14
ValidityMon, 27 Feb 2023 10:18:03 GMT - Sun, 28 May 2023 10:18:02 GMT

File type
Unicode text, UTF-8 text, with very long lines (1238)
Size
38 kB (38269 bytes)
Hash
d5231b6378847ebdb55f64c77d5a234f
eed97aa0b2aa9486b6f6831ed8a85dc729ad6b9c
95434a8a2568a6481a1fbcf5808a75dd58e77348ed6d70b4f7aeda8842e8f0c7

HTTP Headers

GET /js/jquery.validate.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:56 GMT
Content-Type: application/javascript
Content-Length: 38269
Last-Modified: Tue, 26 Apr 2022 10:45:43 GMT
Connection: keep-alive
ETag: "6267cd57-957d"
Expires: Wed, 24 May 2023 09:37:56 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes

static.depositfiles.com/js/base2.js

91.226.124.81

200 OK

399 kB

URL GET HTTP/1.1
static.depositfiles.com/js/base2.js
IP
91.226.124.81:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint90:44:8D:18:D5:0B:6D:4B:AA:47:FB:C3:D9:B4:43:28:E2:A9:58:14
ValidityMon, 27 Feb 2023 10:18:03 GMT - Sun, 28 May 2023 10:18:02 GMT

File type
Unicode text, UTF-8 text, with very long lines (65481)
Size
399 kB (398927 bytes)
Hash
2fcae8126c3fd9a626370a701f0bd887
f3496fb7bbe122a9774d7dcfcd68da03a24dc285
d29ab86f64b4fcfbc45b9ef806c147f1e42e37e37d44a559147232288063badc

HTTP Headers

GET /js/base2.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:56 GMT
Content-Type: application/javascript
Content-Length: 398927
Last-Modified: Tue, 26 Apr 2022 10:45:43 GMT
Connection: keep-alive
ETag: "6267cd57-6164f"
Expires: Wed, 24 May 2023 09:37:56 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes

pl16105218.highrevenuegate.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js

192.243.59.12

200 OK

13 kB

URL GET HTTP/1.1
pl16105218.highrevenuegate.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjecthighrevenuegate.com
FingerprintE3:83:9C:63:64:A5:46:F7:CE:7B:E1:4D:12:0F:29:C3:22:23:C0:14
ValidityTue, 02 May 2023 09:41:55 GMT - Mon, 31 Jul 2023 09:41:54 GMT

File type
ASCII text, with very long lines (37155), with no line terminators
Size
13 kB (13436 bytes)
Hash
ff272e448475d3739c4d5d4274d4c02b
79b158277dfd2b8afb2348a5f1ab8206a1a3632f
f46832dccaedff00b2c4e47fd280431ad9350f6950652d1185e721725e96d7fd

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js HTTP/1.1
Host: pl16105218.highrevenuegate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 May 2023 09:32:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 703ea53bc3e66696cc10f5006a686a8d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

static.depositfiles.com/images/logo.png

91.226.124.81

200 OK

3.6 kB

URL GET HTTP/1.1
static.depositfiles.com/images/logo.png
IP
91.226.124.81:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint90:44:8D:18:D5:0B:6D:4B:AA:47:FB:C3:D9:B4:43:28:E2:A9:58:14
ValidityMon, 27 Feb 2023 10:18:03 GMT - Sun, 28 May 2023 10:18:02 GMT

File type
PNG image data, 176 x 43, 8-bit/color RGBA, non-interlaced\012- data
Size
3.6 kB (3623 bytes)
Hash
c41fdd84b04e45a91cb17cfdeccb1b38
fec7fffe104c7e169aeb159032078c4b71ff2cdc
7f89eb8ab03684f4db282ca30eb231b1e254bca10c7b511950df5e0eab0a68a0

HTTP Headers

GET /images/logo.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: image/png
Content-Length: 3623
Last-Modified: Tue, 26 Apr 2022 10:45:42 GMT
Connection: keep-alive
ETag: "6267cd56-e27"
Accept-Ranges: bytes

static.depositfiles.com/images/timer.gif

91.226.124.81

200 OK

12 kB

URL GET HTTP/1.1
static.depositfiles.com/images/timer.gif
IP
91.226.124.81:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint90:44:8D:18:D5:0B:6D:4B:AA:47:FB:C3:D9:B4:43:28:E2:A9:58:14
ValidityMon, 27 Feb 2023 10:18:03 GMT - Sun, 28 May 2023 10:18:02 GMT

File type
GIF image data, version 89a, 70 x 70\012- data
Size
12 kB (11607 bytes)
Hash
fb170c2ce20d8088b7cee465689c3637
9759429c7de6921580fac900c4c6026c758bb94c
6b5c53dd4d2d07c854e019e55458ff9652a4d9b7bf1fe8848ad00ca16032e294

HTTP Headers

GET /images/timer.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: image/gif
Content-Length: 11607
Last-Modified: Tue, 26 Apr 2022 10:45:42 GMT
Connection: keep-alive
ETag: "6267cd56-2d57"
Expires: Mon, 29 May 2023 09:32:57 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

static.depositfiles.com/images/member_menu_bg.gif

91.226.124.81

200 OK

78 B

URL GET HTTP/1.1
static.depositfiles.com/images/member_menu_bg.gif
IP
91.226.124.81:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint90:44:8D:18:D5:0B:6D:4B:AA:47:FB:C3:D9:B4:43:28:E2:A9:58:14
ValidityMon, 27 Feb 2023 10:18:03 GMT - Sun, 28 May 2023 10:18:02 GMT

File type
GIF image data, version 89a, 1 x 48\012- data
Size
78 B (78 bytes)
Hash
20a24b56dcedf6a71a71ebec771e1f7d
d7bed493d5d4eeaed5dbbf7d30d45107840790a0
6f57f29224d8e9e51ed0839e329055426fba7dcd97ef31e93ed495f93a6063df

HTTP Headers

GET /images/member_menu_bg.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: image/gif
Content-Length: 78
Last-Modified: Tue, 26 Apr 2022 10:45:42 GMT
Connection: keep-alive
ETag: "6267cd56-4e"
Expires: Mon, 29 May 2023 09:32:57 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

static.depositfiles.com/images/sprite.png

91.226.124.81

200 OK

37 kB

URL GET HTTP/1.1
static.depositfiles.com/images/sprite.png
IP
91.226.124.81:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint90:44:8D:18:D5:0B:6D:4B:AA:47:FB:C3:D9:B4:43:28:E2:A9:58:14
ValidityMon, 27 Feb 2023 10:18:03 GMT - Sun, 28 May 2023 10:18:02 GMT

File type
PNG image data, 102 x 630, 8-bit/color RGBA, non-interlaced\012- data
Size
37 kB (36802 bytes)
Hash
2333675d7e431d5313c6dbb5230a14cd
93c4032e5b8b85793a9cda7167804445d950dd96
b287134a60667ce8e2c3fa1603e3a8f2ffa59c64e746d026d1a13ef19f3f38a0

HTTP Headers

GET /images/sprite.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: image/png
Content-Length: 36802
Last-Modified: Tue, 26 Apr 2022 10:45:42 GMT
Connection: keep-alive
ETag: "6267cd56-8fc2"
Accept-Ranges: bytes

static.depositfiles.com/images/flags/lang24.png

91.226.124.81

200 OK

9.2 kB

URL GET HTTP/1.1
static.depositfiles.com/images/flags/lang24.png
IP
91.226.124.81:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint90:44:8D:18:D5:0B:6D:4B:AA:47:FB:C3:D9:B4:43:28:E2:A9:58:14
ValidityMon, 27 Feb 2023 10:18:03 GMT - Sun, 28 May 2023 10:18:02 GMT

File type
PNG image data, 24 x 552, 8-bit/color RGBA, non-interlaced\012- data
Size
9.2 kB (9172 bytes)
Hash
efdcd1ca23d564ddd811f41152a2b83c
0b5aa064e7f8f241363c55fa17eb448f42a5f8df
ce23be242e34c5b420f8ba0390aef20fa50ffc69f700091029616eff524e8f9b

HTTP Headers

GET /images/flags/lang24.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: image/png
Content-Length: 9172
Last-Modified: Tue, 26 Apr 2022 10:45:42 GMT
Connection: keep-alive
ETag: "6267cd56-23d4"
Accept-Ranges: bytes

simplewebanalysis.com/stats

18.192.155.180

200 OK

40 B

URL GET HTTP/2
simplewebanalysis.com/stats
IP
18.192.155.180:443
ASN
#16509 AMAZON-02

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerAmazon
Subjectsimplewebanalysis.com
FingerprintE5:9D:30:D3:0E:8A:EF:0D:43:46:4C:4C:53:AD:05:78:63:E9:04:07
ValidityThu, 02 Mar 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
e79ecd69aa055a08849236de5ce34be0
bf1e873f7f5ef9861d60c15d24414f4d03690339
dc6009f0beb0624cf3be342f6cce435fea4e726eaefa7896e0d96b465854bae0

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:57 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dfiles.eu
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=ed70feaa-4a44-4eb2-8cc3-ec5849860a76:3:1; expires=Sat, 21 May 2033 09:32:57 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

js.wpadmngr.com/static/adManager.js

45.133.44.52

200 OK

29 kB

URL GET HTTP/2
js.wpadmngr.com/static/adManager.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjectjs.wpadmngr.com
FingerprintA9:7C:F8:A4:B8:B3:E3:98:76:72:9E:0B:4A:FB:FB:39:D4:F4:54:3D
ValidityTue, 16 May 2023 02:02:19 GMT - Mon, 14 Aug 2023 02:02:18 GMT

File type
gzip compressed data, from Unix\012- data
Size
29 kB (29114 bytes)
Hash
c29341fa994d34995f3a38b16c8a8cdd
2fa7f19d6c25cf9cd43dbf78a0b1f159644f2c60
973fb4f6b04cd184a6a3d8b10cd3f32baef6d4f9537cd1a01119cc0d34377d1f

HTTP Headers

GET /static/adManager.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:56 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Mon, 05 Dec 2022 13:37:26 GMT
etag: W/"638df416-4dd"
content-encoding: gzip
expires: Wed, 24 May 2023 09:37:56 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

adsbb.dfiles.eu//ad.php?z=56&c=NO

91.226.124.80

303 See Other

0 B

URL GET HTTP/1.1
adsbb.dfiles.eu//ad.php?z=56&c=NO
IP
91.226.124.80:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET //ad.php?z=56&c=NO HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; last_file=7saf9opey; lang_current=en; _ga_BL9163LYG1=GS1.1.1684920776.1.0.1684920776.0.0.0; _ga=GA1.1.673948797.1684920776
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 303 See Other
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.30-0+deb8u1
Set-Cookie: _nf56=1; expires=Thu, 25-May-2023 09:32:57 GMT; Max-Age=86400
Location: /upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752

loader.unblockia.com/c/dfiles.eu/config.json

54.230.111.124

200 OK

47 kB

URL GET HTTP/2
loader.unblockia.com/c/dfiles.eu/config.json
IP
54.230.111.124:443
ASN
#16509 AMAZON-02

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerAmazon
Subject*.unblockia.com
FingerprintF2:6F:03:00:E3:4A:B1:87:3C:4D:28:BB:E6:CE:8F:F1:2A:6E:1B:5D
ValidityTue, 21 Feb 2023 00:00:00 GMT - Fri, 22 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (46747), with no line terminators
Size
47 kB (46747 bytes)
Hash
f365c1e4619a90bbadadacf55598fe90
1623c939b72aecd3831e1da35e4c0a5229383e91
23e2e4d868bb2652b97e9e13d36df1dfeeba338d4e9c4d1d737fba6b2b2b2d52

HTTP Headers

GET /c/dfiles.eu/config.json HTTP/1.1
Host: loader.unblockia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 46747
date: Wed, 24 May 2023 04:15:06 GMT
last-modified: Fri, 12 May 2023 12:21:43 GMT
etag: "f365c1e4619a90bbadadacf55598fe90"
x-amz-server-side-encryption: AES256
x-amz-version-id: 9pI8Ts97IpPXbRP2Kcl6CF4_Ph.rjMBr
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7kH0WD0xiL0Pk3IeNmef3RvZnRwXmyh6NhAJEF8Lf09a_1N6Yb_bug==
age: 19071
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

adsbb.dfiles.eu//ad.php?z=7&c=NO&g=no_file&u=646dd9c75f27e-13967916

91.226.124.78

303 See Other

0 B

URL GET HTTP/1.1
adsbb.dfiles.eu//ad.php?z=7&c=NO&g=no_file&u=646dd9c75f27e-13967916
IP
91.226.124.78:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET //ad.php?z=7&c=NO&g=no_file&u=646dd9c75f27e-13967916 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; last_file=7saf9opey; lang_current=en; _ga_BL9163LYG1=GS1.1.1684920776.1.0.1684920776.0.0.0; _ga=GA1.1.673948797.1684920776
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 303 See Other
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.30-0+deb8u1
Set-Cookie: _nf7=1; expires=Thu, 25-May-2023 09:32:57 GMT; Max-Age=86400
Location: /upload/2303/ad2769296150a424.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752

adsbb.dfiles.eu//ad.php?z=58&c=NO&g=no_file

91.226.124.80

303 See Other

0 B

URL GET HTTP/1.1
adsbb.dfiles.eu//ad.php?z=58&c=NO&g=no_file
IP
91.226.124.80:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET //ad.php?z=58&c=NO&g=no_file HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; last_file=7saf9opey; lang_current=en; _ga_BL9163LYG1=GS1.1.1684920776.1.0.1684920776.0.0.0; _ga=GA1.1.673948797.1684920776
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 303 See Other
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.30-0+deb8u1
Set-Cookie: _nf58=1; expires=Thu, 25-May-2023 09:32:57 GMT; Max-Age=86400
Location: /upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752

adsbb.dfiles.eu//ad.php?z=60&c=NO

91.226.124.78

303 See Other

0 B

URL GET HTTP/1.1
adsbb.dfiles.eu//ad.php?z=60&c=NO
IP
91.226.124.78:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET //ad.php?z=60&c=NO HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; last_file=7saf9opey; lang_current=en; _ga_BL9163LYG1=GS1.1.1684920776.1.0.1684920776.0.0.0; _ga=GA1.1.673948797.1684920776
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 303 See Other
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.30-0+deb8u1
Set-Cookie: _nf60=1; expires=Thu, 25-May-2023 09:32:57 GMT; Max-Age=86400
Location: /upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752

js.wpshsdk.com/npc/sdk/wp-banners.js

45.133.44.53

200 OK

0 B

URL GET HTTP/2
js.wpshsdk.com/npc/sdk/wp-banners.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjectjs.wpshsdk.com
Fingerprint78:77:A4:19:CC:0D:15:24:69:96:1B:44:C9:A0:4D:0B:B7:C0:F2:D8
ValidityMon, 27 Mar 2023 02:06:36 GMT - Sun, 25 Jun 2023 02:06:35 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Wed, 24 May 2023 09:37:57 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

na.nawpush.com/tags/46445?version_name=a

45.133.44.25

200 OK

578 B

URL GET HTTP/2
na.nawpush.com/tags/46445?version_name=a
IP
45.133.44.25:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjectna.nawpush.com
Fingerprint06:8A:2E:29:09:91:41:F0:6E:1C:15:DE:41:23:FB:9C:E4:5B:47:B0
ValidityMon, 03 Apr 2023 01:01:43 GMT - Sun, 02 Jul 2023 01:01:42 GMT

File type
JSON data\012- , ASCII text, with very long lines (578), with no line terminators
Size
578 B (578 bytes)
Hash
48cf99226e98595889e80d389697c90c
6c6f7b9047532c20c72d68b246dafe3db8ca16b5
e81d3360bc9596b20a9ea1289549039c2b4d0350a4cd9122c1578605b56f7055

HTTP Headers

GET /tags/46445?version_name=a HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:57 GMT
content-type: application/json
content-length: 578
server: nginx/1.18.0
cache-control: max-age=300, public
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752

91.226.124.78

200 OK

670 B

URL GET HTTP/1.1
adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
IP
91.226.124.78:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
670 B (670 bytes)
Hash
1c1f34441a54edce6b52c3649ef526cd
17baa188e1f7646b2433b89f5d5d56ca1318b691
14e40f5c348a27a0806b7951f425af668dc85c00a66e37ee8a0a09af6049f94e

HTTP Headers

GET /upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
DNT: 1
Connection: keep-alive
Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; last_file=7saf9opey; lang_current=en; _ga_BL9163LYG1=GS1.1.1684920776.1.0.1684920776.0.0.0; _ga=GA1.1.673948797.1684920776; _nf56=1; _nf7=1; _nf58=1; _nf60=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Last-Modified: Wed, 24 May 2023 09:30:01 GMT
Content-Encoding: gzip

adsbb.dfiles.eu/upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752

91.226.124.78

200 OK

677 B

URL GET HTTP/1.1
adsbb.dfiles.eu/upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
IP
91.226.124.78:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
677 B (677 bytes)
Hash
7ef505f3daf5cee6ee5e38d26f81a2d2
4c7ac3903e4a813eb640920e7daeea892e19c371
48a8741a86eb2b00c27ba84dcd2866cc0ea76f0bf01710dad6e5d06205938327

HTTP Headers

GET /upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
DNT: 1
Connection: keep-alive
Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; last_file=7saf9opey; lang_current=en; _ga_BL9163LYG1=GS1.1.1684920776.1.0.1684920776.0.0.0; _ga=GA1.1.673948797.1684920776; _nf56=1; _nf7=1; _nf58=1; _nf60=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Last-Modified: Wed, 24 May 2023 09:30:01 GMT
Content-Encoding: gzip

adsbb.dfiles.eu/upload/2303/ad2769296150a424.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752

91.226.124.78

200 OK

2.4 kB

URL GET HTTP/1.1
adsbb.dfiles.eu/upload/2303/ad2769296150a424.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
IP
91.226.124.78:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (879)
Size
2.4 kB (2380 bytes)
Hash
351f80166f20dec8cdebcf4705f0a9b9
02cdcdf9e338276a826b81f729bfec51aa3ae7c7
9f82b46d5dc09b8a528800be044d910f319f064e5e73e7a414f91df8a70d3983

HTTP Headers

GET /upload/2303/ad2769296150a424.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
DNT: 1
Connection: keep-alive
Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; last_file=7saf9opey; lang_current=en; _ga_BL9163LYG1=GS1.1.1684920776.1.0.1684920776.0.0.0; _ga=GA1.1.673948797.1684920776; _nf56=1; _nf7=1; _nf58=1; _nf60=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Last-Modified: Wed, 24 May 2023 09:30:01 GMT
Content-Encoding: gzip

adsbb.dfiles.eu/upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752

91.226.124.78

200 OK

669 B

URL GET HTTP/1.1
adsbb.dfiles.eu/upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
IP
91.226.124.78:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
669 B (669 bytes)
Hash
b23e28a6b4c560f6ae7b10c3ac184968
eab8c825c42292d07b400521769c2bc76120ec7b
e1eae0f4409c06e8a4c09ff0cf11fa6db92b47fb75df473edb4230451b6ca6aa

HTTP Headers

GET /upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
DNT: 1
Connection: keep-alive
Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; last_file=7saf9opey; lang_current=en; _ga_BL9163LYG1=GS1.1.1684920776.1.0.1684920776.0.0.0; _ga=GA1.1.673948797.1684920776; _nf56=1; _nf7=1; _nf58=1; _nf60=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Last-Modified: Wed, 24 May 2023 09:30:01 GMT
Content-Encoding: gzip

ip2geo.pubfuture-ad.com/detail

104.26.1.97

200 OK

33 B

URL GET HTTP/2
ip2geo.pubfuture-ad.com/detail
IP
104.26.1.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA4:70:A9:B9:AC:49:1E:53:23:43:41:25:CD:10:7C:01:2E:87:01:01
ValidityTue, 07 Feb 2023 00:00:00 GMT - Tue, 06 Feb 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
33 B (33 bytes)
Hash
007af5ffed017e37943df31888ef8666
2877ed4c460ba9164b3625e32502a9d83a2a1d4a
bfb9d45766b6f87ee2c5f55862cdffe168aa7df0ff6ed0917b0fbcb035fdcdd2

HTTP Headers

GET /detail HTTP/1.1
Host: ip2geo.pubfuture-ad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:57 GMT
content-type: application/json; charset=utf-8
content-length: 33
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
access-control-allow-origin: *
etag: W/"21-KHftTEYLqRZLNiXjJQKp2DoqHUo"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2FN7EZSOEUImnDYqkDIRMQjPDRCt7OI7k%2FkJBTIhMhhWLZy%2FopCB70TRjr%2Byko%2BHcDYeLjQJGBo80oOPFRkLY2gHYfZX5ROYUqsyAu65E666qr%2Bvxn0nPmmTDTpkeYj5s8p3%2BVJxWr1G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cc488ca29bfb515-OSL
X-Firefox-Spdy: h2

adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js

91.226.124.78

200 OK

85 kB

URL GET HTTP/1.1
adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
IP
91.226.124.78:443
ASN
#35415 Webzilla B.V.

Requested by
https://adsbb.dfiles.eu/upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Certificate
IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT

File type
Unicode text, UTF-8 text, with very long lines (65168)
Size
85 kB (85260 bytes)
Hash
b04a3bccd23ddeb7982143707a63ccf9
4a5dc1389aad050a44ee5e81408238a317ab3413
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b

HTTP Headers

GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; last_file=7saf9opey; lang_current=en; _ga_BL9163LYG1=GS1.1.1684920776.1.0.1684920776.0.0.0; _ga=GA1.1.673948797.1684920776; _nf56=1; _nf7=1; _nf58=1; _nf60=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: application/javascript
Content-Length: 85260
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes

adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js

91.226.124.78

200 OK

85 kB

URL GET HTTP/1.1
adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
IP
91.226.124.78:443
ASN
#35415 Webzilla B.V.

Requested by
https://adsbb.dfiles.eu/upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Certificate
IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT

File type
Unicode text, UTF-8 text, with very long lines (65168)
Size
85 kB (85260 bytes)
Hash
b04a3bccd23ddeb7982143707a63ccf9
4a5dc1389aad050a44ee5e81408238a317ab3413
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b

HTTP Headers

GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; last_file=7saf9opey; lang_current=en; _ga_BL9163LYG1=GS1.1.1684920776.1.0.1684920776.0.0.0; _ga=GA1.1.673948797.1684920776; _nf56=1; _nf7=1; _nf58=1; _nf60=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: application/javascript
Content-Length: 85260
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes

adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js

91.226.124.78

200 OK

85 kB

URL GET HTTP/1.1
adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
IP
91.226.124.78:443
ASN
#35415 Webzilla B.V.

Requested by
https://adsbb.dfiles.eu/upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Certificate
IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT

File type
Unicode text, UTF-8 text, with very long lines (65168)
Size
85 kB (85260 bytes)
Hash
b04a3bccd23ddeb7982143707a63ccf9
4a5dc1389aad050a44ee5e81408238a317ab3413
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b

HTTP Headers

GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2303/ad2769296150a424.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; last_file=7saf9opey; lang_current=en; _ga_BL9163LYG1=GS1.1.1684920776.1.0.1684920776.0.0.0; _ga=GA1.1.673948797.1684920776; _nf56=1; _nf7=1; _nf58=1; _nf60=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: application/javascript
Content-Length: 85260
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes

adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js

91.226.124.78

200 OK

85 kB

URL GET HTTP/1.1
adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
IP
91.226.124.78:443
ASN
#35415 Webzilla B.V.

Requested by
https://adsbb.dfiles.eu/upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Certificate
IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT

File type
Unicode text, UTF-8 text, with very long lines (65168)
Size
85 kB (85260 bytes)
Hash
b04a3bccd23ddeb7982143707a63ccf9
4a5dc1389aad050a44ee5e81408238a317ab3413
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b

HTTP Headers

GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; last_file=7saf9opey; lang_current=en; _ga_BL9163LYG1=GS1.1.1684920776.1.0.1684920776.0.0.0; _ga=GA1.1.673948797.1684920776; _nf56=1; _nf7=1; _nf58=1; _nf60=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: application/javascript
Content-Length: 85260
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes

cdn.pubfuture-ad.com/v2/unit/pt.js

172.67.70.21

200 OK

31 kB

URL GET HTTP/2
cdn.pubfuture-ad.com/v2/unit/pt.js
IP
172.67.70.21:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA4:70:A9:B9:AC:49:1E:53:23:43:41:25:CD:10:7C:01:2E:87:01:01
ValidityTue, 07 Feb 2023 00:00:00 GMT - Tue, 06 Feb 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (6612), with no line terminators
Size
31 kB (31257 bytes)
Hash
682292a8592cf915768cad01e4b3222d
7cac4c7f0693fe9296ced91b9ea1c60b2475600b
74075ecdd502ca9121a9d6a11e8824771cea3c7e158726e01a2964c750766e1d

HTTP Headers

GET /v2/unit/pt.js HTTP/1.1
Host: cdn.pubfuture-ad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:56 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=172800
cf-bgj: minify
access-control-allow-origin: *
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
etag: W/"19d4-fKxMfwaT/pKWztkbnqHGCyR1YAs"
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
cf-cache-status: HIT
age: 78147
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IdL59Xp%2BE2wXC8hNyKQBKErW7ZwQSyPGrIdSAQ4qvX8MdZ1Xg1j7Uga9tu1yKf8s5gwKHBgI2hIibYAlJCxV0bUg7JcI%2BzW40asJLm9xj9ow9uBF%2Ffj6KH1InJQc1Xnc%2FxVkO5Tn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cc488c3390a0b55-OSL
content-encoding: br
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

18.192.155.180

200 OK

40 B

URL GET HTTP/2
simplewebanalysis.com/stats
IP
18.192.155.180:443
ASN
#16509 AMAZON-02

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerAmazon
Subjectsimplewebanalysis.com
FingerprintE5:9D:30:D3:0E:8A:EF:0D:43:46:4C:4C:53:AD:05:78:63:E9:04:07
ValidityThu, 02 Mar 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
e79ecd69aa055a08849236de5ce34be0
bf1e873f7f5ef9861d60c15d24414f4d03690339
dc6009f0beb0624cf3be342f6cce435fea4e726eaefa7896e0d96b465854bae0

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: uid_id2=ed70feaa-4a44-4eb2-8cc3-ec5849860a76:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:57 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dfiles.eu
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

adsbb.dfiles.eu/view.gif?c=2685&z=56&b=2758&u=646dd919e272e2737099307409415

91.226.124.78

43 B

URL
adsbb.dfiles.eu/view.gif?c=2685&z=56&b=2758&u=646dd919e272e2737099307409415
IP
91.226.124.78:0
ASN
#35415 Webzilla B.V.

Certificate
IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

HTTP Headers

GET /view.gif?c=2685&z=56&b=2758&u=646dd919e272e2737099307409415 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; last_file=7saf9opey; lang_current=en; _ga_BL9163LYG1=GS1.1.1684920776.1.0.1684920776.0.0.0; _ga=GA1.1.673948797.1684920776; _nf56=1; _nf7=1; _nf58=1; _nf60=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: image/gif
Content-Length: 43
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes

adsbb.dfiles.eu/view.gif?c=2973&z=58&b=2775&u=646dd919ec4e87686382574583784

91.226.124.78

43 B

URL
adsbb.dfiles.eu/view.gif?c=2973&z=58&b=2775&u=646dd919ec4e87686382574583784
IP
91.226.124.78:0
ASN
#35415 Webzilla B.V.

Certificate
IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

HTTP Headers

GET /view.gif?c=2973&z=58&b=2775&u=646dd919ec4e87686382574583784 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; last_file=7saf9opey; lang_current=en; _ga_BL9163LYG1=GS1.1.1684920776.1.0.1684920776.0.0.0; _ga=GA1.1.673948797.1684920776; _nf56=1; _nf7=1; _nf58=1; _nf60=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: image/gif
Content-Length: 43
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes

adsbb.dfiles.eu/view.gif?c=2687&z=60&b=2759&u=646dd919e2b155129252212341188

91.226.124.78

200 OK

43 B

URL GET HTTP/1.1
adsbb.dfiles.eu/view.gif?c=2687&z=60&b=2759&u=646dd919e2b155129252212341188
IP
91.226.124.78:443
ASN
#35415 Webzilla B.V.

Requested by
https://adsbb.dfiles.eu/upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Certificate
IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

HTTP Headers

GET /view.gif?c=2687&z=60&b=2759&u=646dd919e2b155129252212341188 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; last_file=7saf9opey; lang_current=en; _ga_BL9163LYG1=GS1.1.1684920776.1.0.1684920776.0.0.0; _ga=GA1.1.673948797.1684920776; _nf56=1; _nf7=1; _nf58=1; _nf60=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:58 GMT
Content-Type: image/gif
Content-Length: 43
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes

c.mgid.com/pv/?pv=5&cbuster=1684920777822611466867&lct=1684800000&jsv=es6&iframe=1&ref=https%3A%2F%2Fdfiles.eu%2Ffiles%2F7saf9opey&cxurl=https%3A%2F%2Fdfiles.eu%2Ffiles%2F7saf9opey&lu=https%3A%2F%2Fdfiles.eu%2Ffiles%2F7saf9opey&sessionId=646dd9ca-055d3&pageView=1&pvid=1884d1abc708b31fa25&site=437&implVersion=11&dpr=1&tfre=508

104.19.135.78

0 B

URL
c.mgid.com/pv/?pv=5&cbuster=1684920777822611466867&lct=1684800000&jsv=es6&iframe=1&ref=https%3A%2F%2Fdfiles.eu%2Ffiles%2F7saf9opey&cxurl=https%3A%2F%2Fdfiles.eu%2Ffiles%2F7saf9opey&lu=https%3A%2F%2Fdfiles.eu%2Ffiles%2F7saf9opey&sessionId=646dd9ca-055d3&pageView=1&pvid=1884d1abc708b31fa25&site=437&implVersion=11&dpr=1&tfre=508
IP
104.19.135.78:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pv/?pv=5&cbuster=1684920777822611466867&lct=1684800000&jsv=es6&iframe=1&ref=https%3A%2F%2Fdfiles.eu%2Ffiles%2F7saf9opey&cxurl=https%3A%2F%2Fdfiles.eu%2Ffiles%2F7saf9opey&lu=https%3A%2F%2Fdfiles.eu%2Ffiles%2F7saf9opey&sessionId=646dd9ca-055d3&pageView=1&pvid=1884d1abc708b31fa25&site=437&implVersion=11&dpr=1&tfre=508 HTTP/1.1
Host: c.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adsbb.dfiles.eu/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Jic3JPCzmSpJYkBJ71Pv_CnBE9gJpoItTXX1JA2KHfc-1684920777-0-ASgbQTBea5QUG3sHvTqpA0LA5ztxWyENrSN3kM8YdpKLX2bM3SUTFJsn3Ln9ZjbV1dgSWR/U9uxE9+z1oZDsrgQ=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 May 2023 09:32:58 GMT
content-length: 0
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7cc488ceed0db524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

static.depositfiles.com/images/favicon.ico

91.226.124.81

200 OK

318 B

URL GET HTTP/1.1
static.depositfiles.com/images/favicon.ico
IP
91.226.124.81:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint90:44:8D:18:D5:0B:6D:4B:AA:47:FB:C3:D9:B4:43:28:E2:A9:58:14
ValidityMon, 27 Feb 2023 10:18:03 GMT - Sun, 28 May 2023 10:18:02 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel\012- data
Size
318 B (318 bytes)
Hash
0f0b975ee529197ec75780ebc2de5907
59688c6aafca5606e388ba9a44fc9dc25fc32cd3
28a0b52229f05b66354ca38b6b813d2281af3efb7e8b0a424ef8b4c68b9e583c

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:58 GMT
Content-Type: image/x-icon
Content-Length: 318
Last-Modified: Tue, 26 Apr 2022 10:45:42 GMT
Connection: keep-alive
ETag: "6267cd56-13e"
Accept-Ranges: bytes

www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js

142.250.74.35

200 OK

167 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text, with very long lines (554)
Size
167 kB (166637 bytes)
Hash
213e1a6e418f3df36f2ec077314ef525
7a553e545a48271f3afec47b3ed5f3518cfdd7b4
ad5008998005064af73229fb144d5f8e789641f8a846e2064ec18788a37e9e2d

HTTP Headers

GET /recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166637
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 08:30:50 GMT
expires: Thu, 23 May 2024 08:30:50 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 May 2023 04:00:52 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 3728
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

handbaggather.com/sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6

173.233.137.44

200 OK

2.2 kB

URL GET HTTP/1.1
handbaggather.com/sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjecthandbaggather.com
FingerprintAA:C3:B2:B7:C4:DC:3B:FA:64:BF:B0:F3:38:ED:6B:B3:B1:27:20:81
ValidityFri, 28 Apr 2023 01:16:44 GMT - Thu, 27 Jul 2023 01:16:43 GMT

File type
JSON data\012- , ASCII text, with very long lines (5447), with no line terminators
Size
2.2 kB (2214 bytes)
Hash
64fdfdb2c86554d2b8dd0348a068e5b4
8dce2b64708644026e1b37e745c6943d05c838ef
e50586989e3828de6a5631ef3fb7fc72b27ce3b58ff3c99c21ee48e648261cd7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6 HTTP/1.1
Host: handbaggather.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 May 2023 09:32:58 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://dfiles.eu
Access-Control-Allow-Origin: https://dfiles.eu
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16004719; expires=Thu, 25 May 2023 09:32:58 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 25 May 2023 09:32:58 GMT; secure; SameSite=None
uncs=1; expires=Thu, 25 May 2023 09:32:58 GMT; secure; SameSite=None
pdhtkv29=true; expires=Thu, 25 May 2023 09:32:58 GMT; secure; SameSite=None
uncs29=1; expires=Thu, 25 May 2023 09:32:58 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 936dcd95b85f943040fe7c71046894d6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

toothbrushconceitedsemi.com/pixel/purst?dl=0&th=0&sc=0&rs=2787&rd=2787&fd=871&bv=22.10.v.10&tmpl=136

192.243.59.13

200 OK

0 B

URL GET HTTP/1.1
toothbrushconceitedsemi.com/pixel/purst?dl=0&th=0&sc=0&rs=2787&rd=2787&fd=871&bv=22.10.v.10&tmpl=136
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjecttoothbrushconceitedsemi.com
FingerprintA9:C9:26:53:26:E3:4C:E1:73:0A:D6:1F:61:91:1C:4B:DF:C3:F4:9B
ValidityFri, 05 May 2023 09:21:53 GMT - Thu, 03 Aug 2023 09:21:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=2787&rd=2787&fd=871&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: toothbrushconceitedsemi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 May 2023 09:32:58 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

jsc.mgid.com/d/e/depositfiles.com.3334.es6.js

104.19.135.78

200 OK

91 kB

URL GET HTTP/3
jsc.mgid.com/d/e/depositfiles.com.3334.es6.js
IP
104.19.135.78:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adsbb.dfiles.eu/upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint44:BF:9D:AD:98:A7:1A:F2:1D:18:EF:4E:3E:BE:C0:D8:28:4D:9F:04
ValidityTue, 11 Apr 2023 00:00:00 GMT - Wed, 10 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (28223)
Size
91 kB (90776 bytes)
Hash
1eeedf021e01b774c05b8c672b09f66c
275896b8d7e41b4a1d517ea72ebac02aac3a4d13
c6118a1dc680f817266171594c36e0a4a0b61df5ccbf5d7cba76f2be783585f8

HTTP Headers

GET /d/e/depositfiles.com.3334.es6.js HTTP/1.1
Host: jsc.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Cookie: __cf_bm=Jic3JPCzmSpJYkBJ71Pv_CnBE9gJpoItTXX1JA2KHfc-1684920777-0-ASgbQTBea5QUG3sHvTqpA0LA5ztxWyENrSN3kM8YdpKLX2bM3SUTFJsn3Ln9ZjbV1dgSWR/U9uxE9+z1oZDsrgQ=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 May 2023 09:32:57 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=299840
etag: W/"f9f288a77c9ca02391ab0e1800951519"
last-modified: Tue, 23 May 2023 10:24:32 GMT
x-amz-id-2: HhciiZjvS/2z/8fIq4z5mE+HK8bpjS18kpg9UKWJAD4W2/4OL5m3OVQlLS5YTzVwB6EAJ9DypKE=
x-amz-request-id: ADFT40CMCAG9MZJX
x-amz-server-side-encryption: AES256
x-amz-version-id: 4pjd7og8LXsQ8261RpBWgkWz.tb8iYgM
cf-cache-status: HIT
age: 9
expires: Wed, 24 May 2023 12:32:57 GMT
cache-control: public, max-age=10800
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc488ce4c41b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdn.unblockia.com/autopromos/unicef3.jpg?unblockia=true

54.230.111.2

200 OK

54 kB

URL GET HTTP/2
cdn.unblockia.com/autopromos/unicef3.jpg?unblockia=true
IP
54.230.111.2:443
ASN
#16509 AMAZON-02

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerAmazon
Subject*.unblockia.com
FingerprintF2:6F:03:00:E3:4A:B1:87:3C:4D:28:BB:E6:CE:8F:F1:2A:6E:1B:5D
ValidityTue, 21 Feb 2023 00:00:00 GMT - Fri, 22 Mar 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 160x600, components 3\012- data
Size
54 kB (54292 bytes)
Hash
5dcf47442fc7fbb8d0263bbf4869537e
2c8232ac93448bbc06b5464f1839a5cdb2ed3e07
81804a1b2b20350ec009ba6429a4f58124c16ca30683af0af255544cd98c8fa6

HTTP Headers

GET /autopromos/unicef3.jpg?unblockia=true HTTP/1.1
Host: cdn.unblockia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 54292
last-modified: Tue, 12 Apr 2022 08:41:27 GMT
x-amz-version-id: iA22.ytP0i4dmuIhnc0eyNVgJlt2K4fl
accept-ranges: bytes
server: AmazonS3
date: Wed, 24 May 2023 03:31:48 GMT
etag: "5dcf47442fc7fbb8d0263bbf4869537e"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1WT8_7GUTGvlwoF1-GdjqzSwUVbvPeYiydsGAnmP8sd6CPx6BT0dLQ==
age: 21671
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

cdn.unblockia.com/autopromos/unicef2.jpg?unblockia=true

54.230.111.2

200 OK

37 kB

URL GET HTTP/2
cdn.unblockia.com/autopromos/unicef2.jpg?unblockia=true
IP
54.230.111.2:443
ASN
#16509 AMAZON-02

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerAmazon
Subject*.unblockia.com
FingerprintF2:6F:03:00:E3:4A:B1:87:3C:4D:28:BB:E6:CE:8F:F1:2A:6E:1B:5D
ValidityTue, 21 Feb 2023 00:00:00 GMT - Fri, 22 Mar 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 728x90, components 3\012- data
Size
37 kB (36773 bytes)
Hash
58fbb6ffe72ac0c1aa468de39ee18e13
d25230f1ef89aecc6048b0ceb09dd0af609ee7b6
e8ff7f3a8926e5b5497d2ab7a1bf47c5655e287a51045f11846f426ac6c7d180

HTTP Headers

GET /autopromos/unicef2.jpg?unblockia=true HTTP/1.1
Host: cdn.unblockia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 36773
last-modified: Tue, 12 Apr 2022 08:41:28 GMT
x-amz-version-id: xUurxjfnscsyJn430NFsrgfbabIFowSl
accept-ranges: bytes
server: AmazonS3
date: Tue, 23 May 2023 17:02:15 GMT
etag: "58fbb6ffe72ac0c1aa468de39ee18e13"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fuuKCnx5coWe75lTHtGZ2DHlBcE23ckBT_JSrqQMbHxOIdjfKD59LQ==
age: 59522
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

t.unblockia.com/?sid=140&o=3&b=2&p=1&t=1

54.230.111.104

200 OK

0 B

URL POST HTTP/2
t.unblockia.com/?sid=140&o=3&b=2&p=1&t=1
IP
54.230.111.104:443
ASN
#16509 AMAZON-02

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerAmazon
Subject*.unblockia.com
FingerprintF2:6F:03:00:E3:4A:B1:87:3C:4D:28:BB:E6:CE:8F:F1:2A:6E:1B:5D
ValidityTue, 21 Feb 2023 00:00:00 GMT - Fri, 22 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /?sid=140&o=3&b=2&p=1&t=1 HTTP/1.1
Host: t.unblockia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
content-type: application/json
content-length: 0
server: nginx/1.20.0
date: Wed, 24 May 2023 09:32:58 GMT
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TsA2lmJik1L59s8Vq8inKThpr0bdnJ4NAK6IrRqeHFyXM_v9nEhsxw==
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

handbaggather.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq9dlD%2BplXS%2BCwnhSQSbdnZ5f7kE2rpFg3Ky7it6kuqp68kx1V1PVPT0JHoILssfxP%2Bh8J9mghmX9AxSZeHJByHjKwRyE%2FQNE2bPMJDj6oHnv%2B77v8Hmv66u98oz5KPnp6gdmh7TmS62m33j90yC43linrBw2ht32Z%2B3oesMO3gr8XtN%2Fo%2FGeEltmKfQD3w%2F8oLFKViVmuBQEQdMH5Ue9oNnzm1HYDFoRhvb%2F2pUeHPcgB2fsBZCcPnv0MAKJCbL00U3ltgqTv%2FluWmpeGIuBPPw428pMlSFdlIn1kGSHF9Mw7mT1R5jsYA4MM%2Fh3MKYp8578gTg7vKBEPDg4B401VIZYPodqMIHSExCfQJh7IHnCACFxawNZ%2BuCWsRXfPnf5zJ2yy0%2F%2FAlVTdvn3F5GlD1c0DRt3jS4LMpnDMKlBwwmoP0FeHqPYuQSqjiGKL0HyV7b0dB1Zur%2FhtAHJer480QSUTKDVCNx5KGcfeSgTD2XuIZWnjY6Iul3ZbUmuhAjjJOgmURL1uPAT4S%2F3QpRihjdCkY8g9AjC7iK3u9iiEWz5E9xmDSc9uGLKvA93MZA1KsVQOYaKM1TEUBUM1aA%2BkNqFrn4gtSvj4CKHF3m5Hpuiv8cPTNFXGdvLz9jV%2BV3%2BbhtsqdNGGEZcRjyI4igOWiLohO0k6fgtJdqdUPE2HNUgd2m%2B6g6dXMuR08nzLyPmx3D6GIKugpevgFfjTuiDb46jro%2Bd7JFUuXFUJKSVawqTQpoaeXEZxba3p8%2FYS3OO1568CiUes4uAsDVyW%2BNz%2Bpmhr%2B%2BP75iK7d8xlWPfb%2BQFpbTDZ%2F%2FubsELdeXb99V2Zaxcu%2BlG39wQM2NWHn2kXLHOM0lZ37HvVkhKZVeNFYr9sOY%2BUfHt0m2ulDYr8%2FXb76yupblVzpHJJuB08kUbgqbsyo2D%2Bau89mcPZCewZY20XJCSmUDku3D5oucMg9ULHeceqrIe2zBeNDUxaLXQPK7h%2FqPjRb3n7qNvPfDiHrK0xsDWGOgaXI%2FgymfGRW4fv%2F3b8jwQa28ca%2Bvtx9rqr89P6%2Bi0oTqq3etFftSRvh9HMgyDlhJ8OeI9HoZJB4WbyvT0l38AAAD%2F%2FwEAAP%2F%2Fkj7uWWIEAAA%3D

192.243.59.13

200 OK

7 B

URL GET HTTP/1.1
handbaggather.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq9dlD%2BplXS%2BCwnhSQSbdnZ5f7kE2rpFg3Ky7it6kuqp68kx1V1PVPT0JHoILssfxP%2Bh8J9mghmX9AxSZeHJByHjKwRyE%2FQNE2bPMJDj6oHnv%2B77v8Hmv66u98oz5KPnp6gdmh7TmS62m33j90yC43linrBw2ht32Z%2B3oesMO3gr8XtN%2Fo%2FGeEltmKfQD3w%2F8oLFKViVmuBQEQdMH5Ue9oNnzm1HYDFoRhvb%2F2pUeHPcgB2fsBZCcPnv0MAKJCbL00U3ltgqTv%2FluWmpeGIuBPPw428pMlSFdlIn1kGSHF9Mw7mT1R5jsYA4MM%2Fh3MKYp8578gTg7vKBEPDg4B401VIZYPodqMIHSExCfQJh7IHnCACFxawNZ%2BuCWsRXfPnf5zJ2yy0%2F%2FAlVTdvn3F5GlD1c0DRt3jS4LMpnDMKlBwwmoP0FeHqPYuQSqjiGKL0HyV7b0dB1Zur%2FhtAHJer480QSUTKDVCNx5KGcfeSgTD2XuIZWnjY6Iul3ZbUmuhAjjJOgmURL1uPAT4S%2F3QpRihjdCkY8g9AjC7iK3u9iiEWz5E9xmDSc9uGLKvA93MZA1KsVQOYaKM1TEUBUM1aA%2BkNqFrn4gtSvj4CKHF3m5Hpuiv8cPTNFXGdvLz9jV%2BV3%2BbhtsqdNGGEZcRjyI4igOWiLohO0k6fgtJdqdUPE2HNUgd2m%2B6g6dXMuR08nzLyPmx3D6GIKugpevgFfjTuiDb46jro%2Bd7JFUuXFUJKSVawqTQpoaeXEZxba3p8%2FYS3OO1568CiUes4uAsDVyW%2BNz%2Bpmhr%2B%2BP75iK7d8xlWPfb%2BQFpbTDZ%2F%2FubsELdeXb99V2Zaxcu%2BlG39wQM2NWHn2kXLHOM0lZ37HvVkhKZVeNFYr9sOY%2BUfHt0m2ulDYr8%2FXb76yupblVzpHJJuB08kUbgqbsyo2D%2Bau89mcPZCewZY20XJCSmUDku3D5oucMg9ULHeceqrIe2zBeNDUxaLXQPK7h%2FqPjRb3n7qNvPfDiHrK0xsDWGOgaXI%2FgymfGRW4fv%2F3b8jwQa28ca%2Bvtx9rqr89P6%2Bi0oTqq3etFftSRvh9HMgyDlhJ8OeI9HoZJB4WbyvT0l38AAAD%2F%2FwEAAP%2F%2Fkj7uWWIEAAA%3D
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjecthandbaggather.com
FingerprintAA:C3:B2:B7:C4:DC:3B:FA:64:BF:B0:F3:38:ED:6B:B3:B1:27:20:81
ValidityFri, 28 Apr 2023 01:16:44 GMT - Thu, 27 Jul 2023 01:16:43 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq9dlD%2BplXS%2BCwnhSQSbdnZ5f7kE2rpFg3Ky7it6kuqp68kx1V1PVPT0JHoILssfxP%2Bh8J9mghmX9AxSZeHJByHjKwRyE%2FQNE2bPMJDj6oHnv%2B77v8Hmv66u98oz5KPnp6gdmh7TmS62m33j90yC43linrBw2ht32Z%2B3oesMO3gr8XtN%2Fo%2FGeEltmKfQD3w%2F8oLFKViVmuBQEQdMH5Ue9oNnzm1HYDFoRhvb%2F2pUeHPcgB2fsBZCcPnv0MAKJCbL00U3ltgqTv%2FluWmpeGIuBPPw428pMlSFdlIn1kGSHF9Mw7mT1R5jsYA4MM%2Fh3MKYp8578gTg7vKBEPDg4B401VIZYPodqMIHSExCfQJh7IHnCACFxawNZ%2BuCWsRXfPnf5zJ2yy0%2F%2FAlVTdvn3F5GlD1c0DRt3jS4LMpnDMKlBwwmoP0FeHqPYuQSqjiGKL0HyV7b0dB1Zur%2FhtAHJer480QSUTKDVCNx5KGcfeSgTD2XuIZWnjY6Iul3ZbUmuhAjjJOgmURL1uPAT4S%2F3QpRihjdCkY8g9AjC7iK3u9iiEWz5E9xmDSc9uGLKvA93MZA1KsVQOYaKM1TEUBUM1aA%2BkNqFrn4gtSvj4CKHF3m5Hpuiv8cPTNFXGdvLz9jV%2BV3%2BbhtsqdNGGEZcRjyI4igOWiLohO0k6fgtJdqdUPE2HNUgd2m%2B6g6dXMuR08nzLyPmx3D6GIKugpevgFfjTuiDb46jro%2Bd7JFUuXFUJKSVawqTQpoaeXEZxba3p8%2FYS3OO1568CiUes4uAsDVyW%2BNz%2Bpmhr%2B%2BP75iK7d8xlWPfb%2BQFpbTDZ%2F%2FubsELdeXb99V2Zaxcu%2BlG39wQM2NWHn2kXLHOM0lZ37HvVkhKZVeNFYr9sOY%2BUfHt0m2ulDYr8%2FXb76yupblVzpHJJuB08kUbgqbsyo2D%2Bau89mcPZCewZY20XJCSmUDku3D5oucMg9ULHeceqrIe2zBeNDUxaLXQPK7h%2FqPjRb3n7qNvPfDiHrK0xsDWGOgaXI%2FgymfGRW4fv%2F3b8jwQa28ca%2Bvtx9rqr89P6%2Bi0oTqq3etFftSRvh9HMgyDlhJ8OeI9HoZJB4WbyvT0l38AAAD%2F%2FwEAAP%2F%2Fkj7uWWIEAAA%3D HTTP/1.1
Host: handbaggather.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 May 2023 09:32:58 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a6c161c26cc52ccf3c254ee92e008c55
Strict-Transport-Security: max-age=0; includeSubdomains

notification.tubecup.net/tags?tag_id=46445&timezone_olson=UTC&version_name=a

88.198.136.228

204 No Content

0 B

URL GET HTTP/2
notification.tubecup.net/tags?tag_id=46445&timezone_olson=UTC&version_name=a
IP
88.198.136.228:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
FingerprintC3:3A:0A:7D:9C:4B:21:97:39:A7:AD:B8:87:47:F1:35:32:D9:84:53
ValidityFri, 28 Apr 2023 11:39:09 GMT - Thu, 27 Jul 2023 11:39:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tags?tag_id=46445&timezone_olson=UTC&version_name=a HTTP/1.1
Host: notification.tubecup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx/1.18.0
date: Wed, 24 May 2023 09:32:58 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

handbaggather.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fwindows%2Fbrowser-black%2Findex.html&l=1290&fd=187

192.243.59.13

200 OK

0 B

URL GET HTTP/1.1
handbaggather.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fwindows%2Fbrowser-black%2Findex.html&l=1290&fd=187
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjecthandbaggather.com
FingerprintAA:C3:B2:B7:C4:DC:3B:FA:64:BF:B0:F3:38:ED:6B:B3:B1:27:20:81
ValidityFri, 28 Apr 2023 01:16:44 GMT - Thu, 27 Jul 2023 01:16:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fwindows%2Fbrowser-black%2Findex.html&l=1290&fd=187 HTTP/1.1
Host: handbaggather.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 May 2023 09:32:58 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.creative-bars1.com/sb/notifications/vpn/default/us/windows/browser-black/img/close.png

172.64.197.23

200 OK

4.0 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/vpn/default/us/windows/browser-black/img/close.png
IP
172.64.197.23:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint88:10:E4:38:7C:46:CF:44:7C:D0:C8:1F:06:39:9F:7E:A5:2E:27:4A
ValidityThu, 27 Apr 2023 15:05:54 GMT - Wed, 26 Jul 2023 15:05:53 GMT

File type
PNG image data, 500 x 500, 8-bit gray+alpha, non-interlaced\012- data
Size
4.0 kB (4022 bytes)
Hash
23e9690b0e7ac26868363a6248f44467
d7ad0eae64e0c1e65b12eda0aa9d2b91996dd64f
f362c67320d739ccf3bea21f857b9620075bd20ceacda8c51261b9612fe28395

HTTP Headers

GET /sb/notifications/vpn/default/us/windows/browser-black/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:58 GMT
content-type: image/png
content-length: 4022
last-modified: Fri, 10 Apr 2020 10:20:20 GMT
etag: "5e904864-fb6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 8575787
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qBm9cGf3Pe%2BBm2Xto8u%2Bjn%2BdpWbsBS5dlVqraJQEY2cidVBV7xuQx1JS5T9vxDQ5fotatR4v0pKzBW8zAWc06ewT2N0nETzk5rcwRPPx81rTXBJFZCUM%2BmIDzakjnhFNqcHytU9SnxtU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc488d3ed5476db-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/vpn/default/us/windows/browser-black/img/icon-green.png

172.64.197.23

200 OK

44 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/vpn/default/us/windows/browser-black/img/icon-green.png
IP
172.64.197.23:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint88:10:E4:38:7C:46:CF:44:7C:D0:C8:1F:06:39:9F:7E:A5:2E:27:4A
ValidityThu, 27 Apr 2023 15:05:54 GMT - Wed, 26 Jul 2023 15:05:53 GMT

File type
PNG image data, 700 x 709, 8-bit colormap, non-interlaced\012- data
Size
44 kB (44232 bytes)
Hash
0729aa7ad6c52977ca308f6d79a9829e
0da869330679bb1d9e153e91c4a3225df5f7462b
de8c5383930955f35e08700071b8074ccbb57dcd0efa3e309df59cb2dbb617e8

HTTP Headers

GET /sb/notifications/vpn/default/us/windows/browser-black/img/icon-green.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:58 GMT
content-type: image/png
content-length: 44232
last-modified: Tue, 09 Aug 2022 13:20:24 GMT
etag: "62f25f18-acc8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 16400165
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZP7lQLPMKy8mkc7nGN3azZ57hJBB0ge3XbYY4kTLAuFCGJh%2FWAFtTy02sc9Au%2FiTHMY8YMrWLxqoaEM90dRzZg2QYqXL3Z%2FS2S5e%2FlXP%2FGUW0E%2F4w%2BpU5D3zKMr5X2dSPn%2Fm1Ld4GBbw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc488d3fd6376db-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fe16743433.1c9ca7ac71.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI3MjczODY1MDk3MDIyNzkyMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuNDkuMCIsInRhZ19pZCI6NDY0NDUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjMsImluaXRfc3RhcnRfbGF0ZW5jeSI6MS41OCwiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiRGVwb3NpdEZpbGVzJTJDRGVwb3NpdEZpbGVzJTJDcHJvdmlkZXMlMkN5b3UlMkN3aXRoJTJDYSUyQ2xlZ2l0aW1hdGUlMkN0ZWNobmljYWwlMkNzb2x1dGlvbiUyQ3doaWNoJTJDZW5hYmxlcyUyQ3lvdSUyQ3RvJTJDdXBsb2FkJTJDc3RvcmUlMkNhY2Nlc3MlMkNhbmQlMkNkb3dubG9hZCUyQ3RleHQlMkNzb2Z0d2FyZSUyQyUyQ3NjcmlwdHMlMkNpbWFnZXMlMkNzb3VuZHMlMkN2aWRlb3MlMkNhbmltYXRpb25zJTJDYW5kJTJDYW55JTJDb3RoZXIlMkNtYXRlcmlhbHMlMkNpbiUyQ2Zvcm0lMkNvZiUyQ29uZSUyQ29yJTJDc2V2ZXJhbCUyQ2VsZWN0cm9uaWMlMkNmaWxlcy4ifQ==

45.133.44.52

200 OK

0 B

URL GET HTTP/2
fe16743433.1c9ca7ac71.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI3MjczODY1MDk3MDIyNzkyMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuNDkuMCIsInRhZ19pZCI6NDY0NDUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjMsImluaXRfc3RhcnRfbGF0ZW5jeSI6MS41OCwiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiRGVwb3NpdEZpbGVzJTJDRGVwb3NpdEZpbGVzJTJDcHJvdmlkZXMlMkN5b3UlMkN3aXRoJTJDYSUyQ2xlZ2l0aW1hdGUlMkN0ZWNobmljYWwlMkNzb2x1dGlvbiUyQ3doaWNoJTJDZW5hYmxlcyUyQ3lvdSUyQ3RvJTJDdXBsb2FkJTJDc3RvcmUlMkNhY2Nlc3MlMkNhbmQlMkNkb3dubG9hZCUyQ3RleHQlMkNzb2Z0d2FyZSUyQyUyQ3NjcmlwdHMlMkNpbWFnZXMlMkNzb3VuZHMlMkN2aWRlb3MlMkNhbmltYXRpb25zJTJDYW5kJTJDYW55JTJDb3RoZXIlMkNtYXRlcmlhbHMlMkNpbiUyQ2Zvcm0lMkNvZiUyQ29uZSUyQ29yJTJDc2V2ZXJhbCUyQ2VsZWN0cm9uaWMlMkNmaWxlcy4ifQ==
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjectfe16743433.1c9ca7ac71.com
FingerprintEC:CA:80:E9:10:8A:EB:57:D2:AE:2D:31:38:B9:2F:C1:F0:85:27:A8
ValiditySun, 21 May 2023 02:50:32 GMT - Sat, 19 Aug 2023 02:50:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI3MjczODY1MDk3MDIyNzkyMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuNDkuMCIsInRhZ19pZCI6NDY0NDUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjMsImluaXRfc3RhcnRfbGF0ZW5jeSI6MS41OCwiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiRGVwb3NpdEZpbGVzJTJDRGVwb3NpdEZpbGVzJTJDcHJvdmlkZXMlMkN5b3UlMkN3aXRoJTJDYSUyQ2xlZ2l0aW1hdGUlMkN0ZWNobmljYWwlMkNzb2x1dGlvbiUyQ3doaWNoJTJDZW5hYmxlcyUyQ3lvdSUyQ3RvJTJDdXBsb2FkJTJDc3RvcmUlMkNhY2Nlc3MlMkNhbmQlMkNkb3dubG9hZCUyQ3RleHQlMkNzb2Z0d2FyZSUyQyUyQ3NjcmlwdHMlMkNpbWFnZXMlMkNzb3VuZHMlMkN2aWRlb3MlMkNhbmltYXRpb25zJTJDYW5kJTJDYW55JTJDb3RoZXIlMkNtYXRlcmlhbHMlMkNpbiUyQ2Zvcm0lMkNvZiUyQ29uZSUyQ29yJTJDc2V2ZXJhbCUyQ2VsZWN0cm9uaWMlMkNmaWxlcy4ifQ== HTTP/1.1
Host: fe16743433.1c9ca7ac71.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:59 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

handbaggather.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fwindows%2Fbrowser-black%2Fjs%2Fscript.js&l=386&fd=203

173.233.137.44

200 OK

0 B

URL GET HTTP/1.1
handbaggather.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fwindows%2Fbrowser-black%2Fjs%2Fscript.js&l=386&fd=203
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjecthandbaggather.com
FingerprintAA:C3:B2:B7:C4:DC:3B:FA:64:BF:B0:F3:38:ED:6B:B3:B1:27:20:81
ValidityFri, 28 Apr 2023 01:16:44 GMT - Thu, 27 Jul 2023 01:16:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fwindows%2Fbrowser-black%2Fjs%2Fscript.js&l=386&fd=203 HTTP/1.1
Host: handbaggather.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 May 2023 09:32:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

handbaggather.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fwindows%2Fbrowser-black%2Fcss%2Fanimate.css&l=79245&fd=180

192.243.59.13

200 OK

0 B

URL GET HTTP/1.1
handbaggather.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fwindows%2Fbrowser-black%2Fcss%2Fanimate.css&l=79245&fd=180
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjecthandbaggather.com
FingerprintAA:C3:B2:B7:C4:DC:3B:FA:64:BF:B0:F3:38:ED:6B:B3:B1:27:20:81
ValidityFri, 28 Apr 2023 01:16:44 GMT - Thu, 27 Jul 2023 01:16:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fwindows%2Fbrowser-black%2Fcss%2Fanimate.css&l=79245&fd=180 HTTP/1.1
Host: handbaggather.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 May 2023 09:32:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 03:11:48 GMT
expires: Sun, 19 May 2024 03:11:48 GMT
cache-control: public, max-age=31536000
age: 368471
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fp.metricswpsh.com/fp?tag_id=46445

157.90.84.242

204 No Content

0 B

URL OPTIONS HTTP/1.1
fp.metricswpsh.com/fp?tag_id=46445
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
FingerprintC3:3A:0A:7D:9C:4B:21:97:39:A7:AD:B8:87:47:F1:35:32:D9:84:53
ValidityFri, 28 Apr 2023 11:39:09 GMT - Thu, 27 Jul 2023 11:39:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /fp?tag_id=46445 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Wed, 24 May 2023 09:32:59 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://dfiles.eu
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 07:44:41 GMT
expires: Sun, 19 May 2024 07:44:41 GMT
cache-control: public, max-age=31536000
age: 352098
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/vpn/default/us/windows/browser-black/css/animate.css

172.64.197.23

200 OK

4.8 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/vpn/default/us/windows/browser-black/css/animate.css
IP
172.64.197.23:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint88:10:E4:38:7C:46:CF:44:7C:D0:C8:1F:06:39:9F:7E:A5:2E:27:4A
ValidityThu, 27 Apr 2023 15:05:54 GMT - Wed, 26 Jul 2023 15:05:53 GMT

File type
ASCII text
Size
4.8 kB (4815 bytes)
Hash
80047eaa13ebd50c50e8a9753621e430
9c503e07d130572a0eaf51f7c02cbd4cf6213fe3
3f831a59615f8d5d40b4340b2836f91438c876f8dbce75f78e38360d6fe0f429

HTTP Headers

GET /sb/notifications/vpn/default/us/windows/browser-black/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:58 GMT
content-type: text/css
last-modified: Fri, 10 Apr 2020 10:20:18 GMT
etag: W/"5e904862-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 383344
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHA4lvm%2BSQTbthHTo05uRWFD9%2B2Iouaj0wMHvml0k7cYNjG%2B6N9QHiDaIFxWlkzn%2BEJwtZQFUOdnDBs%2FRzKIFeKPUM9vnNWwnTLXdkJPCPnp2eBXU2lfDARxvpk5fOtcwoCQ39gyWnTX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc488d3bd0e76db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

handbaggather.com/pixel/sbs?c=1

192.243.59.13

200 OK

0 B

URL GET HTTP/1.1
handbaggather.com/pixel/sbs?c=1
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjecthandbaggather.com
FingerprintAA:C3:B2:B7:C4:DC:3B:FA:64:BF:B0:F3:38:ED:6B:B3:B1:27:20:81
ValidityFri, 28 Apr 2023 01:16:44 GMT - Thu, 27 Jul 2023 01:16:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: handbaggather.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 May 2023 09:32:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

fp.metricswpsh.com/fp?tag_id=46445

157.90.84.242

204 No Content

27 B

URL OPTIONS HTTP/1.1
fp.metricswpsh.com/fp?tag_id=46445
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
FingerprintC3:3A:0A:7D:9C:4B:21:97:39:A7:AD:B8:87:47:F1:35:32:D9:84:53
ValidityFri, 28 Apr 2023 11:39:09 GMT - Thu, 27 Jul 2023 11:39:08 GMT

File type
JSON data\012- , ASCII text
Size
27 B (27 bytes)
Hash
c4bea7951aaa542768f63f72d171ff83
7f57b3ce5d3a9bb0a15c32b34745b0214710e185
d4fbb24457a99cbf28127e8a416979ca0f2ab97c64a59b8d38760c40d4934756

HTTP Headers

POST /fp?tag_id=46445 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 23168
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 24 May 2023 09:32:59 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 27
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://dfiles.eu
Set-Cookie: id=4454350345273989363; Expires=Thu, 23 May 2024 09:32:59 GMT; Secure; SameSite=None
Vary: Origin

handbaggather.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq9dlD%2BplXS%2BCwnhSQSbdnZ5f7kE2rpFg3Ky7it6kuqp68kx1V1PVPT0JHoILssfxP%2Bh8J9mghmX9AxSZeHJByHjKwRyE%2FQNE2bPMJDj6oHnv%2B77v8Hmv66u98oz5KPnp6gdmh7TmS62m33j90yC43linrBw2ht32Z%2B3oesMO3gr8XtN%2Fo%2FGeEltmKfQD3w%2F8oLFKViVmuBQEQdMH5Ue9oNnzm1HYDFoRhvb%2F2pUeHPcgB2fsBZCcPnv0MAKJCbL00U3ltgqTv%2FluWmpeGIuBPPw428pMlSFdlIn1kGSHF9Mw7mT1R5jsYA4MM%2Fh3MKYp8578gTg7vKBEPDg4B401VIZYPodqMIHSExCfQJh7IHnCACFxawNZ%2BuCWsRXfPnf5zJ2yy0%2F%2FAlVTdvn3F5GlD1c0DRt3jS4LMpnDMKlBwwmoP0FeHqPYuQSqjiGKL0HyV7b0dB1Zur%2FhtAHJer480QSUTKDVCNx5KGcfeSgTD2XuIZWnjY6Iul3ZbUmuhAjjJOgmURL1uPAT4S%2F3QpRihjdCkY8g9AjC7iK3u9iiEWz5E9xmDSc9uGLKvA93MZA1KsVQOYaKM1TEUBUM1aA%2BkNqFrn4gtSvj4CKHF3m5Hpuiv8cPTNFXGdvLz9jV%2BV3%2BbhtsqdNGGEZcRjyI4igOWiLohO0k6fgtJdqdUPE2HNUgd2m%2B6g6dXMuR08nzLyPmx3D6GIKugpevgFfjTuiDb46jro%2Bd7JFUuXFUJKSVawqTQpoaeXEZxba3p8%2FYS3OO1568CiUes4uAsDVyW%2BNz%2Bpmhr%2B%2BP75iK7d8xlWPfb%2BQFpbTDZ%2F%2FubsELdeXb99V2Zaxcu%2BlG39wQM2NWHn2kXLHOM0lZ37HvVkhKZVeNFYr9sOY%2BUfHt0m2ulDYr8%2FXb76yupblVzpHJJuB08kUbgqbsyo2D%2Bau89mcPZCewZY20XJCSmUDku3D5oucMg9ULHeceqrIe2zBeNDUxaLXQPK7h%2FqPjRb3n7qNvPfDiHrK0xsDWGOgaXI%2FgymfGRW4fv%2F3b8jwQa28ca%2Bvtx9rqr89P6%2Bi0IYSveBB3AqWkai0LEbVFN24ny1FHdVuyhcJNZXr6yz8AAAD%2F%2FwEAAP%2F%2FbRlGSWIEAAA%3D

173.233.137.44

200 OK

7 B

URL GET HTTP/1.1
handbaggather.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq9dlD%2BplXS%2BCwnhSQSbdnZ5f7kE2rpFg3Ky7it6kuqp68kx1V1PVPT0JHoILssfxP%2Bh8J9mghmX9AxSZeHJByHjKwRyE%2FQNE2bPMJDj6oHnv%2B77v8Hmv66u98oz5KPnp6gdmh7TmS62m33j90yC43linrBw2ht32Z%2B3oesMO3gr8XtN%2Fo%2FGeEltmKfQD3w%2F8oLFKViVmuBQEQdMH5Ue9oNnzm1HYDFoRhvb%2F2pUeHPcgB2fsBZCcPnv0MAKJCbL00U3ltgqTv%2FluWmpeGIuBPPw428pMlSFdlIn1kGSHF9Mw7mT1R5jsYA4MM%2Fh3MKYp8578gTg7vKBEPDg4B401VIZYPodqMIHSExCfQJh7IHnCACFxawNZ%2BuCWsRXfPnf5zJ2yy0%2F%2FAlVTdvn3F5GlD1c0DRt3jS4LMpnDMKlBwwmoP0FeHqPYuQSqjiGKL0HyV7b0dB1Zur%2FhtAHJer480QSUTKDVCNx5KGcfeSgTD2XuIZWnjY6Iul3ZbUmuhAjjJOgmURL1uPAT4S%2F3QpRihjdCkY8g9AjC7iK3u9iiEWz5E9xmDSc9uGLKvA93MZA1KsVQOYaKM1TEUBUM1aA%2BkNqFrn4gtSvj4CKHF3m5Hpuiv8cPTNFXGdvLz9jV%2BV3%2BbhtsqdNGGEZcRjyI4igOWiLohO0k6fgtJdqdUPE2HNUgd2m%2B6g6dXMuR08nzLyPmx3D6GIKugpevgFfjTuiDb46jro%2Bd7JFUuXFUJKSVawqTQpoaeXEZxba3p8%2FYS3OO1568CiUes4uAsDVyW%2BNz%2Bpmhr%2B%2BP75iK7d8xlWPfb%2BQFpbTDZ%2F%2FubsELdeXb99V2Zaxcu%2BlG39wQM2NWHn2kXLHOM0lZ37HvVkhKZVeNFYr9sOY%2BUfHt0m2ulDYr8%2FXb76yupblVzpHJJuB08kUbgqbsyo2D%2Bau89mcPZCewZY20XJCSmUDku3D5oucMg9ULHeceqrIe2zBeNDUxaLXQPK7h%2FqPjRb3n7qNvPfDiHrK0xsDWGOgaXI%2FgymfGRW4fv%2F3b8jwQa28ca%2Bvtx9rqr89P6%2Bi0IYSveBB3AqWkai0LEbVFN24ny1FHdVuyhcJNZXr6yz8AAAD%2F%2FwEAAP%2F%2FbRlGSWIEAAA%3D
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjecthandbaggather.com
FingerprintAA:C3:B2:B7:C4:DC:3B:FA:64:BF:B0:F3:38:ED:6B:B3:B1:27:20:81
ValidityFri, 28 Apr 2023 01:16:44 GMT - Thu, 27 Jul 2023 01:16:43 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq9dlD%2BplXS%2BCwnhSQSbdnZ5f7kE2rpFg3Ky7it6kuqp68kx1V1PVPT0JHoILssfxP%2Bh8J9mghmX9AxSZeHJByHjKwRyE%2FQNE2bPMJDj6oHnv%2B77v8Hmv66u98oz5KPnp6gdmh7TmS62m33j90yC43linrBw2ht32Z%2B3oesMO3gr8XtN%2Fo%2FGeEltmKfQD3w%2F8oLFKViVmuBQEQdMH5Ue9oNnzm1HYDFoRhvb%2F2pUeHPcgB2fsBZCcPnv0MAKJCbL00U3ltgqTv%2FluWmpeGIuBPPw428pMlSFdlIn1kGSHF9Mw7mT1R5jsYA4MM%2Fh3MKYp8578gTg7vKBEPDg4B401VIZYPodqMIHSExCfQJh7IHnCACFxawNZ%2BuCWsRXfPnf5zJ2yy0%2F%2FAlVTdvn3F5GlD1c0DRt3jS4LMpnDMKlBwwmoP0FeHqPYuQSqjiGKL0HyV7b0dB1Zur%2FhtAHJer480QSUTKDVCNx5KGcfeSgTD2XuIZWnjY6Iul3ZbUmuhAjjJOgmURL1uPAT4S%2F3QpRihjdCkY8g9AjC7iK3u9iiEWz5E9xmDSc9uGLKvA93MZA1KsVQOYaKM1TEUBUM1aA%2BkNqFrn4gtSvj4CKHF3m5Hpuiv8cPTNFXGdvLz9jV%2BV3%2BbhtsqdNGGEZcRjyI4igOWiLohO0k6fgtJdqdUPE2HNUgd2m%2B6g6dXMuR08nzLyPmx3D6GIKugpevgFfjTuiDb46jro%2Bd7JFUuXFUJKSVawqTQpoaeXEZxba3p8%2FYS3OO1568CiUes4uAsDVyW%2BNz%2Bpmhr%2B%2BP75iK7d8xlWPfb%2BQFpbTDZ%2F%2FubsELdeXb99V2Zaxcu%2BlG39wQM2NWHn2kXLHOM0lZ37HvVkhKZVeNFYr9sOY%2BUfHt0m2ulDYr8%2FXb76yupblVzpHJJuB08kUbgqbsyo2D%2Bau89mcPZCewZY20XJCSmUDku3D5oucMg9ULHeceqrIe2zBeNDUxaLXQPK7h%2FqPjRb3n7qNvPfDiHrK0xsDWGOgaXI%2FgymfGRW4fv%2F3b8jwQa28ca%2Bvtx9rqr89P6%2Bi0IYSveBB3AqWkai0LEbVFN24ny1FHdVuyhcJNZXr6yz8AAAD%2F%2FwEAAP%2F%2FbRlGSWIEAAA%3D HTTP/1.1
Host: handbaggather.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 May 2023 09:32:59 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1ebc8675ad587ed1578d65ef58916968
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=ed70feaa-4a44-4eb2-8cc3-ec5849860a76&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9

192.243.59.20

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=ed70feaa-4a44-4eb2-8cc3-ec5849860a76&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint33:54:5C:58:7C:8E:75:EE:DF:A0:8C:41:D3:AC:1B:BF:B6:66:28:EC
ValidityMon, 27 Mar 2023 07:09:08 GMT - Sun, 25 Jun 2023 07:09:07 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=ed70feaa-4a44-4eb2-8cc3-ec5849860a76&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 May 2023 09:32:59 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: df240415cc55ef669b58b5a1e9a04e27
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=ed70feaa-4a44-4eb2-8cc3-ec5849860a76&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9

192.243.59.20

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=ed70feaa-4a44-4eb2-8cc3-ec5849860a76&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint33:54:5C:58:7C:8E:75:EE:DF:A0:8C:41:D3:AC:1B:BF:B6:66:28:EC
ValidityMon, 27 Mar 2023 07:09:08 GMT - Sun, 25 Jun 2023 07:09:07 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=ed70feaa-4a44-4eb2-8cc3-ec5849860a76&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 May 2023 09:32:59 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 95376e1ecc67ec70b3eba1cd32db2150
Strict-Transport-Security: max-age=0; includeSubdomains

fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

216.58.207.227

200 OK

24 kB

URL GET HTTP/3
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 May 2023 04:04:41 GMT
expires: Fri, 17 May 2024 04:04:41 GMT
cache-control: public, max-age=31536000
age: 538099
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

script.4dex.io/localstore.js

172.67.75.241

268 B

URL
script.4dex.io/localstore.js
IP
172.67.75.241:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (482)
Size
268 B (268 bytes)
Hash
922cffdd75f7192f75231d92684885aa
48ae21017844de388e0a32206a2691fa4c109669
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

HTTP Headers

GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 24 May 2023 09:33:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 1343821
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgudk%2FFfN7q0mlz2TdJMg%2FWJ7PB%2BnpsKngxCLWF6EmXkYnhnRgg6s3BTGlNwCfldSCH0wy06C7pqJGuf0%2BUB2Os4buF2pjUrTfayDqBiSizY%2BFF0oiMtxHbSobZubCJN"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7cc488e0eae3b4ff-OSL
Content-Encoding: br

script.4dex.io/adagio.js

172.67.75.241

23 kB

URL
script.4dex.io/adagio.js
IP
172.67.75.241:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65354)
Size
23 kB (23176 bytes)
Hash
c56b6332dacf72f135afcd153ae22448
78efc5939cc29a3e9ca16fadfbd26e7057fd27fd
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

HTTP Headers

GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 24 May 2023 09:33:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Vary: Origin, Accept-Encoding
Access-Control-Expose-Headers: 
CF-Cache-Status: HIT
Age: 103269
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWRjlGVcM0JXBcp56IYCnXEQAjUPT6aQFwq5cT9uI8kgQp5PFSI2L4tgfdiCjg2R8CX55K1B0GnPVLSr2506xvPmY0vUXmkcGICmhTYgyKQOXMmO47hzvOz%2BtbICiZFp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7cc488e19911b517-OSL
Content-Encoding: br

prebid.a-mo.net/a/c

147.75.84.158

0 B

URL
prebid.a-mo.net/a/c
IP
147.75.84.158:0
ASN
#54825 PACKET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1288
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://dfiles.eu
cache-control: max-age=0, private, must-revalidate
date: Wed, 24 May 2023 09:33:00 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2

ex.ingage.tech/v1/openrtb

172.67.41.84

0 B

URL
ex.ingage.tech/v1/openrtb
IP
172.67.41.84:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /v1/openrtb HTTP/1.1
Host: ex.ingage.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Wed, 24 May 2023 09:33:01 GMT
content-length: 0
vary: Origin, Access-Control-Request-Headers
access-control-allow-origin: https://dfiles.eu
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: content-type
access-control-max-age: 3600
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7cc488e15aadb521-OSL
X-Firefox-Spdy: h2

bs.yandex.ru/metadsp/2360912?imp-id=1&target-ref=dfiles.eu&ssp-id=10500

213.180.193.90

0 B

URL
bs.yandex.ru/metadsp/2360912?imp-id=1&target-ref=dfiles.eu&ssp-id=10500
IP
213.180.193.90:0
ASN
#13238 YANDEX LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /metadsp/2360912?imp-id=1&target-ref=dfiles.eu&ssp-id=10500 HTTP/1.1
Host: bs.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 191
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
content-length: 0
timing-allow-origin: *
uniformat: true
date: Wed, 24 May 2023 09:33:01 GMT
access-control-allow-origin: https://dfiles.eu
access-control-allow-credentials: true
pragma: no-cache
uniformat-product-type: None
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
expires: Wed, 24 May 2023 09:33:01 GMT
last-modified: Wed, 24 May 2023 09:33:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato&display=swap

142.250.74.74

200 OK

395 B

URL GET HTTP/3
fonts.googleapis.com/css?family=Lato&display=swap
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text
Size
395 B (395 bytes)
Hash
1b153c2fc84ffd73fb27c86cd336340e
da0bb89c76d57633387218997f3fc77177362a32
26cf883ab9c162417b017cf8349395848d3c41f7f450a352ba34dd9bd2c9e939

HTTP Headers

GET /css?family=Lato&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 May 2023 09:33:00 GMT
date: Wed, 24 May 2023 09:33:00 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

216.58.207.227

200 OK

24 kB

URL GET HTTP/3
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 May 2023 04:04:41 GMT
expires: Fri, 17 May 2024 04:04:41 GMT
cache-control: public, max-age=31536000
age: 538101
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

api.purpleads.io/x/v2/f?pid=1cec1e2cca304d63b01ec8a66850a56d&demand=unifiedPb&ts=1684920781172

3.229.139.30

200 OK

9.1 kB

URL OPTIONS HTTP/2
api.purpleads.io/x/v2/f?pid=1cec1e2cca304d63b01ec8a66850a56d&demand=unifiedPb&ts=1684920781172
IP
3.229.139.30:443
ASN
#14618 AMAZON-AES

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerAmazon
Subject*.purpleads.io
Fingerprint2C:07:41:61:C9:75:ED:6A:72:5B:30:CE:B3:18:1C:47:DB:07:BF:D4
ValidityFri, 24 Feb 2023 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT

File type
JSON data\012- , ASCII text, with very long lines (1399), with no line terminators
Size
9.1 kB (9088 bytes)
Hash
d305613e306a1404a4e0ea179eaeba92
7ddcb91da7c5aca1576514115b682aae92c71c41
ea6a9c9a06b598d2a90348f64cd9e240cb719ffaf1d8a9a44a88ec6504e568ab

HTTP Headers

GET /x/v2/f?pid=1cec1e2cca304d63b01ec8a66850a56d&demand=unifiedPb&ts=1684920781172 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Content-Type: application/json
x-purpleads-version: 2.0.2
x-request-url: aHR0cHM6Ly9kZmlsZXMuZXUvZmlsZXMvN3NhZjlvcGV5
Authorization: Bearer 64df4768ef6a3d343387f03963cc6d27:a3fc5ba00d8a1e88f69e3c15e8e8c501507f1b2063b64e48a97000a1c4480fda350894047ca3535d3ce8fc5253d0214840300a723dc6ecae38a57d550d5ed683
pa-user-id: 6203c5ba-dec5-4980-9789-1968b282642f
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 May 2023 09:33:01 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dfiles.eu
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
etag: W/"577-fdy5HafFrKFXZRQRW2gqrpLHHEE"
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2

api.purpleads.io/x/a/d12b304a400de0ac74137df0c2cdaaeb:0d55315a6acdd9ab966c1f0b3f3b8fb93c164cdfce9afcf6cafe0c69c8f95abde6c901302d849099f4c7af309067cc520427ff6b07edc21d1500d23e5fd0738bc0afdbab465460e0fa967416756b8696835435b176963757cdd3d1b6cc929180/i?id=783fa665-7ee6-4308-98c1-a1befba607e3

3.229.139.30

204 No Content

0 B

URL GET HTTP/2
api.purpleads.io/x/a/d12b304a400de0ac74137df0c2cdaaeb:0d55315a6acdd9ab966c1f0b3f3b8fb93c164cdfce9afcf6cafe0c69c8f95abde6c901302d849099f4c7af309067cc520427ff6b07edc21d1500d23e5fd0738bc0afdbab465460e0fa967416756b8696835435b176963757cdd3d1b6cc929180/i?id=783fa665-7ee6-4308-98c1-a1befba607e3
IP
3.229.139.30:443
ASN
#14618 AMAZON-AES

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerAmazon
Subject*.purpleads.io
Fingerprint2C:07:41:61:C9:75:ED:6A:72:5B:30:CE:B3:18:1C:47:DB:07:BF:D4
ValidityFri, 24 Feb 2023 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /x/a/d12b304a400de0ac74137df0c2cdaaeb:0d55315a6acdd9ab966c1f0b3f3b8fb93c164cdfce9afcf6cafe0c69c8f95abde6c901302d849099f4c7af309067cc520427ff6b07edc21d1500d23e5fd0738bc0afdbab465460e0fa967416756b8696835435b176963757cdd3d1b6cc929180/i?id=783fa665-7ee6-4308-98c1-a1befba607e3 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Wed, 24 May 2023 09:33:03 GMT
access-control-allow-origin: api.purpleads.io
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
X-Firefox-Spdy: h2

log.outbrainimg.com/loggerServices/log-viewability?requestId=9dfe4910846fcea049ff70e774f7ffbd&position=0

64.202.112.63

200 OK

4 B

URL GET HTTP/1.1
log.outbrainimg.com/loggerServices/log-viewability?requestId=9dfe4910846fcea049ff70e774f7ffbd&position=0
IP
64.202.112.63:443
ASN
#22075 AS-OUTBRAIN

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerDigiCert Inc
Subject*.outbrainimg.com
Fingerprint20:D2:F0:B3:C3:92:99:66:27:4F:78:12:57:9F:4D:C0:BF:9A:8F:C4
ValidityTue, 14 Mar 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

HTTP Headers

GET /loggerServices/log-viewability?requestId=9dfe4910846fcea049ff70e774f7ffbd&position=0 HTTP/1.1
Host: log.outbrainimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 24 May 2023 09:33:03 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 4
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
X-TraceId: 68550bf68417293a02423205f02ff9c0

log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=9dfe4910846fcea049ff70e774f7ffbd&pvId=9dfe4910846fcea049ff70e774f7ffbd&sid=10054537&pid=45718&idx=0&wId=140&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent

64.202.112.63

200 OK

4 B

URL GET HTTP/1.1
log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=9dfe4910846fcea049ff70e774f7ffbd&pvId=9dfe4910846fcea049ff70e774f7ffbd&sid=10054537&pid=45718&idx=0&wId=140&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent
IP
64.202.112.63:443
ASN
#22075 AS-OUTBRAIN

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerDigiCert Inc
Subject*.outbrainimg.com
Fingerprint20:D2:F0:B3:C3:92:99:66:27:4F:78:12:57:9F:4D:C0:BF:9A:8F:C4
ValidityTue, 14 Mar 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

HTTP Headers

GET /loggerServices/widgetGlobalEvent?rId=9dfe4910846fcea049ff70e774f7ffbd&pvId=9dfe4910846fcea049ff70e774f7ffbd&sid=10054537&pid=45718&idx=0&wId=140&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent HTTP/1.1
Host: log.outbrainimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 24 May 2023 09:33:03 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 4
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
X-TraceId: 4184b4e33cd373336a9e692378a5f9d8

jsc.mgid.com/d/e/depositfiles.com.3334.js

104.19.135.78

200 OK

2.7 kB

URL GET HTTP/2
jsc.mgid.com/d/e/depositfiles.com.3334.js
IP
104.19.135.78:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adsbb.dfiles.eu/upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint44:BF:9D:AD:98:A7:1A:F2:1D:18:EF:4E:3E:BE:C0:D8:28:4D:9F:04
ValidityTue, 11 Apr 2023 00:00:00 GMT - Wed, 10 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2719), with no line terminators
Size
2.7 kB (2681 bytes)
Hash
3fd1ae914f0a572223944130fdc3bd24
eacd03011488084c5fc0c4d1cc043045a914deac
8bb4689fb6998c6fb9addf74c8eebfdc3df24bfb1d1e53a74260081e575e5858

HTTP Headers

GET /d/e/depositfiles.com.3334.js HTTP/1.1
Host: jsc.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:57 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=2682
etag: W/"dc4a6a72287fc2c12d0a694c456249a5"
last-modified: Thu, 11 May 2023 07:52:34 GMT
x-amz-id-2: wf7rOHIB8wOFVPKVqSi1BYgQdLnc13saXsO5GL0HBWPwFu1o5ge2dwoXEYiwpfKxO7WOD1o0RMk=
x-amz-request-id: TDY2VSJSHQHN6445
x-amz-server-side-encryption: AES256
x-amz-version-id: gNGWYSrdgKjFIAUHdjefF0xeI2yJMdjT
cf-cache-status: HIT
age: 10
expires: Wed, 24 May 2023 12:32:57 GMT
cache-control: public, max-age=10800
set-cookie: __cf_bm=SlESVjENE3EXc4f0hXCPq0FGYM2ECu.bcI7WVnnd.1Y-1684920777-0-AVNATlVYbRqPlerjrkf46K5VteAUxUdJRizbrYeAkYSsc7eElFqxzpJ0MYOHA9wmfqxarL3VAVU6PmCBeVTpsVU=; path=/; expires=Wed, 24-May-23 10:02:57 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc488cc7a561c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.depositfiles.com/images/sprite16.png

91.226.124.81

200 OK

28 kB

URL GET HTTP/1.1
static.depositfiles.com/images/sprite16.png
IP
91.226.124.81:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint90:44:8D:18:D5:0B:6D:4B:AA:47:FB:C3:D9:B4:43:28:E2:A9:58:14
ValidityMon, 27 Feb 2023 10:18:03 GMT - Sun, 28 May 2023 10:18:02 GMT

File type
PNG image data, 32 x 1072, 8-bit/color RGBA, non-interlaced\012- data
Size
28 kB (28501 bytes)
Hash
2e86fe2d2c2650c5f4663f0fc135ebc1
ba86e14a9abcff0581eda84a307594ef1288b982
604187f8828381a47ae70249f55f21c78c53ab1401d20a5f2230a0d6c9ae50d1

HTTP Headers

GET /images/sprite16.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: image/png
Content-Length: 28501
Last-Modified: Tue, 26 Apr 2022 10:45:42 GMT
Connection: keep-alive
ETag: "6267cd56-6f55"
Accept-Ranges: bytes

friendshipmale.com/sfp.js

104.21.234.93

200 OK

86 kB

URL GET HTTP/2
friendshipmale.com/sfp.js
IP
104.21.234.93:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type

Size
86 kB (85467 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:57 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 30b3e1102c19c6a9e03d69e2f8a2c8f5
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 24 May 2023 09:32:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyeCxb1SyI5A4OU8Otw6TZSTSYTS7YLzBQif%2Fpnf8hdYFpHb0o0x5sGJjIYWbPUJFbgZ4mlMIC7xk%2BnVFPMrh%2FAUWe136%2B2lK0NwRgL7aFqpSrNXFHR476KJ1G%2BT%2FUbSpLtQs3I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc488c94ff124ea-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.pubfuture-ad.com/v2/config/645b13aa2bbd92003f72bf8a?v=6&d=b3RoZXJz&ip=OTEuOTAuNDIuMTU0&c=&cc=Tk8=&s=ZGZpbGVzLmV1L2ZpbGVzLzdzYWY5b3BleQ==

104.26.1.97

200 OK

466 B

URL GET HTTP/2
cdn.pubfuture-ad.com/v2/config/645b13aa2bbd92003f72bf8a?v=6&d=b3RoZXJz&ip=OTEuOTAuNDIuMTU0&c=&cc=Tk8=&s=ZGZpbGVzLmV1L2ZpbGVzLzdzYWY5b3BleQ==
IP
104.26.1.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA4:70:A9:B9:AC:49:1E:53:23:43:41:25:CD:10:7C:01:2E:87:01:01
ValidityTue, 07 Feb 2023 00:00:00 GMT - Tue, 06 Feb 2024 23:59:59 GMT

File type
HTML document text\012- troff or preprocessor input, ASCII text, with very long lines (506), with no line terminators
Size
466 B (466 bytes)
Hash
46d6a279ed0c6af60678f0a09c202f89
4e0160faaa294fc142665fe766c6e7dd456e410e
fcffad7fd6d1eb1fdcc362a4392ea8302c836108d3f004a97611b0fedb7bf83e

HTTP Headers

GET /v2/config/645b13aa2bbd92003f72bf8a?v=6&d=b3RoZXJz&ip=OTEuOTAuNDIuMTU0&c=&cc=Tk8=&s=ZGZpbGVzLmV1L2ZpbGVzLzdzYWY5b3BleQ== HTTP/1.1
Host: cdn.pubfuture-ad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:58 GMT
content-type: application/json; charset=utf-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
access-control-allow-origin: *
etag: W/"1d2-3F/O2YfTCSHzwaBOO6iIIw6CFEY"
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQdxdMduGZiuz0EvzTvCWPhd9yOaXGPLv5hIS5AIhcZIKVVO4R3sq%2Fo5n009JRCu3Ve3JOUpHGGSxEt%2Fw31VlA1VurKaXhBBWJSJGjhqSoAenLg51PlJ1OYhDnE92n96MHhjMAvF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cc488d1bcf6b515-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/vpn/default/us/windows/browser-black/js/script.js

172.64.197.23

200 OK

386 B

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/vpn/default/us/windows/browser-black/js/script.js
IP
172.64.197.23:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint88:10:E4:38:7C:46:CF:44:7C:D0:C8:1F:06:39:9F:7E:A5:2E:27:4A
ValidityThu, 27 Apr 2023 15:05:54 GMT - Wed, 26 Jul 2023 15:05:53 GMT

File type
ASCII text, with very long lines (399), with no line terminators
Size
386 B (386 bytes)
Hash
022602a468da44628060800173771da2
9be813fbfebbcb2aa46d8c6b8abec68b3d16c89c
6742c376e658c34d09b2dc5772bd798e3cd52bb265758bac5bce184f8ee7b5cc

HTTP Headers

GET /sb/notifications/vpn/default/us/windows/browser-black/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:58 GMT
content-type: application/javascript
last-modified: Fri, 10 Apr 2020 10:20:22 GMT
etag: W/"5e904866-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 72854
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=liiaZB8YWXREHZ%2BNyenRsvrEIx3FWYn6HU0ien8gLvnZyyE1tkxtnronRiHmquC5W7rTRr0ptRF5FELVfb6YEBpZvGt6HRX4QKA%2BU3%2Bi3rKutq2Yc2QvRyaWuwc1yE%2FhhYIuLq8z8GdH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc488d3ed4a76db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

js.wpshsdk.com/npc/sdk/push.m.js?v=1

45.133.44.53

200 OK

67 kB

URL GET HTTP/2
js.wpshsdk.com/npc/sdk/push.m.js?v=1
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjectjs.wpshsdk.com
Fingerprint78:77:A4:19:CC:0D:15:24:69:96:1B:44:C9:A0:4D:0B:B7:C0:F2:D8
ValidityMon, 27 Mar 2023 02:06:36 GMT - Sun, 25 Jun 2023 02:06:35 GMT

File type

Size
67 kB (66894 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /npc/sdk/push.m.js?v=1 HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:58 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 05 Apr 2023 13:10:08 GMT
etag: W/"642d7330-1054e"
content-encoding: gzip
expires: Wed, 24 May 2023 09:37:58 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.barscreative1.com/sb/notifications/vpn/default/us/windows/browser-black/index.html

45.133.44.3

200 OK

1.3 kB

URL GET HTTP/2
cdn.barscreative1.com/sb/notifications/vpn/default/us/windows/browser-black/index.html
IP
45.133.44.3:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjectcdn.barscreative1.com
Fingerprint0B:AE:8A:C0:29:EA:B0:86:29:66:F6:7E:76:63:66:57:38:88:FC:E6
ValidityMon, 15 May 2023 04:01:53 GMT - Sun, 13 Aug 2023 04:01:52 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (1363), with no line terminators
Size
1.3 kB (1290 bytes)
Hash
1a5b426d37981c2561c0c410a17093c4
12037df29848b566b7eba7e7754b4bc437f1bc2d
fdebeae754a9d41224feae1556750e43b1a6cf897948cae57a3f14120ddf00bb

HTTP Headers

GET /sb/notifications/vpn/default/us/windows/browser-black/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:58 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 10 Apr 2020 10:20:16 GMT
etag: W/"5e904860-50a"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Wed, 24 May 2023 10:32:58 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

images.outbrainimg.com/transform/v3/eyJpdSI6IjkwNWNkNGVkNWMwNWMwM2MzZmQ4ZGVhODFjOGU2NGU1NTJhMDVjYzRjY2Y0Y2YyOTU5ODBiM2U5NmYwMzE1N2MiLCJ3IjoxODAsImgiOjE2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp

2.18.173.172

200 OK

8.4 kB

URL GET HTTP/2
images.outbrainimg.com/transform/v3/eyJpdSI6IjkwNWNkNGVkNWMwNWMwM2MzZmQ4ZGVhODFjOGU2NGU1NTJhMDVjYzRjY2Y0Y2YyOTU5ODBiM2U5NmYwMzE1N2MiLCJ3IjoxODAsImgiOjE2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
IP
2.18.173.172:443
ASN
#16625 AKAMAI-AS

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerDigiCert Inc
Subject*.outbrainimg.com
Fingerprint4F:05:15:71:93:78:ED:64:53:30:81:ED:DA:9C:FE:4F:7B:F9:41:BE
ValidityThu, 02 Mar 2023 00:00:00 GMT - Sat, 02 Mar 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 270x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.4 kB (8370 bytes)
Hash
597d4bb2fe3eeb3a3ede30364e325d05
68c37879eb512d455b932d44482fab6b3e08db35
aaf4465e5c640fff48ce806fdbfbe491c350eff368d1b340518f8e472ccd32aa

HTTP Headers

GET /transform/v3/eyJpdSI6IjkwNWNkNGVkNWMwNWMwM2MzZmQ4ZGVhODFjOGU2NGU1NTJhMDVjYzRjY2Y0Y2YyOTU5ODBiM2U5NmYwMzE1N2MiLCJ3IjoxODAsImgiOjE2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp HTTP/1.1
Host: images.outbrainimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
content-length: 8370
last-modified: Sat, 29 Apr 2023 10:51:56 GMT
x-traceid: 06a2d2bae4e8c9f25785936b8b83eb89
cache-control: max-age=487352
date: Wed, 24 May 2023 09:33:03 GMT
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
timing-allow-origin: *, *
X-Firefox-Spdy: h2

js.wpadmngr.com/static/adManager.m.js

45.133.44.52

200 OK

158 kB

URL GET HTTP/2
js.wpadmngr.com/static/adManager.m.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjectjs.wpadmngr.com
FingerprintA9:7C:F8:A4:B8:B3:E3:98:76:72:9E:0B:4A:FB:FB:39:D4:F4:54:3D
ValidityTue, 16 May 2023 02:02:19 GMT - Mon, 14 Aug 2023 02:02:18 GMT

File type

Size
158 kB (158096 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:57 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 19 May 2023 08:16:51 GMT
etag: W/"64673073-26990"
content-encoding: gzip
expires: Wed, 24 May 2023 09:37:57 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

api.purpleads.io/x/v2/f?pid=1cec1e2cca304d63b01ec8a66850a56d&ts=1684920778790

3.229.139.30

200 OK

0 B

URL OPTIONS HTTP/2
api.purpleads.io/x/v2/f?pid=1cec1e2cca304d63b01ec8a66850a56d&ts=1684920778790
IP
3.229.139.30:443
ASN
#14618 AMAZON-AES

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerAmazon
Subject*.purpleads.io
Fingerprint2C:07:41:61:C9:75:ED:6A:72:5B:30:CE:B3:18:1C:47:DB:07:BF:D4
ValidityFri, 24 Feb 2023 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /x/v2/f?pid=1cec1e2cca304d63b01ec8a66850a56d&ts=1684920778790 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:59 GMT
access-control-allow-origin: https://dfiles.eu
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-max-age: 86400
X-Firefox-Spdy: h2

api.purpleads.io/x/v2/f?pid=1cec1e2cca304d63b01ec8a66850a56d&ts=1684920778790

3.229.139.30

200 OK

2.8 kB

URL GET HTTP/2
api.purpleads.io/x/v2/f?pid=1cec1e2cca304d63b01ec8a66850a56d&ts=1684920778790
IP
3.229.139.30:443
ASN
#14618 AMAZON-AES

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerAmazon
Subject*.purpleads.io
Fingerprint2C:07:41:61:C9:75:ED:6A:72:5B:30:CE:B3:18:1C:47:DB:07:BF:D4
ValidityFri, 24 Feb 2023 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- troff or preprocessor input, ASCII text, with very long lines (2948), with no line terminators
Size
2.8 kB (2804 bytes)
Hash
2476abf76bff28b922ae404ea2ea5b18
42d8da025e375c1c4419791dafe82ab594558946
18c4ea965f2fa27f9af3ffe4f95064da0be9d32862083e6d38d701d5431fdcfe

HTTP Headers

GET /x/v2/f?pid=1cec1e2cca304d63b01ec8a66850a56d&ts=1684920778790 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Content-Type: application/json
x-purpleads-version: 2.0.2
x-request-url: aHR0cHM6Ly9kZmlsZXMuZXUvZmlsZXMvN3NhZjlvcGV5
Authorization: Bearer 64df4768ef6a3d343387f03963cc6d27:a3fc5ba00d8a1e88f69e3c15e8e8c501507f1b2063b64e48a97000a1c4480fda350894047ca3535d3ce8fc5253d0214840300a723dc6ecae38a57d550d5ed683
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:59 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dfiles.eu
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
set-cookie: pa-user-id=6203c5ba-dec5-4980-9789-1968b282642f; Domain=.purpleads.io; Path=/
pa-user-id: 6203c5ba-dec5-4980-9789-1968b282642f
etag: W/"af4-LXKiTM9nqZFEynFXRltUwtyU6ac"
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2

addresseepaper.com/sfp.js

0.0.0.0

0 B

URL GET
addresseepaper.com/sfp.js
IP
0.0.0.0:0
ASN
#0

Requested by
https://dfiles.eu/files/7saf9opey

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.74

200 OK

6.8 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text, with very long lines (7013), with no line terminators
Size
6.8 kB (6824 bytes)
Hash
49475c425d6c00477bb339179326c49b
bd97deeb753f44f43a21feafa92d98239fa511bd
598841a98ad357d2896d2f093ea3e4e1d44e24b3351268ffd45e61ff8c1d0e09

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 May 2023 09:32:58 GMT
date: Wed, 24 May 2023 09:32:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

handbaggather.com/c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js

192.243.59.13

200 OK

86 kB

URL GET HTTP/1.1
handbaggather.com/c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjecthandbaggather.com
FingerprintAA:C3:B2:B7:C4:DC:3B:FA:64:BF:B0:F3:38:ED:6B:B3:B1:27:20:81
ValidityFri, 28 Apr 2023 01:16:44 GMT - Thu, 27 Jul 2023 01:16:43 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Size
86 kB (85825 bytes)
Hash
13c4563a17f6dc9e1300a518fc3fc0d6
81f80c27a9e4fa28366d5c622b19ec5c011468f4
3902335dbf9162261d54a5bd11e5a91baf52ef1aa798d04da48b6cfbc101e44d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js HTTP/1.1
Host: handbaggather.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cdceea325bac4dc91c366a54573fd61c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

handbaggather.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fwindows%2Fbrowser-black%2Fcss%2Fstyle.css&l=4254&fd=211

173.233.137.44

200 OK

0 B

URL GET HTTP/1.1
handbaggather.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fwindows%2Fbrowser-black%2Fcss%2Fstyle.css&l=4254&fd=211
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjecthandbaggather.com
FingerprintAA:C3:B2:B7:C4:DC:3B:FA:64:BF:B0:F3:38:ED:6B:B3:B1:27:20:81
ValidityFri, 28 Apr 2023 01:16:44 GMT - Thu, 27 Jul 2023 01:16:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fwindows%2Fbrowser-black%2Fcss%2Fstyle.css&l=4254&fd=211 HTTP/1.1
Host: handbaggather.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 May 2023 09:32:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.creative-bars1.com/sb/notifications/vpn/default/us/windows/browser-black/css/style.css

172.64.197.23

200 OK

4.3 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/vpn/default/us/windows/browser-black/css/style.css
IP
172.64.197.23:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint88:10:E4:38:7C:46:CF:44:7C:D0:C8:1F:06:39:9F:7E:A5:2E:27:4A
ValidityThu, 27 Apr 2023 15:05:54 GMT - Wed, 26 Jul 2023 15:05:53 GMT

File type
ASCII text, with very long lines (4527), with no line terminators
Size
4.3 kB (4254 bytes)
Hash
40c6ffeef90ad98d94c1372966894621
5bc102fc9c9611c9d3e61becc379ae35a0bb9144
79f73975b3bf9b7e48480b5dfe30e368b6902703c66b72e676763c5e62046d33

HTTP Headers

GET /sb/notifications/vpn/default/us/windows/browser-black/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:58 GMT
content-type: text/css
last-modified: Fri, 27 Nov 2020 13:45:32 GMT
etag: W/"5fc102fc-109e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 383344
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abSX%2Bx%2F7czcccLT%2Ftia4sSXf6pOv2G%2BJeHfF%2FTGQ2D0dJAvj3H6bkE%2BjQWMlwwVmZ1RWsqSYtmvg45joc3OPBNBwZJjO1rlosIwL34FglHB%2FANaOOVgylPSVJmsuwBisEuKVin%2BHWztN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc488d3ed5376db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.unblockia.com/h.js

54.230.111.2

200 OK

166 kB

URL GET HTTP/2
cdn.unblockia.com/h.js
IP
54.230.111.2:443
ASN
#16509 AMAZON-02

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerAmazon
Subject*.unblockia.com
FingerprintF2:6F:03:00:E3:4A:B1:87:3C:4D:28:BB:E6:CE:8F:F1:2A:6E:1B:5D
ValidityTue, 21 Feb 2023 00:00:00 GMT - Fri, 22 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
166 kB (166192 bytes)
Hash
3d75dc8f7c4000ccdac0fff2f09d78a8
9008e9830c5f3a690cbb6cc94ddb34b59fc12677
203af4ee7878df10c428ce6599c619695219f48681b832ef3f856abdd299b8e8

HTTP Headers

GET /h.js HTTP/1.1
Host: cdn.unblockia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Mon, 22 May 2023 09:17:35 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-content-sha256: 3b11cd91ab382736a9ba8e63029f318e3177aa77903aa4fa093a80765fac8c07
x-amz-version-id: gKayxwShEzJAnBjNaPvAM9Fj3A2ZU3Kt
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:987257285531:build/unblockia-loader-codebuild-project:6a48fce0-eba0-40cc-8a72-49f5d7d1abde
x-amz-meta-codebuild-content-md5: 60511405d11f9acd0880a4539ae338cb
server: AmazonS3
content-encoding: br
date: Wed, 24 May 2023 09:19:59 GMT
etag: W/"3d75dc8f7c4000ccdac0fff2f09d78a8"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gvAGYKcrsmg2TfTVF_oiQRiSSgIpu9m17S3or175nFBhwbO9WQcUyA==
age: 778
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

cdn.prplads.com/load.js?publisherId=64df4768ef6a3d343387f03963cc6d27:a3fc5ba00d8a1e88f69e3c15e8e8c501507f1b2063b64e48a97000a1c4480fda350894047ca3535d3ce8fc5253d0214840300a723dc6ecae38a57d550d5ed683

104.26.3.51

200 OK

44 kB

URL GET HTTP/2
cdn.prplads.com/load.js?publisherId=64df4768ef6a3d343387f03963cc6d27:a3fc5ba00d8a1e88f69e3c15e8e8c501507f1b2063b64e48a97000a1c4480fda350894047ca3535d3ce8fc5253d0214840300a723dc6ecae38a57d550d5ed683
IP
104.26.3.51:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerGoogle Trust Services LLC
Subjectprplads.com
Fingerprint44:46:5A:F0:A0:B0:25:70:06:3F:E4:EB:02:D5:A2:67:7A:E3:7D:0E
ValidityWed, 19 Apr 2023 12:34:16 GMT - Tue, 18 Jul 2023 12:34:15 GMT

File type

Size
44 kB (44061 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /load.js?publisherId=64df4768ef6a3d343387f03963cc6d27:a3fc5ba00d8a1e88f69e3c15e8e8c501507f1b2063b64e48a97000a1c4480fda350894047ca3535d3ce8fc5253d0214840300a723dc6ecae38a57d550d5ed683 HTTP/1.1
Host: cdn.prplads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:58 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"103f53a915d53d541a023f9c8352e84c"
last-modified: Wed, 03 May 2023 17:14:59 GMT
x-amz-id-2: c0BBo0bTVFeShG8i+7lo2b2VE/UirvGjsaEwxq/wwMJ6ns1s3aKZvOG0lzRnXyQ2PtAWUDAre3c=
x-amz-request-id: VF6G331VR5CZSWHS
cache-control: max-age=86400
cf-cache-status: HIT
age: 2086
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8VkSD58dDVcVcTrc4sovVyF63536TIUlmtE5IOWxd5Yzvy8Paw5FVI7WcJMsVqqDc7TzqF4zl3ETgVPNrJ3%2FCga%2FKReuXiHYsVkW8gFtZCnJkks6vOmRkt%2FKsvYfAlRZgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc488d3ef9cb4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2

ntvpwpush.com/dl/cookies

168.119.25.102

200 OK

620 B

URL GET HTTP/2
ntvpwpush.com/dl/cookies
IP
168.119.25.102:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://dfiles.eu/files/7saf9opey
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
FingerprintC3:3A:0A:7D:9C:4B:21:97:39:A7:AD:B8:87:47:F1:35:32:D9:84:53
ValidityFri, 28 Apr 2023 11:39:09 GMT - Thu, 27 Jul 2023 11:39:08 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (656), with no line terminators
Size
620 B (620 bytes)
Hash
0f28ac8b62710210d8c20200cb32caf2
e5cf4c2df4e48eff5fe877531dd3f12351c0c37d
2e6743f06e4cc09ff077b579b75511eaaf5ccf370f70fd2075d74725bf5b872c

HTTP Headers

GET /dl/cookies HTTP/1.1
Host: ntvpwpush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 24 May 2023 09:32:59 GMT
content-type: text/html
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (69)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML