depositfiles.com/files/7saf9opey
91.226.124.76302 Found 0 B URL User Request GET HTTP/1.1 depositfiles.com/files/7saf9opey
IP 91.226.124.76:443
Certificate IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint90:44:8D:18:D5:0B:6D:4B:AA:47:FB:C3:D9:B4:43:28:E2:A9:58:14
ValidityMon, 27 Feb 2023 10:18:03 GMT - Sun, 28 May 2023 10:18:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /files/7saf9opey HTTP/1.1
Host: depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 24 May 2023 09:32:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Location: //dfiles.eu/files/7saf9opey
dfiles.eu/files/7saf9opey
91.226.124.78200 OK 5.4 kB URL User Request GET HTTP/1.1 dfiles.eu/files/7saf9opey
IP 91.226.124.78:443
Certificate IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, CR, LF line terminators
Hash 071e3ed397906304f1961981cc33fca2
4677ecf8359959a189d8c76530c3274d0960634c
7f041a5bbc0eda2744de0f181f445f61cc2562898a13d9d89f94228358918155
GET /files/7saf9opey HTTP/1.1
Host: dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; path=/; domain=.dfiles.eu
last_file=7saf9opey; path=/; domain=.dfiles.eu
lang_current=en; expires=Thu, 23-May-2024 09:32:55 GMT; Max-Age=31536000; path=/; domain=.dfiles.eu; secure
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
www.google.com/recaptcha/api.js
216.58.207.228200 OK 557 B URL GET HTTP/2 www.google.com/recaptcha/api.js
IP 216.58.207.228:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint85:AD:43:66:C0:73:07:1B:B5:5D:4A:83:4B:76:3F:DA:4B:2B:E1:F8
ValidityMon, 24 Apr 2023 12:01:16 GMT - Mon, 17 Jul 2023 12:01:15 GMT
File type ASCII text, with very long lines (850), with no line terminators
Hash b7b728964630ecd7e800d650f14695c5
473f7633fea7e2f828c3df9ab19356286f10a692
f4de494b6cfd42ce31b244cd84410cd4259d82773485f6c7b4ffd2a7ca2d6217
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Wed, 24 May 2023 09:32:56 GMT
date: Wed, 24 May 2023 09:32:56 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 557
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-BL9163LYG1
142.250.74.40200 OK 86 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-BL9163LYG1
IP 142.250.74.40:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint55:51:32:58:36:72:A1:C8:50:5E:5A:8D:CE:A5:2F:DC:D7:1E:62:03
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT
File type ASCII text, with very long lines (5048)
Hash 30b54016a5ab1dc07044b5088673fc32
4b8e296a9583a500ab20836039bf0d6321a8afd3
d88cd90b1715ac5aaa714f4d6337b39411c80f817a6174ad6ad25c42230e4bf3
GET /gtag/js?id=G-BL9163LYG1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 May 2023 09:32:56 GMT
expires: Wed, 24 May 2023 09:32:56 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85720
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.depositfiles.com/js/function.js
91.226.124.81200 OK 35 kB URL GET HTTP/1.1 static.depositfiles.com/js/function.js
IP 91.226.124.81:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint90:44:8D:18:D5:0B:6D:4B:AA:47:FB:C3:D9:B4:43:28:E2:A9:58:14
ValidityMon, 27 Feb 2023 10:18:03 GMT - Sun, 28 May 2023 10:18:02 GMT
File type ASCII text, with very long lines (4240)
Hash a5779d2f560cd50376dbba372b0fd15b
07b08e35b9254288c1372e37577db8b9e4da01b4
51d26403861d61a7842bc73f518d4a4351a7027c40c9f0347f61421226950b84
GET /js/function.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:56 GMT
Content-Type: application/javascript
Content-Length: 34915
Last-Modified: Tue, 26 Apr 2022 10:45:43 GMT
Connection: keep-alive
ETag: "6267cd57-8863"
Expires: Wed, 24 May 2023 09:37:56 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes
static.depositfiles.com/css/main.css
91.226.124.81200 OK 47 kB URL GET HTTP/1.1 static.depositfiles.com/css/main.css
IP 91.226.124.81:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint90:44:8D:18:D5:0B:6D:4B:AA:47:FB:C3:D9:B4:43:28:E2:A9:58:14
ValidityMon, 27 Feb 2023 10:18:03 GMT - Sun, 28 May 2023 10:18:02 GMT
File type ASCII text, with very long lines (332)
Hash af57443dfa4bc2d3299321923ae1c57f
d922badb0ed1d665302cf93268e9960d0a04c065
50d446eade67c33dc4dba74f2f2b7480b5021de5a98bfedc1f10ce5c35d966f3
GET /css/main.css HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:56 GMT
Content-Type: text/css
Last-Modified: Tue, 26 Apr 2022 10:45:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6267cd55-2f719"
Expires: Wed, 24 May 2023 09:37:56 GMT
Cache-Control: max-age=300
Content-Encoding: gzip
static.depositfiles.com/js/jquery.validate.js
91.226.124.81200 OK 38 kB URL GET HTTP/1.1 static.depositfiles.com/js/jquery.validate.js
IP 91.226.124.81:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint90:44:8D:18:D5:0B:6D:4B:AA:47:FB:C3:D9:B4:43:28:E2:A9:58:14
ValidityMon, 27 Feb 2023 10:18:03 GMT - Sun, 28 May 2023 10:18:02 GMT
File type Unicode text, UTF-8 text, with very long lines (1238)
Hash d5231b6378847ebdb55f64c77d5a234f
eed97aa0b2aa9486b6f6831ed8a85dc729ad6b9c
95434a8a2568a6481a1fbcf5808a75dd58e77348ed6d70b4f7aeda8842e8f0c7
GET /js/jquery.validate.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:56 GMT
Content-Type: application/javascript
Content-Length: 38269
Last-Modified: Tue, 26 Apr 2022 10:45:43 GMT
Connection: keep-alive
ETag: "6267cd57-957d"
Expires: Wed, 24 May 2023 09:37:56 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes
static.depositfiles.com/js/base2.js
91.226.124.81200 OK 399 kB URL GET HTTP/1.1 static.depositfiles.com/js/base2.js
IP 91.226.124.81:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint90:44:8D:18:D5:0B:6D:4B:AA:47:FB:C3:D9:B4:43:28:E2:A9:58:14
ValidityMon, 27 Feb 2023 10:18:03 GMT - Sun, 28 May 2023 10:18:02 GMT
File type Unicode text, UTF-8 text, with very long lines (65481)
Size 399 kB (398927 bytes)
Hash 2fcae8126c3fd9a626370a701f0bd887
f3496fb7bbe122a9774d7dcfcd68da03a24dc285
d29ab86f64b4fcfbc45b9ef806c147f1e42e37e37d44a559147232288063badc
GET /js/base2.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:56 GMT
Content-Type: application/javascript
Content-Length: 398927
Last-Modified: Tue, 26 Apr 2022 10:45:43 GMT
Connection: keep-alive
ETag: "6267cd57-6164f"
Expires: Wed, 24 May 2023 09:37:56 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes
pl16105218.highrevenuegate.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js
192.243.59.12200 OK 13 kB URL GET HTTP/1.1 pl16105218.highrevenuegate.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js
IP 192.243.59.12:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjecthighrevenuegate.com
FingerprintE3:83:9C:63:64:A5:46:F7:CE:7B:E1:4D:12:0F:29:C3:22:23:C0:14
ValidityTue, 02 May 2023 09:41:55 GMT - Mon, 31 Jul 2023 09:41:54 GMT
File type ASCII text, with very long lines (37155), with no line terminators
Hash ff272e448475d3739c4d5d4274d4c02b
79b158277dfd2b8afb2348a5f1ab8206a1a3632f
f46832dccaedff00b2c4e47fd280431ad9350f6950652d1185e721725e96d7fd
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js HTTP/1.1
Host: pl16105218.highrevenuegate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 May 2023 09:32:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 703ea53bc3e66696cc10f5006a686a8d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
static.depositfiles.com/images/logo.png
91.226.124.81200 OK 3.6 kB URL GET HTTP/1.1 static.depositfiles.com/images/logo.png
IP 91.226.124.81:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint90:44:8D:18:D5:0B:6D:4B:AA:47:FB:C3:D9:B4:43:28:E2:A9:58:14
ValidityMon, 27 Feb 2023 10:18:03 GMT - Sun, 28 May 2023 10:18:02 GMT
File type PNG image data, 176 x 43, 8-bit/color RGBA, non-interlaced\012- data
Hash c41fdd84b04e45a91cb17cfdeccb1b38
fec7fffe104c7e169aeb159032078c4b71ff2cdc
7f89eb8ab03684f4db282ca30eb231b1e254bca10c7b511950df5e0eab0a68a0
GET /images/logo.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: image/png
Content-Length: 3623
Last-Modified: Tue, 26 Apr 2022 10:45:42 GMT
Connection: keep-alive
ETag: "6267cd56-e27"
Accept-Ranges: bytes
static.depositfiles.com/images/timer.gif
91.226.124.81200 OK 12 kB URL GET HTTP/1.1 static.depositfiles.com/images/timer.gif
IP 91.226.124.81:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint90:44:8D:18:D5:0B:6D:4B:AA:47:FB:C3:D9:B4:43:28:E2:A9:58:14
ValidityMon, 27 Feb 2023 10:18:03 GMT - Sun, 28 May 2023 10:18:02 GMT
File type GIF image data, version 89a, 70 x 70\012- data
Hash fb170c2ce20d8088b7cee465689c3637
9759429c7de6921580fac900c4c6026c758bb94c
6b5c53dd4d2d07c854e019e55458ff9652a4d9b7bf1fe8848ad00ca16032e294
GET /images/timer.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: image/gif
Content-Length: 11607
Last-Modified: Tue, 26 Apr 2022 10:45:42 GMT
Connection: keep-alive
ETag: "6267cd56-2d57"
Expires: Mon, 29 May 2023 09:32:57 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
static.depositfiles.com/images/member_menu_bg.gif
91.226.124.81200 OK 78 B URL GET HTTP/1.1 static.depositfiles.com/images/member_menu_bg.gif
IP 91.226.124.81:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint90:44:8D:18:D5:0B:6D:4B:AA:47:FB:C3:D9:B4:43:28:E2:A9:58:14
ValidityMon, 27 Feb 2023 10:18:03 GMT - Sun, 28 May 2023 10:18:02 GMT
File type GIF image data, version 89a, 1 x 48\012- data
Hash 20a24b56dcedf6a71a71ebec771e1f7d
d7bed493d5d4eeaed5dbbf7d30d45107840790a0
6f57f29224d8e9e51ed0839e329055426fba7dcd97ef31e93ed495f93a6063df
GET /images/member_menu_bg.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: image/gif
Content-Length: 78
Last-Modified: Tue, 26 Apr 2022 10:45:42 GMT
Connection: keep-alive
ETag: "6267cd56-4e"
Expires: Mon, 29 May 2023 09:32:57 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
static.depositfiles.com/images/sprite.png
91.226.124.81200 OK 37 kB URL GET HTTP/1.1 static.depositfiles.com/images/sprite.png
IP 91.226.124.81:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint90:44:8D:18:D5:0B:6D:4B:AA:47:FB:C3:D9:B4:43:28:E2:A9:58:14
ValidityMon, 27 Feb 2023 10:18:03 GMT - Sun, 28 May 2023 10:18:02 GMT
File type PNG image data, 102 x 630, 8-bit/color RGBA, non-interlaced\012- data
Hash 2333675d7e431d5313c6dbb5230a14cd
93c4032e5b8b85793a9cda7167804445d950dd96
b287134a60667ce8e2c3fa1603e3a8f2ffa59c64e746d026d1a13ef19f3f38a0
GET /images/sprite.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: image/png
Content-Length: 36802
Last-Modified: Tue, 26 Apr 2022 10:45:42 GMT
Connection: keep-alive
ETag: "6267cd56-8fc2"
Accept-Ranges: bytes
static.depositfiles.com/images/flags/lang24.png
91.226.124.81200 OK 9.2 kB URL GET HTTP/1.1 static.depositfiles.com/images/flags/lang24.png
IP 91.226.124.81:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint90:44:8D:18:D5:0B:6D:4B:AA:47:FB:C3:D9:B4:43:28:E2:A9:58:14
ValidityMon, 27 Feb 2023 10:18:03 GMT - Sun, 28 May 2023 10:18:02 GMT
File type PNG image data, 24 x 552, 8-bit/color RGBA, non-interlaced\012- data
Hash efdcd1ca23d564ddd811f41152a2b83c
0b5aa064e7f8f241363c55fa17eb448f42a5f8df
ce23be242e34c5b420f8ba0390aef20fa50ffc69f700091029616eff524e8f9b
GET /images/flags/lang24.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: image/png
Content-Length: 9172
Last-Modified: Tue, 26 Apr 2022 10:45:42 GMT
Connection: keep-alive
ETag: "6267cd56-23d4"
Accept-Ranges: bytes
simplewebanalysis.com/stats
18.192.155.180200 OK 40 B URL GET HTTP/2 simplewebanalysis.com/stats
IP 18.192.155.180:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerAmazon
Subjectsimplewebanalysis.com
FingerprintE5:9D:30:D3:0E:8A:EF:0D:43:46:4C:4C:53:AD:05:78:63:E9:04:07
ValidityThu, 02 Mar 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash e79ecd69aa055a08849236de5ce34be0
bf1e873f7f5ef9861d60c15d24414f4d03690339
dc6009f0beb0624cf3be342f6cce435fea4e726eaefa7896e0d96b465854bae0
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:57 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dfiles.eu
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=ed70feaa-4a44-4eb2-8cc3-ec5849860a76:3:1; expires=Sat, 21 May 2033 09:32:57 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
js.wpadmngr.com/static/adManager.js
45.133.44.52200 OK 29 kB URL GET HTTP/2 js.wpadmngr.com/static/adManager.js
IP 45.133.44.52:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjectjs.wpadmngr.com
FingerprintA9:7C:F8:A4:B8:B3:E3:98:76:72:9E:0B:4A:FB:FB:39:D4:F4:54:3D
ValidityTue, 16 May 2023 02:02:19 GMT - Mon, 14 Aug 2023 02:02:18 GMT
File type gzip compressed data, from Unix\012- data
Hash c29341fa994d34995f3a38b16c8a8cdd
2fa7f19d6c25cf9cd43dbf78a0b1f159644f2c60
973fb4f6b04cd184a6a3d8b10cd3f32baef6d4f9537cd1a01119cc0d34377d1f
GET /static/adManager.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:56 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Mon, 05 Dec 2022 13:37:26 GMT
etag: W/"638df416-4dd"
content-encoding: gzip
expires: Wed, 24 May 2023 09:37:56 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
adsbb.dfiles.eu//ad.php?z=56&c=NO
91.226.124.80303 See Other 0 B URL GET HTTP/1.1 adsbb.dfiles.eu//ad.php?z=56&c=NO
IP 91.226.124.80:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET //ad.php?z=56&c=NO HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; last_file=7saf9opey; lang_current=en; _ga_BL9163LYG1=GS1.1.1684920776.1.0.1684920776.0.0.0; _ga=GA1.1.673948797.1684920776
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 303 See Other
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.30-0+deb8u1
Set-Cookie: _nf56=1; expires=Thu, 25-May-2023 09:32:57 GMT; Max-Age=86400
Location: /upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
loader.unblockia.com/c/dfiles.eu/config.json
54.230.111.124200 OK 47 kB URL GET HTTP/2 loader.unblockia.com/c/dfiles.eu/config.json
IP 54.230.111.124:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerAmazon
Subject*.unblockia.com
FingerprintF2:6F:03:00:E3:4A:B1:87:3C:4D:28:BB:E6:CE:8F:F1:2A:6E:1B:5D
ValidityTue, 21 Feb 2023 00:00:00 GMT - Fri, 22 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (46747), with no line terminators
Hash f365c1e4619a90bbadadacf55598fe90
1623c939b72aecd3831e1da35e4c0a5229383e91
23e2e4d868bb2652b97e9e13d36df1dfeeba338d4e9c4d1d737fba6b2b2b2d52
GET /c/dfiles.eu/config.json HTTP/1.1
Host: loader.unblockia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 46747
date: Wed, 24 May 2023 04:15:06 GMT
last-modified: Fri, 12 May 2023 12:21:43 GMT
etag: "f365c1e4619a90bbadadacf55598fe90"
x-amz-server-side-encryption: AES256
x-amz-version-id: 9pI8Ts97IpPXbRP2Kcl6CF4_Ph.rjMBr
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7kH0WD0xiL0Pk3IeNmef3RvZnRwXmyh6NhAJEF8Lf09a_1N6Yb_bug==
age: 19071
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
adsbb.dfiles.eu//ad.php?z=7&c=NO&g=no_file&u=646dd9c75f27e-13967916
91.226.124.78303 See Other 0 B URL GET HTTP/1.1 adsbb.dfiles.eu//ad.php?z=7&c=NO&g=no_file&u=646dd9c75f27e-13967916
IP 91.226.124.78:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET //ad.php?z=7&c=NO&g=no_file&u=646dd9c75f27e-13967916 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; last_file=7saf9opey; lang_current=en; _ga_BL9163LYG1=GS1.1.1684920776.1.0.1684920776.0.0.0; _ga=GA1.1.673948797.1684920776
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 303 See Other
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.30-0+deb8u1
Set-Cookie: _nf7=1; expires=Thu, 25-May-2023 09:32:57 GMT; Max-Age=86400
Location: /upload/2303/ad2769296150a424.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
adsbb.dfiles.eu//ad.php?z=58&c=NO&g=no_file
91.226.124.80303 See Other 0 B URL GET HTTP/1.1 adsbb.dfiles.eu//ad.php?z=58&c=NO&g=no_file
IP 91.226.124.80:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET //ad.php?z=58&c=NO&g=no_file HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; last_file=7saf9opey; lang_current=en; _ga_BL9163LYG1=GS1.1.1684920776.1.0.1684920776.0.0.0; _ga=GA1.1.673948797.1684920776
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 303 See Other
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.30-0+deb8u1
Set-Cookie: _nf58=1; expires=Thu, 25-May-2023 09:32:57 GMT; Max-Age=86400
Location: /upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
adsbb.dfiles.eu//ad.php?z=60&c=NO
91.226.124.78303 See Other 0 B URL GET HTTP/1.1 adsbb.dfiles.eu//ad.php?z=60&c=NO
IP 91.226.124.78:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET //ad.php?z=60&c=NO HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; last_file=7saf9opey; lang_current=en; _ga_BL9163LYG1=GS1.1.1684920776.1.0.1684920776.0.0.0; _ga=GA1.1.673948797.1684920776
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 303 See Other
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.30-0+deb8u1
Set-Cookie: _nf60=1; expires=Thu, 25-May-2023 09:32:57 GMT; Max-Age=86400
Location: /upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
js.wpshsdk.com/npc/sdk/wp-banners.js
45.133.44.53200 OK 0 B URL GET HTTP/2 js.wpshsdk.com/npc/sdk/wp-banners.js
IP 45.133.44.53:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjectjs.wpshsdk.com
Fingerprint78:77:A4:19:CC:0D:15:24:69:96:1B:44:C9:A0:4D:0B:B7:C0:F2:D8
ValidityMon, 27 Mar 2023 02:06:36 GMT - Sun, 25 Jun 2023 02:06:35 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Wed, 24 May 2023 09:37:57 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
na.nawpush.com/tags/46445?version_name=a
45.133.44.25200 OK 578 B URL GET HTTP/2 na.nawpush.com/tags/46445?version_name=a
IP 45.133.44.25:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjectna.nawpush.com
Fingerprint06:8A:2E:29:09:91:41:F0:6E:1C:15:DE:41:23:FB:9C:E4:5B:47:B0
ValidityMon, 03 Apr 2023 01:01:43 GMT - Sun, 02 Jul 2023 01:01:42 GMT
File type JSON data\012- , ASCII text, with very long lines (578), with no line terminators
Hash 48cf99226e98595889e80d389697c90c
6c6f7b9047532c20c72d68b246dafe3db8ca16b5
e81d3360bc9596b20a9ea1289549039c2b4d0350a4cd9122c1578605b56f7055
GET /tags/46445?version_name=a HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:57 GMT
content-type: application/json
content-length: 578
server: nginx/1.18.0
cache-control: max-age=300, public
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
91.226.124.78200 OK 670 B URL GET HTTP/1.1 adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
IP 91.226.124.78:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1c1f34441a54edce6b52c3649ef526cd
17baa188e1f7646b2433b89f5d5d56ca1318b691
14e40f5c348a27a0806b7951f425af668dc85c00a66e37ee8a0a09af6049f94e
GET /upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
DNT: 1
Connection: keep-alive
Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; last_file=7saf9opey; lang_current=en; _ga_BL9163LYG1=GS1.1.1684920776.1.0.1684920776.0.0.0; _ga=GA1.1.673948797.1684920776; _nf56=1; _nf7=1; _nf58=1; _nf60=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Last-Modified: Wed, 24 May 2023 09:30:01 GMT
Content-Encoding: gzip
adsbb.dfiles.eu/upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
91.226.124.78200 OK 677 B URL GET HTTP/1.1 adsbb.dfiles.eu/upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
IP 91.226.124.78:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 7ef505f3daf5cee6ee5e38d26f81a2d2
4c7ac3903e4a813eb640920e7daeea892e19c371
48a8741a86eb2b00c27ba84dcd2866cc0ea76f0bf01710dad6e5d06205938327
GET /upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
DNT: 1
Connection: keep-alive
Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; last_file=7saf9opey; lang_current=en; _ga_BL9163LYG1=GS1.1.1684920776.1.0.1684920776.0.0.0; _ga=GA1.1.673948797.1684920776; _nf56=1; _nf7=1; _nf58=1; _nf60=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Last-Modified: Wed, 24 May 2023 09:30:01 GMT
Content-Encoding: gzip
adsbb.dfiles.eu/upload/2303/ad2769296150a424.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
91.226.124.78200 OK 2.4 kB URL GET HTTP/1.1 adsbb.dfiles.eu/upload/2303/ad2769296150a424.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
IP 91.226.124.78:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (879)
Hash 351f80166f20dec8cdebcf4705f0a9b9
02cdcdf9e338276a826b81f729bfec51aa3ae7c7
9f82b46d5dc09b8a528800be044d910f319f064e5e73e7a414f91df8a70d3983
GET /upload/2303/ad2769296150a424.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
DNT: 1
Connection: keep-alive
Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; last_file=7saf9opey; lang_current=en; _ga_BL9163LYG1=GS1.1.1684920776.1.0.1684920776.0.0.0; _ga=GA1.1.673948797.1684920776; _nf56=1; _nf7=1; _nf58=1; _nf60=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Last-Modified: Wed, 24 May 2023 09:30:01 GMT
Content-Encoding: gzip
adsbb.dfiles.eu/upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
91.226.124.78200 OK 669 B URL GET HTTP/1.1 adsbb.dfiles.eu/upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
IP 91.226.124.78:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash b23e28a6b4c560f6ae7b10c3ac184968
eab8c825c42292d07b400521769c2bc76120ec7b
e1eae0f4409c06e8a4c09ff0cf11fa6db92b47fb75df473edb4230451b6ca6aa
GET /upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
DNT: 1
Connection: keep-alive
Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; last_file=7saf9opey; lang_current=en; _ga_BL9163LYG1=GS1.1.1684920776.1.0.1684920776.0.0.0; _ga=GA1.1.673948797.1684920776; _nf56=1; _nf7=1; _nf58=1; _nf60=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Last-Modified: Wed, 24 May 2023 09:30:01 GMT
Content-Encoding: gzip
ip2geo.pubfuture-ad.com/detail
104.26.1.97200 OK 33 B URL GET HTTP/2 ip2geo.pubfuture-ad.com/detail
IP 104.26.1.97:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA4:70:A9:B9:AC:49:1E:53:23:43:41:25:CD:10:7C:01:2E:87:01:01
ValidityTue, 07 Feb 2023 00:00:00 GMT - Tue, 06 Feb 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 007af5ffed017e37943df31888ef8666
2877ed4c460ba9164b3625e32502a9d83a2a1d4a
bfb9d45766b6f87ee2c5f55862cdffe168aa7df0ff6ed0917b0fbcb035fdcdd2
GET /detail HTTP/1.1
Host: ip2geo.pubfuture-ad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:57 GMT
content-type: application/json; charset=utf-8
content-length: 33
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
access-control-allow-origin: *
etag: W/"21-KHftTEYLqRZLNiXjJQKp2DoqHUo"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2FN7EZSOEUImnDYqkDIRMQjPDRCt7OI7k%2FkJBTIhMhhWLZy%2FopCB70TRjr%2Byko%2BHcDYeLjQJGBo80oOPFRkLY2gHYfZX5ROYUqsyAu65E666qr%2Bvxn0nPmmTDTpkeYj5s8p3%2BVJxWr1G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cc488ca29bfb515-OSL
X-Firefox-Spdy: h2
adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
91.226.124.78200 OK 85 kB URL GET HTTP/1.1 adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
IP 91.226.124.78:443
Requested by https://adsbb.dfiles.eu/upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Certificate IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT
File type Unicode text, UTF-8 text, with very long lines (65168)
Hash b04a3bccd23ddeb7982143707a63ccf9
4a5dc1389aad050a44ee5e81408238a317ab3413
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; last_file=7saf9opey; lang_current=en; _ga_BL9163LYG1=GS1.1.1684920776.1.0.1684920776.0.0.0; _ga=GA1.1.673948797.1684920776; _nf56=1; _nf7=1; _nf58=1; _nf60=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: application/javascript
Content-Length: 85260
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes
adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
91.226.124.78200 OK 85 kB URL GET HTTP/1.1 adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
IP 91.226.124.78:443
Requested by https://adsbb.dfiles.eu/upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Certificate IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT
File type Unicode text, UTF-8 text, with very long lines (65168)
Hash b04a3bccd23ddeb7982143707a63ccf9
4a5dc1389aad050a44ee5e81408238a317ab3413
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; last_file=7saf9opey; lang_current=en; _ga_BL9163LYG1=GS1.1.1684920776.1.0.1684920776.0.0.0; _ga=GA1.1.673948797.1684920776; _nf56=1; _nf7=1; _nf58=1; _nf60=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: application/javascript
Content-Length: 85260
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes
adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
91.226.124.78200 OK 85 kB URL GET HTTP/1.1 adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
IP 91.226.124.78:443
Requested by https://adsbb.dfiles.eu/upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Certificate IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT
File type Unicode text, UTF-8 text, with very long lines (65168)
Hash b04a3bccd23ddeb7982143707a63ccf9
4a5dc1389aad050a44ee5e81408238a317ab3413
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2303/ad2769296150a424.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; last_file=7saf9opey; lang_current=en; _ga_BL9163LYG1=GS1.1.1684920776.1.0.1684920776.0.0.0; _ga=GA1.1.673948797.1684920776; _nf56=1; _nf7=1; _nf58=1; _nf60=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: application/javascript
Content-Length: 85260
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes
adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
91.226.124.78200 OK 85 kB URL GET HTTP/1.1 adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
IP 91.226.124.78:443
Requested by https://adsbb.dfiles.eu/upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Certificate IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT
File type Unicode text, UTF-8 text, with very long lines (65168)
Hash b04a3bccd23ddeb7982143707a63ccf9
4a5dc1389aad050a44ee5e81408238a317ab3413
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; last_file=7saf9opey; lang_current=en; _ga_BL9163LYG1=GS1.1.1684920776.1.0.1684920776.0.0.0; _ga=GA1.1.673948797.1684920776; _nf56=1; _nf7=1; _nf58=1; _nf60=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: application/javascript
Content-Length: 85260
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes
cdn.pubfuture-ad.com/v2/unit/pt.js
172.67.70.21200 OK 31 kB URL GET HTTP/2 cdn.pubfuture-ad.com/v2/unit/pt.js
IP 172.67.70.21:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA4:70:A9:B9:AC:49:1E:53:23:43:41:25:CD:10:7C:01:2E:87:01:01
ValidityTue, 07 Feb 2023 00:00:00 GMT - Tue, 06 Feb 2024 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (6612), with no line terminators
Hash 682292a8592cf915768cad01e4b3222d
7cac4c7f0693fe9296ced91b9ea1c60b2475600b
74075ecdd502ca9121a9d6a11e8824771cea3c7e158726e01a2964c750766e1d
GET /v2/unit/pt.js HTTP/1.1
Host: cdn.pubfuture-ad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:56 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=172800
cf-bgj: minify
access-control-allow-origin: *
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
etag: W/"19d4-fKxMfwaT/pKWztkbnqHGCyR1YAs"
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
cf-cache-status: HIT
age: 78147
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IdL59Xp%2BE2wXC8hNyKQBKErW7ZwQSyPGrIdSAQ4qvX8MdZ1Xg1j7Uga9tu1yKf8s5gwKHBgI2hIibYAlJCxV0bUg7JcI%2BzW40asJLm9xj9ow9uBF%2Ffj6KH1InJQc1Xnc%2FxVkO5Tn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cc488c3390a0b55-OSL
content-encoding: br
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.192.155.180200 OK 40 B URL GET HTTP/2 simplewebanalysis.com/stats
IP 18.192.155.180:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerAmazon
Subjectsimplewebanalysis.com
FingerprintE5:9D:30:D3:0E:8A:EF:0D:43:46:4C:4C:53:AD:05:78:63:E9:04:07
ValidityThu, 02 Mar 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash e79ecd69aa055a08849236de5ce34be0
bf1e873f7f5ef9861d60c15d24414f4d03690339
dc6009f0beb0624cf3be342f6cce435fea4e726eaefa7896e0d96b465854bae0
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: uid_id2=ed70feaa-4a44-4eb2-8cc3-ec5849860a76:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:57 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dfiles.eu
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
adsbb.dfiles.eu/view.gif?c=2685&z=56&b=2758&u=646dd919e272e2737099307409415
91.226.124.78 43 B URL adsbb.dfiles.eu/view.gif?c=2685&z=56&b=2758&u=646dd919e272e2737099307409415
IP 91.226.124.78:0
Certificate IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /view.gif?c=2685&z=56&b=2758&u=646dd919e272e2737099307409415 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; last_file=7saf9opey; lang_current=en; _ga_BL9163LYG1=GS1.1.1684920776.1.0.1684920776.0.0.0; _ga=GA1.1.673948797.1684920776; _nf56=1; _nf7=1; _nf58=1; _nf60=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: image/gif
Content-Length: 43
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes
adsbb.dfiles.eu/view.gif?c=2973&z=58&b=2775&u=646dd919ec4e87686382574583784
91.226.124.78 43 B URL adsbb.dfiles.eu/view.gif?c=2973&z=58&b=2775&u=646dd919ec4e87686382574583784
IP 91.226.124.78:0
Certificate IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /view.gif?c=2973&z=58&b=2775&u=646dd919ec4e87686382574583784 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; last_file=7saf9opey; lang_current=en; _ga_BL9163LYG1=GS1.1.1684920776.1.0.1684920776.0.0.0; _ga=GA1.1.673948797.1684920776; _nf56=1; _nf7=1; _nf58=1; _nf60=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: image/gif
Content-Length: 43
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes
adsbb.dfiles.eu/view.gif?c=2687&z=60&b=2759&u=646dd919e2b155129252212341188
91.226.124.78200 OK 43 B URL GET HTTP/1.1 adsbb.dfiles.eu/view.gif?c=2687&z=60&b=2759&u=646dd919e2b155129252212341188
IP 91.226.124.78:443
Requested by https://adsbb.dfiles.eu/upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Certificate IssuerLet's Encrypt
Subject*.dfiles.eu
Fingerprint28:FA:BD:73:11:76:EB:79:D3:29:D3:CA:60:19:79:47:4B:43:6B:1C
ValiditySun, 09 Apr 2023 08:43:46 GMT - Sat, 08 Jul 2023 08:43:45 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /view.gif?c=2687&z=60&b=2759&u=646dd919e2b155129252212341188 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=8f57e6cc006b9e86ef3e8e97b4232dd9; last_file=7saf9opey; lang_current=en; _ga_BL9163LYG1=GS1.1.1684920776.1.0.1684920776.0.0.0; _ga=GA1.1.673948797.1684920776; _nf56=1; _nf7=1; _nf58=1; _nf60=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:58 GMT
Content-Type: image/gif
Content-Length: 43
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes
c.mgid.com/pv/?pv=5&cbuster=1684920777822611466867&lct=1684800000&jsv=es6&iframe=1&ref=https%3A%2F%2Fdfiles.eu%2Ffiles%2F7saf9opey&cxurl=https%3A%2F%2Fdfiles.eu%2Ffiles%2F7saf9opey&lu=https%3A%2F%2Fdfiles.eu%2Ffiles%2F7saf9opey&sessionId=646dd9ca-055d3&pageView=1&pvid=1884d1abc708b31fa25&site=437&implVersion=11&dpr=1&tfre=508
104.19.135.78 0 B URL c.mgid.com/pv/?pv=5&cbuster=1684920777822611466867&lct=1684800000&jsv=es6&iframe=1&ref=https%3A%2F%2Fdfiles.eu%2Ffiles%2F7saf9opey&cxurl=https%3A%2F%2Fdfiles.eu%2Ffiles%2F7saf9opey&lu=https%3A%2F%2Fdfiles.eu%2Ffiles%2F7saf9opey&sessionId=646dd9ca-055d3&pageView=1&pvid=1884d1abc708b31fa25&site=437&implVersion=11&dpr=1&tfre=508
IP 104.19.135.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pv/?pv=5&cbuster=1684920777822611466867&lct=1684800000&jsv=es6&iframe=1&ref=https%3A%2F%2Fdfiles.eu%2Ffiles%2F7saf9opey&cxurl=https%3A%2F%2Fdfiles.eu%2Ffiles%2F7saf9opey&lu=https%3A%2F%2Fdfiles.eu%2Ffiles%2F7saf9opey&sessionId=646dd9ca-055d3&pageView=1&pvid=1884d1abc708b31fa25&site=437&implVersion=11&dpr=1&tfre=508 HTTP/1.1
Host: c.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adsbb.dfiles.eu/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Jic3JPCzmSpJYkBJ71Pv_CnBE9gJpoItTXX1JA2KHfc-1684920777-0-ASgbQTBea5QUG3sHvTqpA0LA5ztxWyENrSN3kM8YdpKLX2bM3SUTFJsn3Ln9ZjbV1dgSWR/U9uxE9+z1oZDsrgQ=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 May 2023 09:32:58 GMT
content-length: 0
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7cc488ceed0db524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
static.depositfiles.com/images/favicon.ico
91.226.124.81200 OK 318 B URL GET HTTP/1.1 static.depositfiles.com/images/favicon.ico
IP 91.226.124.81:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint90:44:8D:18:D5:0B:6D:4B:AA:47:FB:C3:D9:B4:43:28:E2:A9:58:14
ValidityMon, 27 Feb 2023 10:18:03 GMT - Sun, 28 May 2023 10:18:02 GMT
File type MS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel\012- data
Hash 0f0b975ee529197ec75780ebc2de5907
59688c6aafca5606e388ba9a44fc9dc25fc32cd3
28a0b52229f05b66354ca38b6b813d2281af3efb7e8b0a424ef8b4c68b9e583c
GET /images/favicon.ico HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:58 GMT
Content-Type: image/x-icon
Content-Length: 318
Last-Modified: Tue, 26 Apr 2022 10:45:42 GMT
Connection: keep-alive
ETag: "6267cd56-13e"
Accept-Ranges: bytes
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js
142.250.74.35200 OK 167 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type ASCII text, with very long lines (554)
Size 167 kB (166637 bytes)
Hash 213e1a6e418f3df36f2ec077314ef525
7a553e545a48271f3afec47b3ed5f3518cfdd7b4
ad5008998005064af73229fb144d5f8e789641f8a846e2064ec18788a37e9e2d
GET /recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166637
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 08:30:50 GMT
expires: Thu, 23 May 2024 08:30:50 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 May 2023 04:00:52 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 3728
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
handbaggather.com/sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6
173.233.137.44200 OK 2.2 kB URL GET HTTP/1.1 handbaggather.com/sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6
IP 173.233.137.44:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjecthandbaggather.com
FingerprintAA:C3:B2:B7:C4:DC:3B:FA:64:BF:B0:F3:38:ED:6B:B3:B1:27:20:81
ValidityFri, 28 Apr 2023 01:16:44 GMT - Thu, 27 Jul 2023 01:16:43 GMT
File type JSON data\012- , ASCII text, with very long lines (5447), with no line terminators
Hash 64fdfdb2c86554d2b8dd0348a068e5b4
8dce2b64708644026e1b37e745c6943d05c838ef
e50586989e3828de6a5631ef3fb7fc72b27ce3b58ff3c99c21ee48e648261cd7
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6 HTTP/1.1
Host: handbaggather.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 May 2023 09:32:58 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://dfiles.eu
Access-Control-Allow-Origin: https://dfiles.eu
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16004719; expires=Thu, 25 May 2023 09:32:58 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 25 May 2023 09:32:58 GMT; secure; SameSite=None
uncs=1; expires=Thu, 25 May 2023 09:32:58 GMT; secure; SameSite=None
pdhtkv29=true; expires=Thu, 25 May 2023 09:32:58 GMT; secure; SameSite=None
uncs29=1; expires=Thu, 25 May 2023 09:32:58 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 936dcd95b85f943040fe7c71046894d6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
toothbrushconceitedsemi.com/pixel/purst?dl=0&th=0&sc=0&rs=2787&rd=2787&fd=871&bv=22.10.v.10&tmpl=136
192.243.59.13200 OK 0 B URL GET HTTP/1.1 toothbrushconceitedsemi.com/pixel/purst?dl=0&th=0&sc=0&rs=2787&rd=2787&fd=871&bv=22.10.v.10&tmpl=136
IP 192.243.59.13:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjecttoothbrushconceitedsemi.com
FingerprintA9:C9:26:53:26:E3:4C:E1:73:0A:D6:1F:61:91:1C:4B:DF:C3:F4:9B
ValidityFri, 05 May 2023 09:21:53 GMT - Thu, 03 Aug 2023 09:21:52 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2787&rd=2787&fd=871&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: toothbrushconceitedsemi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 May 2023 09:32:58 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
jsc.mgid.com/d/e/depositfiles.com.3334.es6.js
104.19.135.78200 OK 91 kB URL GET HTTP/3 jsc.mgid.com/d/e/depositfiles.com.3334.es6.js
IP 104.19.135.78:443
Requested by https://adsbb.dfiles.eu/upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint44:BF:9D:AD:98:A7:1A:F2:1D:18:EF:4E:3E:BE:C0:D8:28:4D:9F:04
ValidityTue, 11 Apr 2023 00:00:00 GMT - Wed, 10 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (28223)
Hash 1eeedf021e01b774c05b8c672b09f66c
275896b8d7e41b4a1d517ea72ebac02aac3a4d13
c6118a1dc680f817266171594c36e0a4a0b61df5ccbf5d7cba76f2be783585f8
GET /d/e/depositfiles.com.3334.es6.js HTTP/1.1
Host: jsc.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Cookie: __cf_bm=Jic3JPCzmSpJYkBJ71Pv_CnBE9gJpoItTXX1JA2KHfc-1684920777-0-ASgbQTBea5QUG3sHvTqpA0LA5ztxWyENrSN3kM8YdpKLX2bM3SUTFJsn3Ln9ZjbV1dgSWR/U9uxE9+z1oZDsrgQ=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 May 2023 09:32:57 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=299840
etag: W/"f9f288a77c9ca02391ab0e1800951519"
last-modified: Tue, 23 May 2023 10:24:32 GMT
x-amz-id-2: HhciiZjvS/2z/8fIq4z5mE+HK8bpjS18kpg9UKWJAD4W2/4OL5m3OVQlLS5YTzVwB6EAJ9DypKE=
x-amz-request-id: ADFT40CMCAG9MZJX
x-amz-server-side-encryption: AES256
x-amz-version-id: 4pjd7og8LXsQ8261RpBWgkWz.tb8iYgM
cf-cache-status: HIT
age: 9
expires: Wed, 24 May 2023 12:32:57 GMT
cache-control: public, max-age=10800
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc488ce4c41b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn.unblockia.com/autopromos/unicef3.jpg?unblockia=true
54.230.111.2200 OK 54 kB URL GET HTTP/2 cdn.unblockia.com/autopromos/unicef3.jpg?unblockia=true
IP 54.230.111.2:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerAmazon
Subject*.unblockia.com
FingerprintF2:6F:03:00:E3:4A:B1:87:3C:4D:28:BB:E6:CE:8F:F1:2A:6E:1B:5D
ValidityTue, 21 Feb 2023 00:00:00 GMT - Fri, 22 Mar 2024 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 160x600, components 3\012- data
Hash 5dcf47442fc7fbb8d0263bbf4869537e
2c8232ac93448bbc06b5464f1839a5cdb2ed3e07
81804a1b2b20350ec009ba6429a4f58124c16ca30683af0af255544cd98c8fa6
GET /autopromos/unicef3.jpg?unblockia=true HTTP/1.1
Host: cdn.unblockia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 54292
last-modified: Tue, 12 Apr 2022 08:41:27 GMT
x-amz-version-id: iA22.ytP0i4dmuIhnc0eyNVgJlt2K4fl
accept-ranges: bytes
server: AmazonS3
date: Wed, 24 May 2023 03:31:48 GMT
etag: "5dcf47442fc7fbb8d0263bbf4869537e"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1WT8_7GUTGvlwoF1-GdjqzSwUVbvPeYiydsGAnmP8sd6CPx6BT0dLQ==
age: 21671
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
cdn.unblockia.com/autopromos/unicef2.jpg?unblockia=true
54.230.111.2200 OK 37 kB URL GET HTTP/2 cdn.unblockia.com/autopromos/unicef2.jpg?unblockia=true
IP 54.230.111.2:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerAmazon
Subject*.unblockia.com
FingerprintF2:6F:03:00:E3:4A:B1:87:3C:4D:28:BB:E6:CE:8F:F1:2A:6E:1B:5D
ValidityTue, 21 Feb 2023 00:00:00 GMT - Fri, 22 Mar 2024 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 728x90, components 3\012- data
Hash 58fbb6ffe72ac0c1aa468de39ee18e13
d25230f1ef89aecc6048b0ceb09dd0af609ee7b6
e8ff7f3a8926e5b5497d2ab7a1bf47c5655e287a51045f11846f426ac6c7d180
GET /autopromos/unicef2.jpg?unblockia=true HTTP/1.1
Host: cdn.unblockia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 36773
last-modified: Tue, 12 Apr 2022 08:41:28 GMT
x-amz-version-id: xUurxjfnscsyJn430NFsrgfbabIFowSl
accept-ranges: bytes
server: AmazonS3
date: Tue, 23 May 2023 17:02:15 GMT
etag: "58fbb6ffe72ac0c1aa468de39ee18e13"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fuuKCnx5coWe75lTHtGZ2DHlBcE23ckBT_JSrqQMbHxOIdjfKD59LQ==
age: 59522
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
t.unblockia.com/?sid=140&o=3&b=2&p=1&t=1
54.230.111.104200 OK 0 B URL POST HTTP/2 t.unblockia.com/?sid=140&o=3&b=2&p=1&t=1
IP 54.230.111.104:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerAmazon
Subject*.unblockia.com
FingerprintF2:6F:03:00:E3:4A:B1:87:3C:4D:28:BB:E6:CE:8F:F1:2A:6E:1B:5D
ValidityTue, 21 Feb 2023 00:00:00 GMT - Fri, 22 Mar 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?sid=140&o=3&b=2&p=1&t=1 HTTP/1.1
Host: t.unblockia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
content-type: application/json
content-length: 0
server: nginx/1.20.0
date: Wed, 24 May 2023 09:32:58 GMT
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TsA2lmJik1L59s8Vq8inKThpr0bdnJ4NAK6IrRqeHFyXM_v9nEhsxw==
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
handbaggather.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq9dlD%2BplXS%2BCwnhSQSbdnZ5f7kE2rpFg3Ky7it6kuqp68kx1V1PVPT0JHoILssfxP%2Bh8J9mghmX9AxSZeHJByHjKwRyE%2FQNE2bPMJDj6oHnv%2B77v8Hmv66u98oz5KPnp6gdmh7TmS62m33j90yC43linrBw2ht32Z%2B3oesMO3gr8XtN%2Fo%2FGeEltmKfQD3w%2F8oLFKViVmuBQEQdMH5Ue9oNnzm1HYDFoRhvb%2F2pUeHPcgB2fsBZCcPnv0MAKJCbL00U3ltgqTv%2FluWmpeGIuBPPw428pMlSFdlIn1kGSHF9Mw7mT1R5jsYA4MM%2Fh3MKYp8578gTg7vKBEPDg4B401VIZYPodqMIHSExCfQJh7IHnCACFxawNZ%2BuCWsRXfPnf5zJ2yy0%2F%2FAlVTdvn3F5GlD1c0DRt3jS4LMpnDMKlBwwmoP0FeHqPYuQSqjiGKL0HyV7b0dB1Zur%2FhtAHJer480QSUTKDVCNx5KGcfeSgTD2XuIZWnjY6Iul3ZbUmuhAjjJOgmURL1uPAT4S%2F3QpRihjdCkY8g9AjC7iK3u9iiEWz5E9xmDSc9uGLKvA93MZA1KsVQOYaKM1TEUBUM1aA%2BkNqFrn4gtSvj4CKHF3m5Hpuiv8cPTNFXGdvLz9jV%2BV3%2BbhtsqdNGGEZcRjyI4igOWiLohO0k6fgtJdqdUPE2HNUgd2m%2B6g6dXMuR08nzLyPmx3D6GIKugpevgFfjTuiDb46jro%2Bd7JFUuXFUJKSVawqTQpoaeXEZxba3p8%2FYS3OO1568CiUes4uAsDVyW%2BNz%2Bpmhr%2B%2BP75iK7d8xlWPfb%2BQFpbTDZ%2F%2FubsELdeXb99V2Zaxcu%2BlG39wQM2NWHn2kXLHOM0lZ37HvVkhKZVeNFYr9sOY%2BUfHt0m2ulDYr8%2FXb76yupblVzpHJJuB08kUbgqbsyo2D%2Bau89mcPZCewZY20XJCSmUDku3D5oucMg9ULHeceqrIe2zBeNDUxaLXQPK7h%2FqPjRb3n7qNvPfDiHrK0xsDWGOgaXI%2FgymfGRW4fv%2F3b8jwQa28ca%2Bvtx9rqr89P6%2Bi0oTqq3etFftSRvh9HMgyDlhJ8OeI9HoZJB4WbyvT0l38AAAD%2F%2FwEAAP%2F%2Fkj7uWWIEAAA%3D
192.243.59.13200 OK 7 B URL GET HTTP/1.1 handbaggather.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq9dlD%2BplXS%2BCwnhSQSbdnZ5f7kE2rpFg3Ky7it6kuqp68kx1V1PVPT0JHoILssfxP%2Bh8J9mghmX9AxSZeHJByHjKwRyE%2FQNE2bPMJDj6oHnv%2B77v8Hmv66u98oz5KPnp6gdmh7TmS62m33j90yC43linrBw2ht32Z%2B3oesMO3gr8XtN%2Fo%2FGeEltmKfQD3w%2F8oLFKViVmuBQEQdMH5Ue9oNnzm1HYDFoRhvb%2F2pUeHPcgB2fsBZCcPnv0MAKJCbL00U3ltgqTv%2FluWmpeGIuBPPw428pMlSFdlIn1kGSHF9Mw7mT1R5jsYA4MM%2Fh3MKYp8578gTg7vKBEPDg4B401VIZYPodqMIHSExCfQJh7IHnCACFxawNZ%2BuCWsRXfPnf5zJ2yy0%2F%2FAlVTdvn3F5GlD1c0DRt3jS4LMpnDMKlBwwmoP0FeHqPYuQSqjiGKL0HyV7b0dB1Zur%2FhtAHJer480QSUTKDVCNx5KGcfeSgTD2XuIZWnjY6Iul3ZbUmuhAjjJOgmURL1uPAT4S%2F3QpRihjdCkY8g9AjC7iK3u9iiEWz5E9xmDSc9uGLKvA93MZA1KsVQOYaKM1TEUBUM1aA%2BkNqFrn4gtSvj4CKHF3m5Hpuiv8cPTNFXGdvLz9jV%2BV3%2BbhtsqdNGGEZcRjyI4igOWiLohO0k6fgtJdqdUPE2HNUgd2m%2B6g6dXMuR08nzLyPmx3D6GIKugpevgFfjTuiDb46jro%2Bd7JFUuXFUJKSVawqTQpoaeXEZxba3p8%2FYS3OO1568CiUes4uAsDVyW%2BNz%2Bpmhr%2B%2BP75iK7d8xlWPfb%2BQFpbTDZ%2F%2FubsELdeXb99V2Zaxcu%2BlG39wQM2NWHn2kXLHOM0lZ37HvVkhKZVeNFYr9sOY%2BUfHt0m2ulDYr8%2FXb76yupblVzpHJJuB08kUbgqbsyo2D%2Bau89mcPZCewZY20XJCSmUDku3D5oucMg9ULHeceqrIe2zBeNDUxaLXQPK7h%2FqPjRb3n7qNvPfDiHrK0xsDWGOgaXI%2FgymfGRW4fv%2F3b8jwQa28ca%2Bvtx9rqr89P6%2Bi0oTqq3etFftSRvh9HMgyDlhJ8OeI9HoZJB4WbyvT0l38AAAD%2F%2FwEAAP%2F%2Fkj7uWWIEAAA%3D
IP 192.243.59.13:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjecthandbaggather.com
FingerprintAA:C3:B2:B7:C4:DC:3B:FA:64:BF:B0:F3:38:ED:6B:B3:B1:27:20:81
ValidityFri, 28 Apr 2023 01:16:44 GMT - Thu, 27 Jul 2023 01:16:43 GMT
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq9dlD%2BplXS%2BCwnhSQSbdnZ5f7kE2rpFg3Ky7it6kuqp68kx1V1PVPT0JHoILssfxP%2Bh8J9mghmX9AxSZeHJByHjKwRyE%2FQNE2bPMJDj6oHnv%2B77v8Hmv66u98oz5KPnp6gdmh7TmS62m33j90yC43linrBw2ht32Z%2B3oesMO3gr8XtN%2Fo%2FGeEltmKfQD3w%2F8oLFKViVmuBQEQdMH5Ue9oNnzm1HYDFoRhvb%2F2pUeHPcgB2fsBZCcPnv0MAKJCbL00U3ltgqTv%2FluWmpeGIuBPPw428pMlSFdlIn1kGSHF9Mw7mT1R5jsYA4MM%2Fh3MKYp8578gTg7vKBEPDg4B401VIZYPodqMIHSExCfQJh7IHnCACFxawNZ%2BuCWsRXfPnf5zJ2yy0%2F%2FAlVTdvn3F5GlD1c0DRt3jS4LMpnDMKlBwwmoP0FeHqPYuQSqjiGKL0HyV7b0dB1Zur%2FhtAHJer480QSUTKDVCNx5KGcfeSgTD2XuIZWnjY6Iul3ZbUmuhAjjJOgmURL1uPAT4S%2F3QpRihjdCkY8g9AjC7iK3u9iiEWz5E9xmDSc9uGLKvA93MZA1KsVQOYaKM1TEUBUM1aA%2BkNqFrn4gtSvj4CKHF3m5Hpuiv8cPTNFXGdvLz9jV%2BV3%2BbhtsqdNGGEZcRjyI4igOWiLohO0k6fgtJdqdUPE2HNUgd2m%2B6g6dXMuR08nzLyPmx3D6GIKugpevgFfjTuiDb46jro%2Bd7JFUuXFUJKSVawqTQpoaeXEZxba3p8%2FYS3OO1568CiUes4uAsDVyW%2BNz%2Bpmhr%2B%2BP75iK7d8xlWPfb%2BQFpbTDZ%2F%2FubsELdeXb99V2Zaxcu%2BlG39wQM2NWHn2kXLHOM0lZ37HvVkhKZVeNFYr9sOY%2BUfHt0m2ulDYr8%2FXb76yupblVzpHJJuB08kUbgqbsyo2D%2Bau89mcPZCewZY20XJCSmUDku3D5oucMg9ULHeceqrIe2zBeNDUxaLXQPK7h%2FqPjRb3n7qNvPfDiHrK0xsDWGOgaXI%2FgymfGRW4fv%2F3b8jwQa28ca%2Bvtx9rqr89P6%2Bi0oTqq3etFftSRvh9HMgyDlhJ8OeI9HoZJB4WbyvT0l38AAAD%2F%2FwEAAP%2F%2Fkj7uWWIEAAA%3D HTTP/1.1
Host: handbaggather.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 May 2023 09:32:58 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a6c161c26cc52ccf3c254ee92e008c55
Strict-Transport-Security: max-age=0; includeSubdomains
notification.tubecup.net/tags?tag_id=46445&timezone_olson=UTC&version_name=a
88.198.136.228204 No Content 0 B URL GET HTTP/2 notification.tubecup.net/tags?tag_id=46445&timezone_olson=UTC&version_name=a
IP 88.198.136.228:443
ASN #24940 Hetzner Online GmbH
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjectnotification.tubecup.net
FingerprintC3:3A:0A:7D:9C:4B:21:97:39:A7:AD:B8:87:47:F1:35:32:D9:84:53
ValidityFri, 28 Apr 2023 11:39:09 GMT - Thu, 27 Jul 2023 11:39:08 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tags?tag_id=46445&timezone_olson=UTC&version_name=a HTTP/1.1
Host: notification.tubecup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx/1.18.0
date: Wed, 24 May 2023 09:32:58 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
handbaggather.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fwindows%2Fbrowser-black%2Findex.html&l=1290&fd=187
192.243.59.13200 OK 0 B URL GET HTTP/1.1 handbaggather.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fwindows%2Fbrowser-black%2Findex.html&l=1290&fd=187
IP 192.243.59.13:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjecthandbaggather.com
FingerprintAA:C3:B2:B7:C4:DC:3B:FA:64:BF:B0:F3:38:ED:6B:B3:B1:27:20:81
ValidityFri, 28 Apr 2023 01:16:44 GMT - Thu, 27 Jul 2023 01:16:43 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fwindows%2Fbrowser-black%2Findex.html&l=1290&fd=187 HTTP/1.1
Host: handbaggather.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 May 2023 09:32:58 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/notifications/vpn/default/us/windows/browser-black/img/close.png
172.64.197.23200 OK 4.0 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/vpn/default/us/windows/browser-black/img/close.png
IP 172.64.197.23:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint88:10:E4:38:7C:46:CF:44:7C:D0:C8:1F:06:39:9F:7E:A5:2E:27:4A
ValidityThu, 27 Apr 2023 15:05:54 GMT - Wed, 26 Jul 2023 15:05:53 GMT
File type PNG image data, 500 x 500, 8-bit gray+alpha, non-interlaced\012- data
Hash 23e9690b0e7ac26868363a6248f44467
d7ad0eae64e0c1e65b12eda0aa9d2b91996dd64f
f362c67320d739ccf3bea21f857b9620075bd20ceacda8c51261b9612fe28395
GET /sb/notifications/vpn/default/us/windows/browser-black/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:58 GMT
content-type: image/png
content-length: 4022
last-modified: Fri, 10 Apr 2020 10:20:20 GMT
etag: "5e904864-fb6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 8575787
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qBm9cGf3Pe%2BBm2Xto8u%2Bjn%2BdpWbsBS5dlVqraJQEY2cidVBV7xuQx1JS5T9vxDQ5fotatR4v0pKzBW8zAWc06ewT2N0nETzk5rcwRPPx81rTXBJFZCUM%2BmIDzakjnhFNqcHytU9SnxtU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc488d3ed5476db-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/vpn/default/us/windows/browser-black/img/icon-green.png
172.64.197.23200 OK 44 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/vpn/default/us/windows/browser-black/img/icon-green.png
IP 172.64.197.23:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint88:10:E4:38:7C:46:CF:44:7C:D0:C8:1F:06:39:9F:7E:A5:2E:27:4A
ValidityThu, 27 Apr 2023 15:05:54 GMT - Wed, 26 Jul 2023 15:05:53 GMT
File type PNG image data, 700 x 709, 8-bit colormap, non-interlaced\012- data
Hash 0729aa7ad6c52977ca308f6d79a9829e
0da869330679bb1d9e153e91c4a3225df5f7462b
de8c5383930955f35e08700071b8074ccbb57dcd0efa3e309df59cb2dbb617e8
GET /sb/notifications/vpn/default/us/windows/browser-black/img/icon-green.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:58 GMT
content-type: image/png
content-length: 44232
last-modified: Tue, 09 Aug 2022 13:20:24 GMT
etag: "62f25f18-acc8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 16400165
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZP7lQLPMKy8mkc7nGN3azZ57hJBB0ge3XbYY4kTLAuFCGJh%2FWAFtTy02sc9Au%2FiTHMY8YMrWLxqoaEM90dRzZg2QYqXL3Z%2FS2S5e%2FlXP%2FGUW0E%2F4w%2BpU5D3zKMr5X2dSPn%2Fm1Ld4GBbw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc488d3fd6376db-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fe16743433.1c9ca7ac71.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI3MjczODY1MDk3MDIyNzkyMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuNDkuMCIsInRhZ19pZCI6NDY0NDUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjMsImluaXRfc3RhcnRfbGF0ZW5jeSI6MS41OCwiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiRGVwb3NpdEZpbGVzJTJDRGVwb3NpdEZpbGVzJTJDcHJvdmlkZXMlMkN5b3UlMkN3aXRoJTJDYSUyQ2xlZ2l0aW1hdGUlMkN0ZWNobmljYWwlMkNzb2x1dGlvbiUyQ3doaWNoJTJDZW5hYmxlcyUyQ3lvdSUyQ3RvJTJDdXBsb2FkJTJDc3RvcmUlMkNhY2Nlc3MlMkNhbmQlMkNkb3dubG9hZCUyQ3RleHQlMkNzb2Z0d2FyZSUyQyUyQ3NjcmlwdHMlMkNpbWFnZXMlMkNzb3VuZHMlMkN2aWRlb3MlMkNhbmltYXRpb25zJTJDYW5kJTJDYW55JTJDb3RoZXIlMkNtYXRlcmlhbHMlMkNpbiUyQ2Zvcm0lMkNvZiUyQ29uZSUyQ29yJTJDc2V2ZXJhbCUyQ2VsZWN0cm9uaWMlMkNmaWxlcy4ifQ==
45.133.44.52200 OK 0 B URL GET HTTP/2 fe16743433.1c9ca7ac71.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI3MjczODY1MDk3MDIyNzkyMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuNDkuMCIsInRhZ19pZCI6NDY0NDUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjMsImluaXRfc3RhcnRfbGF0ZW5jeSI6MS41OCwiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiRGVwb3NpdEZpbGVzJTJDRGVwb3NpdEZpbGVzJTJDcHJvdmlkZXMlMkN5b3UlMkN3aXRoJTJDYSUyQ2xlZ2l0aW1hdGUlMkN0ZWNobmljYWwlMkNzb2x1dGlvbiUyQ3doaWNoJTJDZW5hYmxlcyUyQ3lvdSUyQ3RvJTJDdXBsb2FkJTJDc3RvcmUlMkNhY2Nlc3MlMkNhbmQlMkNkb3dubG9hZCUyQ3RleHQlMkNzb2Z0d2FyZSUyQyUyQ3NjcmlwdHMlMkNpbWFnZXMlMkNzb3VuZHMlMkN2aWRlb3MlMkNhbmltYXRpb25zJTJDYW5kJTJDYW55JTJDb3RoZXIlMkNtYXRlcmlhbHMlMkNpbiUyQ2Zvcm0lMkNvZiUyQ29uZSUyQ29yJTJDc2V2ZXJhbCUyQ2VsZWN0cm9uaWMlMkNmaWxlcy4ifQ==
IP 45.133.44.52:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjectfe16743433.1c9ca7ac71.com
FingerprintEC:CA:80:E9:10:8A:EB:57:D2:AE:2D:31:38:B9:2F:C1:F0:85:27:A8
ValiditySun, 21 May 2023 02:50:32 GMT - Sat, 19 Aug 2023 02:50:31 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI3MjczODY1MDk3MDIyNzkyMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuNDkuMCIsInRhZ19pZCI6NDY0NDUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjMsImluaXRfc3RhcnRfbGF0ZW5jeSI6MS41OCwiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiRGVwb3NpdEZpbGVzJTJDRGVwb3NpdEZpbGVzJTJDcHJvdmlkZXMlMkN5b3UlMkN3aXRoJTJDYSUyQ2xlZ2l0aW1hdGUlMkN0ZWNobmljYWwlMkNzb2x1dGlvbiUyQ3doaWNoJTJDZW5hYmxlcyUyQ3lvdSUyQ3RvJTJDdXBsb2FkJTJDc3RvcmUlMkNhY2Nlc3MlMkNhbmQlMkNkb3dubG9hZCUyQ3RleHQlMkNzb2Z0d2FyZSUyQyUyQ3NjcmlwdHMlMkNpbWFnZXMlMkNzb3VuZHMlMkN2aWRlb3MlMkNhbmltYXRpb25zJTJDYW5kJTJDYW55JTJDb3RoZXIlMkNtYXRlcmlhbHMlMkNpbiUyQ2Zvcm0lMkNvZiUyQ29uZSUyQ29yJTJDc2V2ZXJhbCUyQ2VsZWN0cm9uaWMlMkNmaWxlcy4ifQ== HTTP/1.1
Host: fe16743433.1c9ca7ac71.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:59 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
handbaggather.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fwindows%2Fbrowser-black%2Fjs%2Fscript.js&l=386&fd=203
173.233.137.44200 OK 0 B URL GET HTTP/1.1 handbaggather.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fwindows%2Fbrowser-black%2Fjs%2Fscript.js&l=386&fd=203
IP 173.233.137.44:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjecthandbaggather.com
FingerprintAA:C3:B2:B7:C4:DC:3B:FA:64:BF:B0:F3:38:ED:6B:B3:B1:27:20:81
ValidityFri, 28 Apr 2023 01:16:44 GMT - Thu, 27 Jul 2023 01:16:43 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fwindows%2Fbrowser-black%2Fjs%2Fscript.js&l=386&fd=203 HTTP/1.1
Host: handbaggather.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 May 2023 09:32:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
handbaggather.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fwindows%2Fbrowser-black%2Fcss%2Fanimate.css&l=79245&fd=180
192.243.59.13200 OK 0 B URL GET HTTP/1.1 handbaggather.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fwindows%2Fbrowser-black%2Fcss%2Fanimate.css&l=79245&fd=180
IP 192.243.59.13:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjecthandbaggather.com
FingerprintAA:C3:B2:B7:C4:DC:3B:FA:64:BF:B0:F3:38:ED:6B:B3:B1:27:20:81
ValidityFri, 28 Apr 2023 01:16:44 GMT - Thu, 27 Jul 2023 01:16:43 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fwindows%2Fbrowser-black%2Fcss%2Fanimate.css&l=79245&fd=180 HTTP/1.1
Host: handbaggather.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 May 2023 09:32:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 03:11:48 GMT
expires: Sun, 19 May 2024 03:11:48 GMT
cache-control: public, max-age=31536000
age: 368471
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fp.metricswpsh.com/fp?tag_id=46445
157.90.84.242204 No Content 0 B URL OPTIONS HTTP/1.1 fp.metricswpsh.com/fp?tag_id=46445
IP 157.90.84.242:443
ASN #24940 Hetzner Online GmbH
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjectnotification.tubecup.net
FingerprintC3:3A:0A:7D:9C:4B:21:97:39:A7:AD:B8:87:47:F1:35:32:D9:84:53
ValidityFri, 28 Apr 2023 11:39:09 GMT - Thu, 27 Jul 2023 11:39:08 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=46445 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Wed, 24 May 2023 09:32:59 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://dfiles.eu
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 07:44:41 GMT
expires: Sun, 19 May 2024 07:44:41 GMT
cache-control: public, max-age=31536000
age: 352098
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/vpn/default/us/windows/browser-black/css/animate.css
172.64.197.23200 OK 4.8 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/vpn/default/us/windows/browser-black/css/animate.css
IP 172.64.197.23:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint88:10:E4:38:7C:46:CF:44:7C:D0:C8:1F:06:39:9F:7E:A5:2E:27:4A
ValidityThu, 27 Apr 2023 15:05:54 GMT - Wed, 26 Jul 2023 15:05:53 GMT
Hash 80047eaa13ebd50c50e8a9753621e430
9c503e07d130572a0eaf51f7c02cbd4cf6213fe3
3f831a59615f8d5d40b4340b2836f91438c876f8dbce75f78e38360d6fe0f429
GET /sb/notifications/vpn/default/us/windows/browser-black/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:58 GMT
content-type: text/css
last-modified: Fri, 10 Apr 2020 10:20:18 GMT
etag: W/"5e904862-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 383344
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHA4lvm%2BSQTbthHTo05uRWFD9%2B2Iouaj0wMHvml0k7cYNjG%2B6N9QHiDaIFxWlkzn%2BEJwtZQFUOdnDBs%2FRzKIFeKPUM9vnNWwnTLXdkJPCPnp2eBXU2lfDARxvpk5fOtcwoCQ39gyWnTX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc488d3bd0e76db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
handbaggather.com/pixel/sbs?c=1
192.243.59.13200 OK 0 B URL GET HTTP/1.1 handbaggather.com/pixel/sbs?c=1
IP 192.243.59.13:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjecthandbaggather.com
FingerprintAA:C3:B2:B7:C4:DC:3B:FA:64:BF:B0:F3:38:ED:6B:B3:B1:27:20:81
ValidityFri, 28 Apr 2023 01:16:44 GMT - Thu, 27 Jul 2023 01:16:43 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: handbaggather.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 May 2023 09:32:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fp.metricswpsh.com/fp?tag_id=46445
157.90.84.242204 No Content 27 B URL OPTIONS HTTP/1.1 fp.metricswpsh.com/fp?tag_id=46445
IP 157.90.84.242:443
ASN #24940 Hetzner Online GmbH
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjectnotification.tubecup.net
FingerprintC3:3A:0A:7D:9C:4B:21:97:39:A7:AD:B8:87:47:F1:35:32:D9:84:53
ValidityFri, 28 Apr 2023 11:39:09 GMT - Thu, 27 Jul 2023 11:39:08 GMT
File type JSON data\012- , ASCII text
Hash c4bea7951aaa542768f63f72d171ff83
7f57b3ce5d3a9bb0a15c32b34745b0214710e185
d4fbb24457a99cbf28127e8a416979ca0f2ab97c64a59b8d38760c40d4934756
POST /fp?tag_id=46445 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 23168
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 24 May 2023 09:32:59 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 27
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://dfiles.eu
Set-Cookie: id=4454350345273989363; Expires=Thu, 23 May 2024 09:32:59 GMT; Secure; SameSite=None
Vary: Origin
handbaggather.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq9dlD%2BplXS%2BCwnhSQSbdnZ5f7kE2rpFg3Ky7it6kuqp68kx1V1PVPT0JHoILssfxP%2Bh8J9mghmX9AxSZeHJByHjKwRyE%2FQNE2bPMJDj6oHnv%2B77v8Hmv66u98oz5KPnp6gdmh7TmS62m33j90yC43linrBw2ht32Z%2B3oesMO3gr8XtN%2Fo%2FGeEltmKfQD3w%2F8oLFKViVmuBQEQdMH5Ue9oNnzm1HYDFoRhvb%2F2pUeHPcgB2fsBZCcPnv0MAKJCbL00U3ltgqTv%2FluWmpeGIuBPPw428pMlSFdlIn1kGSHF9Mw7mT1R5jsYA4MM%2Fh3MKYp8578gTg7vKBEPDg4B401VIZYPodqMIHSExCfQJh7IHnCACFxawNZ%2BuCWsRXfPnf5zJ2yy0%2F%2FAlVTdvn3F5GlD1c0DRt3jS4LMpnDMKlBwwmoP0FeHqPYuQSqjiGKL0HyV7b0dB1Zur%2FhtAHJer480QSUTKDVCNx5KGcfeSgTD2XuIZWnjY6Iul3ZbUmuhAjjJOgmURL1uPAT4S%2F3QpRihjdCkY8g9AjC7iK3u9iiEWz5E9xmDSc9uGLKvA93MZA1KsVQOYaKM1TEUBUM1aA%2BkNqFrn4gtSvj4CKHF3m5Hpuiv8cPTNFXGdvLz9jV%2BV3%2BbhtsqdNGGEZcRjyI4igOWiLohO0k6fgtJdqdUPE2HNUgd2m%2B6g6dXMuR08nzLyPmx3D6GIKugpevgFfjTuiDb46jro%2Bd7JFUuXFUJKSVawqTQpoaeXEZxba3p8%2FYS3OO1568CiUes4uAsDVyW%2BNz%2Bpmhr%2B%2BP75iK7d8xlWPfb%2BQFpbTDZ%2F%2FubsELdeXb99V2Zaxcu%2BlG39wQM2NWHn2kXLHOM0lZ37HvVkhKZVeNFYr9sOY%2BUfHt0m2ulDYr8%2FXb76yupblVzpHJJuB08kUbgqbsyo2D%2Bau89mcPZCewZY20XJCSmUDku3D5oucMg9ULHeceqrIe2zBeNDUxaLXQPK7h%2FqPjRb3n7qNvPfDiHrK0xsDWGOgaXI%2FgymfGRW4fv%2F3b8jwQa28ca%2Bvtx9rqr89P6%2Bi0IYSveBB3AqWkai0LEbVFN24ny1FHdVuyhcJNZXr6yz8AAAD%2F%2FwEAAP%2F%2FbRlGSWIEAAA%3D
173.233.137.44200 OK 7 B URL GET HTTP/1.1 handbaggather.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq9dlD%2BplXS%2BCwnhSQSbdnZ5f7kE2rpFg3Ky7it6kuqp68kx1V1PVPT0JHoILssfxP%2Bh8J9mghmX9AxSZeHJByHjKwRyE%2FQNE2bPMJDj6oHnv%2B77v8Hmv66u98oz5KPnp6gdmh7TmS62m33j90yC43linrBw2ht32Z%2B3oesMO3gr8XtN%2Fo%2FGeEltmKfQD3w%2F8oLFKViVmuBQEQdMH5Ue9oNnzm1HYDFoRhvb%2F2pUeHPcgB2fsBZCcPnv0MAKJCbL00U3ltgqTv%2FluWmpeGIuBPPw428pMlSFdlIn1kGSHF9Mw7mT1R5jsYA4MM%2Fh3MKYp8578gTg7vKBEPDg4B401VIZYPodqMIHSExCfQJh7IHnCACFxawNZ%2BuCWsRXfPnf5zJ2yy0%2F%2FAlVTdvn3F5GlD1c0DRt3jS4LMpnDMKlBwwmoP0FeHqPYuQSqjiGKL0HyV7b0dB1Zur%2FhtAHJer480QSUTKDVCNx5KGcfeSgTD2XuIZWnjY6Iul3ZbUmuhAjjJOgmURL1uPAT4S%2F3QpRihjdCkY8g9AjC7iK3u9iiEWz5E9xmDSc9uGLKvA93MZA1KsVQOYaKM1TEUBUM1aA%2BkNqFrn4gtSvj4CKHF3m5Hpuiv8cPTNFXGdvLz9jV%2BV3%2BbhtsqdNGGEZcRjyI4igOWiLohO0k6fgtJdqdUPE2HNUgd2m%2B6g6dXMuR08nzLyPmx3D6GIKugpevgFfjTuiDb46jro%2Bd7JFUuXFUJKSVawqTQpoaeXEZxba3p8%2FYS3OO1568CiUes4uAsDVyW%2BNz%2Bpmhr%2B%2BP75iK7d8xlWPfb%2BQFpbTDZ%2F%2FubsELdeXb99V2Zaxcu%2BlG39wQM2NWHn2kXLHOM0lZ37HvVkhKZVeNFYr9sOY%2BUfHt0m2ulDYr8%2FXb76yupblVzpHJJuB08kUbgqbsyo2D%2Bau89mcPZCewZY20XJCSmUDku3D5oucMg9ULHeceqrIe2zBeNDUxaLXQPK7h%2FqPjRb3n7qNvPfDiHrK0xsDWGOgaXI%2FgymfGRW4fv%2F3b8jwQa28ca%2Bvtx9rqr89P6%2Bi0IYSveBB3AqWkai0LEbVFN24ny1FHdVuyhcJNZXr6yz8AAAD%2F%2FwEAAP%2F%2FbRlGSWIEAAA%3D
IP 173.233.137.44:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjecthandbaggather.com
FingerprintAA:C3:B2:B7:C4:DC:3B:FA:64:BF:B0:F3:38:ED:6B:B3:B1:27:20:81
ValidityFri, 28 Apr 2023 01:16:44 GMT - Thu, 27 Jul 2023 01:16:43 GMT
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq9dlD%2BplXS%2BCwnhSQSbdnZ5f7kE2rpFg3Ky7it6kuqp68kx1V1PVPT0JHoILssfxP%2Bh8J9mghmX9AxSZeHJByHjKwRyE%2FQNE2bPMJDj6oHnv%2B77v8Hmv66u98oz5KPnp6gdmh7TmS62m33j90yC43linrBw2ht32Z%2B3oesMO3gr8XtN%2Fo%2FGeEltmKfQD3w%2F8oLFKViVmuBQEQdMH5Ue9oNnzm1HYDFoRhvb%2F2pUeHPcgB2fsBZCcPnv0MAKJCbL00U3ltgqTv%2FluWmpeGIuBPPw428pMlSFdlIn1kGSHF9Mw7mT1R5jsYA4MM%2Fh3MKYp8578gTg7vKBEPDg4B401VIZYPodqMIHSExCfQJh7IHnCACFxawNZ%2BuCWsRXfPnf5zJ2yy0%2F%2FAlVTdvn3F5GlD1c0DRt3jS4LMpnDMKlBwwmoP0FeHqPYuQSqjiGKL0HyV7b0dB1Zur%2FhtAHJer480QSUTKDVCNx5KGcfeSgTD2XuIZWnjY6Iul3ZbUmuhAjjJOgmURL1uPAT4S%2F3QpRihjdCkY8g9AjC7iK3u9iiEWz5E9xmDSc9uGLKvA93MZA1KsVQOYaKM1TEUBUM1aA%2BkNqFrn4gtSvj4CKHF3m5Hpuiv8cPTNFXGdvLz9jV%2BV3%2BbhtsqdNGGEZcRjyI4igOWiLohO0k6fgtJdqdUPE2HNUgd2m%2B6g6dXMuR08nzLyPmx3D6GIKugpevgFfjTuiDb46jro%2Bd7JFUuXFUJKSVawqTQpoaeXEZxba3p8%2FYS3OO1568CiUes4uAsDVyW%2BNz%2Bpmhr%2B%2BP75iK7d8xlWPfb%2BQFpbTDZ%2F%2FubsELdeXb99V2Zaxcu%2BlG39wQM2NWHn2kXLHOM0lZ37HvVkhKZVeNFYr9sOY%2BUfHt0m2ulDYr8%2FXb76yupblVzpHJJuB08kUbgqbsyo2D%2Bau89mcPZCewZY20XJCSmUDku3D5oucMg9ULHeceqrIe2zBeNDUxaLXQPK7h%2FqPjRb3n7qNvPfDiHrK0xsDWGOgaXI%2FgymfGRW4fv%2F3b8jwQa28ca%2Bvtx9rqr89P6%2Bi0IYSveBB3AqWkai0LEbVFN24ny1FHdVuyhcJNZXr6yz8AAAD%2F%2FwEAAP%2F%2FbRlGSWIEAAA%3D HTTP/1.1
Host: handbaggather.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 May 2023 09:32:59 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1ebc8675ad587ed1578d65ef58916968
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=ed70feaa-4a44-4eb2-8cc3-ec5849860a76&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9
192.243.59.20200 OK 1 B URL GET HTTP/1.1 unseenreport.com/pxf.gif?uuid=ed70feaa-4a44-4eb2-8cc3-ec5849860a76&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9
IP 192.243.59.20:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint33:54:5C:58:7C:8E:75:EE:DF:A0:8C:41:D3:AC:1B:BF:B6:66:28:EC
ValidityMon, 27 Mar 2023 07:09:08 GMT - Sun, 25 Jun 2023 07:09:07 GMT
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=ed70feaa-4a44-4eb2-8cc3-ec5849860a76&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 May 2023 09:32:59 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: df240415cc55ef669b58b5a1e9a04e27
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=ed70feaa-4a44-4eb2-8cc3-ec5849860a76&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9
192.243.59.20200 OK 1 B URL GET HTTP/1.1 unseenreport.com/pxf.gif?uuid=ed70feaa-4a44-4eb2-8cc3-ec5849860a76&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9
IP 192.243.59.20:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint33:54:5C:58:7C:8E:75:EE:DF:A0:8C:41:D3:AC:1B:BF:B6:66:28:EC
ValidityMon, 27 Mar 2023 07:09:08 GMT - Sun, 25 Jun 2023 07:09:07 GMT
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=ed70feaa-4a44-4eb2-8cc3-ec5849860a76&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 May 2023 09:32:59 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 95376e1ecc67ec70b3eba1cd32db2150
Strict-Transport-Security: max-age=0; includeSubdomains
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.227200 OK 24 kB URL GET HTTP/3 fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.227:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 May 2023 04:04:41 GMT
expires: Fri, 17 May 2024 04:04:41 GMT
cache-control: public, max-age=31536000
age: 538099
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
172.67.75.241 268 B URL script.4dex.io/localstore.js
IP 172.67.75.241:0
File type ASCII text, with very long lines (482)
Hash 922cffdd75f7192f75231d92684885aa
48ae21017844de388e0a32206a2691fa4c109669
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 May 2023 09:33:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 1343821
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgudk%2FFfN7q0mlz2TdJMg%2FWJ7PB%2BnpsKngxCLWF6EmXkYnhnRgg6s3BTGlNwCfldSCH0wy06C7pqJGuf0%2BUB2Os4buF2pjUrTfayDqBiSizY%2BFF0oiMtxHbSobZubCJN"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7cc488e0eae3b4ff-OSL
Content-Encoding: br
script.4dex.io/adagio.js
172.67.75.241 23 kB IP 172.67.75.241:0
File type ASCII text, with very long lines (65354)
Hash c56b6332dacf72f135afcd153ae22448
78efc5939cc29a3e9ca16fadfbd26e7057fd27fd
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 May 2023 09:33:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Vary: Origin, Accept-Encoding
Access-Control-Expose-Headers:
CF-Cache-Status: HIT
Age: 103269
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWRjlGVcM0JXBcp56IYCnXEQAjUPT6aQFwq5cT9uI8kgQp5PFSI2L4tgfdiCjg2R8CX55K1B0GnPVLSr2506xvPmY0vUXmkcGICmhTYgyKQOXMmO47hzvOz%2BtbICiZFp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7cc488e19911b517-OSL
Content-Encoding: br
prebid.a-mo.net/a/c
147.75.84.158 0 B IP 147.75.84.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1288
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://dfiles.eu
cache-control: max-age=0, private, must-revalidate
date: Wed, 24 May 2023 09:33:00 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2
ex.ingage.tech/v1/openrtb
172.67.41.84 0 B URL ex.ingage.tech/v1/openrtb
IP 172.67.41.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/openrtb HTTP/1.1
Host: ex.ingage.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Wed, 24 May 2023 09:33:01 GMT
content-length: 0
vary: Origin, Access-Control-Request-Headers
access-control-allow-origin: https://dfiles.eu
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: content-type
access-control-max-age: 3600
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7cc488e15aadb521-OSL
X-Firefox-Spdy: h2
bs.yandex.ru/metadsp/2360912?imp-id=1&target-ref=dfiles.eu&ssp-id=10500
213.180.193.90 0 B URL bs.yandex.ru/metadsp/2360912?imp-id=1&target-ref=dfiles.eu&ssp-id=10500
IP 213.180.193.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /metadsp/2360912?imp-id=1&target-ref=dfiles.eu&ssp-id=10500 HTTP/1.1
Host: bs.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 191
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
content-length: 0
timing-allow-origin: *
uniformat: true
date: Wed, 24 May 2023 09:33:01 GMT
access-control-allow-origin: https://dfiles.eu
access-control-allow-credentials: true
pragma: no-cache
uniformat-product-type: None
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
expires: Wed, 24 May 2023 09:33:01 GMT
last-modified: Wed, 24 May 2023 09:33:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato&display=swap
142.250.74.74200 OK 395 B URL GET HTTP/3 fonts.googleapis.com/css?family=Lato&display=swap
IP 142.250.74.74:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
Hash 1b153c2fc84ffd73fb27c86cd336340e
da0bb89c76d57633387218997f3fc77177362a32
26cf883ab9c162417b017cf8349395848d3c41f7f450a352ba34dd9bd2c9e939
GET /css?family=Lato&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 May 2023 09:33:00 GMT
date: Wed, 24 May 2023 09:33:00 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.227200 OK 24 kB URL GET HTTP/3 fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.227:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 May 2023 04:04:41 GMT
expires: Fri, 17 May 2024 04:04:41 GMT
cache-control: public, max-age=31536000
age: 538101
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
api.purpleads.io/x/v2/f?pid=1cec1e2cca304d63b01ec8a66850a56d&demand=unifiedPb&ts=1684920781172
3.229.139.30200 OK 9.1 kB URL OPTIONS HTTP/2 api.purpleads.io/x/v2/f?pid=1cec1e2cca304d63b01ec8a66850a56d&demand=unifiedPb&ts=1684920781172
IP 3.229.139.30:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerAmazon
Subject*.purpleads.io
Fingerprint2C:07:41:61:C9:75:ED:6A:72:5B:30:CE:B3:18:1C:47:DB:07:BF:D4
ValidityFri, 24 Feb 2023 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (1399), with no line terminators
Hash d305613e306a1404a4e0ea179eaeba92
7ddcb91da7c5aca1576514115b682aae92c71c41
ea6a9c9a06b598d2a90348f64cd9e240cb719ffaf1d8a9a44a88ec6504e568ab
GET /x/v2/f?pid=1cec1e2cca304d63b01ec8a66850a56d&demand=unifiedPb&ts=1684920781172 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Content-Type: application/json
x-purpleads-version: 2.0.2
x-request-url: aHR0cHM6Ly9kZmlsZXMuZXUvZmlsZXMvN3NhZjlvcGV5
Authorization: Bearer 64df4768ef6a3d343387f03963cc6d27:a3fc5ba00d8a1e88f69e3c15e8e8c501507f1b2063b64e48a97000a1c4480fda350894047ca3535d3ce8fc5253d0214840300a723dc6ecae38a57d550d5ed683
pa-user-id: 6203c5ba-dec5-4980-9789-1968b282642f
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 May 2023 09:33:01 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dfiles.eu
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
etag: W/"577-fdy5HafFrKFXZRQRW2gqrpLHHEE"
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
api.purpleads.io/x/a/d12b304a400de0ac74137df0c2cdaaeb:0d55315a6acdd9ab966c1f0b3f3b8fb93c164cdfce9afcf6cafe0c69c8f95abde6c901302d849099f4c7af309067cc520427ff6b07edc21d1500d23e5fd0738bc0afdbab465460e0fa967416756b8696835435b176963757cdd3d1b6cc929180/i?id=783fa665-7ee6-4308-98c1-a1befba607e3
3.229.139.30204 No Content 0 B URL GET HTTP/2 api.purpleads.io/x/a/d12b304a400de0ac74137df0c2cdaaeb:0d55315a6acdd9ab966c1f0b3f3b8fb93c164cdfce9afcf6cafe0c69c8f95abde6c901302d849099f4c7af309067cc520427ff6b07edc21d1500d23e5fd0738bc0afdbab465460e0fa967416756b8696835435b176963757cdd3d1b6cc929180/i?id=783fa665-7ee6-4308-98c1-a1befba607e3
IP 3.229.139.30:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerAmazon
Subject*.purpleads.io
Fingerprint2C:07:41:61:C9:75:ED:6A:72:5B:30:CE:B3:18:1C:47:DB:07:BF:D4
ValidityFri, 24 Feb 2023 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/a/d12b304a400de0ac74137df0c2cdaaeb:0d55315a6acdd9ab966c1f0b3f3b8fb93c164cdfce9afcf6cafe0c69c8f95abde6c901302d849099f4c7af309067cc520427ff6b07edc21d1500d23e5fd0738bc0afdbab465460e0fa967416756b8696835435b176963757cdd3d1b6cc929180/i?id=783fa665-7ee6-4308-98c1-a1befba607e3 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Wed, 24 May 2023 09:33:03 GMT
access-control-allow-origin: api.purpleads.io
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
X-Firefox-Spdy: h2
log.outbrainimg.com/loggerServices/log-viewability?requestId=9dfe4910846fcea049ff70e774f7ffbd&position=0
64.202.112.63200 OK 4 B URL GET HTTP/1.1 log.outbrainimg.com/loggerServices/log-viewability?requestId=9dfe4910846fcea049ff70e774f7ffbd&position=0
IP 64.202.112.63:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerDigiCert Inc
Subject*.outbrainimg.com
Fingerprint20:D2:F0:B3:C3:92:99:66:27:4F:78:12:57:9F:4D:C0:BF:9A:8F:C4
ValidityTue, 14 Mar 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
GET /loggerServices/log-viewability?requestId=9dfe4910846fcea049ff70e774f7ffbd&position=0 HTTP/1.1
Host: log.outbrainimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 May 2023 09:33:03 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 4
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
X-TraceId: 68550bf68417293a02423205f02ff9c0
log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=9dfe4910846fcea049ff70e774f7ffbd&pvId=9dfe4910846fcea049ff70e774f7ffbd&sid=10054537&pid=45718&idx=0&wId=140&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent
64.202.112.63200 OK 4 B URL GET HTTP/1.1 log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=9dfe4910846fcea049ff70e774f7ffbd&pvId=9dfe4910846fcea049ff70e774f7ffbd&sid=10054537&pid=45718&idx=0&wId=140&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent
IP 64.202.112.63:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerDigiCert Inc
Subject*.outbrainimg.com
Fingerprint20:D2:F0:B3:C3:92:99:66:27:4F:78:12:57:9F:4D:C0:BF:9A:8F:C4
ValidityTue, 14 Mar 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
GET /loggerServices/widgetGlobalEvent?rId=9dfe4910846fcea049ff70e774f7ffbd&pvId=9dfe4910846fcea049ff70e774f7ffbd&sid=10054537&pid=45718&idx=0&wId=140&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent HTTP/1.1
Host: log.outbrainimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 May 2023 09:33:03 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 4
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
X-TraceId: 4184b4e33cd373336a9e692378a5f9d8
jsc.mgid.com/d/e/depositfiles.com.3334.js
104.19.135.78200 OK 2.7 kB URL GET HTTP/2 jsc.mgid.com/d/e/depositfiles.com.3334.js
IP 104.19.135.78:443
Requested by https://adsbb.dfiles.eu/upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint44:BF:9D:AD:98:A7:1A:F2:1D:18:EF:4E:3E:BE:C0:D8:28:4D:9F:04
ValidityTue, 11 Apr 2023 00:00:00 GMT - Wed, 10 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (2719), with no line terminators
Hash 3fd1ae914f0a572223944130fdc3bd24
eacd03011488084c5fc0c4d1cc043045a914deac
8bb4689fb6998c6fb9addf74c8eebfdc3df24bfb1d1e53a74260081e575e5858
GET /d/e/depositfiles.com.3334.js HTTP/1.1
Host: jsc.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:57 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=2682
etag: W/"dc4a6a72287fc2c12d0a694c456249a5"
last-modified: Thu, 11 May 2023 07:52:34 GMT
x-amz-id-2: wf7rOHIB8wOFVPKVqSi1BYgQdLnc13saXsO5GL0HBWPwFu1o5ge2dwoXEYiwpfKxO7WOD1o0RMk=
x-amz-request-id: TDY2VSJSHQHN6445
x-amz-server-side-encryption: AES256
x-amz-version-id: gNGWYSrdgKjFIAUHdjefF0xeI2yJMdjT
cf-cache-status: HIT
age: 10
expires: Wed, 24 May 2023 12:32:57 GMT
cache-control: public, max-age=10800
set-cookie: __cf_bm=SlESVjENE3EXc4f0hXCPq0FGYM2ECu.bcI7WVnnd.1Y-1684920777-0-AVNATlVYbRqPlerjrkf46K5VteAUxUdJRizbrYeAkYSsc7eElFqxzpJ0MYOHA9wmfqxarL3VAVU6PmCBeVTpsVU=; path=/; expires=Wed, 24-May-23 10:02:57 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc488cc7a561c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.depositfiles.com/images/sprite16.png
91.226.124.81200 OK 28 kB URL GET HTTP/1.1 static.depositfiles.com/images/sprite16.png
IP 91.226.124.81:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint90:44:8D:18:D5:0B:6D:4B:AA:47:FB:C3:D9:B4:43:28:E2:A9:58:14
ValidityMon, 27 Feb 2023 10:18:03 GMT - Sun, 28 May 2023 10:18:02 GMT
File type PNG image data, 32 x 1072, 8-bit/color RGBA, non-interlaced\012- data
Hash 2e86fe2d2c2650c5f4663f0fc135ebc1
ba86e14a9abcff0581eda84a307594ef1288b982
604187f8828381a47ae70249f55f21c78c53ab1401d20a5f2230a0d6c9ae50d1
GET /images/sprite16.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: image/png
Content-Length: 28501
Last-Modified: Tue, 26 Apr 2022 10:45:42 GMT
Connection: keep-alive
ETag: "6267cd56-6f55"
Accept-Ranges: bytes
friendshipmale.com/sfp.js
104.21.234.93200 OK 86 kB URL GET HTTP/2 friendshipmale.com/sfp.js
IP 104.21.234.93:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:57 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 30b3e1102c19c6a9e03d69e2f8a2c8f5
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 24 May 2023 09:32:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyeCxb1SyI5A4OU8Otw6TZSTSYTS7YLzBQif%2Fpnf8hdYFpHb0o0x5sGJjIYWbPUJFbgZ4mlMIC7xk%2BnVFPMrh%2FAUWe136%2B2lK0NwRgL7aFqpSrNXFHR476KJ1G%2BT%2FUbSpLtQs3I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc488c94ff124ea-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.pubfuture-ad.com/v2/config/645b13aa2bbd92003f72bf8a?v=6&d=b3RoZXJz&ip=OTEuOTAuNDIuMTU0&c=&cc=Tk8=&s=ZGZpbGVzLmV1L2ZpbGVzLzdzYWY5b3BleQ==
104.26.1.97200 OK 466 B URL GET HTTP/2 cdn.pubfuture-ad.com/v2/config/645b13aa2bbd92003f72bf8a?v=6&d=b3RoZXJz&ip=OTEuOTAuNDIuMTU0&c=&cc=Tk8=&s=ZGZpbGVzLmV1L2ZpbGVzLzdzYWY5b3BleQ==
IP 104.26.1.97:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA4:70:A9:B9:AC:49:1E:53:23:43:41:25:CD:10:7C:01:2E:87:01:01
ValidityTue, 07 Feb 2023 00:00:00 GMT - Tue, 06 Feb 2024 23:59:59 GMT
File type HTML document text\012- troff or preprocessor input, ASCII text, with very long lines (506), with no line terminators
Hash 46d6a279ed0c6af60678f0a09c202f89
4e0160faaa294fc142665fe766c6e7dd456e410e
fcffad7fd6d1eb1fdcc362a4392ea8302c836108d3f004a97611b0fedb7bf83e
GET /v2/config/645b13aa2bbd92003f72bf8a?v=6&d=b3RoZXJz&ip=OTEuOTAuNDIuMTU0&c=&cc=Tk8=&s=ZGZpbGVzLmV1L2ZpbGVzLzdzYWY5b3BleQ== HTTP/1.1
Host: cdn.pubfuture-ad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:58 GMT
content-type: application/json; charset=utf-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
access-control-allow-origin: *
etag: W/"1d2-3F/O2YfTCSHzwaBOO6iIIw6CFEY"
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQdxdMduGZiuz0EvzTvCWPhd9yOaXGPLv5hIS5AIhcZIKVVO4R3sq%2Fo5n009JRCu3Ve3JOUpHGGSxEt%2Fw31VlA1VurKaXhBBWJSJGjhqSoAenLg51PlJ1OYhDnE92n96MHhjMAvF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cc488d1bcf6b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/vpn/default/us/windows/browser-black/js/script.js
172.64.197.23200 OK 386 B URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/vpn/default/us/windows/browser-black/js/script.js
IP 172.64.197.23:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint88:10:E4:38:7C:46:CF:44:7C:D0:C8:1F:06:39:9F:7E:A5:2E:27:4A
ValidityThu, 27 Apr 2023 15:05:54 GMT - Wed, 26 Jul 2023 15:05:53 GMT
File type ASCII text, with very long lines (399), with no line terminators
Hash 022602a468da44628060800173771da2
9be813fbfebbcb2aa46d8c6b8abec68b3d16c89c
6742c376e658c34d09b2dc5772bd798e3cd52bb265758bac5bce184f8ee7b5cc
GET /sb/notifications/vpn/default/us/windows/browser-black/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:58 GMT
content-type: application/javascript
last-modified: Fri, 10 Apr 2020 10:20:22 GMT
etag: W/"5e904866-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 72854
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=liiaZB8YWXREHZ%2BNyenRsvrEIx3FWYn6HU0ien8gLvnZyyE1tkxtnronRiHmquC5W7rTRr0ptRF5FELVfb6YEBpZvGt6HRX4QKA%2BU3%2Bi3rKutq2Yc2QvRyaWuwc1yE%2FhhYIuLq8z8GdH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc488d3ed4a76db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.wpshsdk.com/npc/sdk/push.m.js?v=1
45.133.44.53200 OK 67 kB URL GET HTTP/2 js.wpshsdk.com/npc/sdk/push.m.js?v=1
IP 45.133.44.53:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjectjs.wpshsdk.com
Fingerprint78:77:A4:19:CC:0D:15:24:69:96:1B:44:C9:A0:4D:0B:B7:C0:F2:D8
ValidityMon, 27 Mar 2023 02:06:36 GMT - Sun, 25 Jun 2023 02:06:35 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npc/sdk/push.m.js?v=1 HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:58 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 05 Apr 2023 13:10:08 GMT
etag: W/"642d7330-1054e"
content-encoding: gzip
expires: Wed, 24 May 2023 09:37:58 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/notifications/vpn/default/us/windows/browser-black/index.html
45.133.44.3200 OK 1.3 kB URL GET HTTP/2 cdn.barscreative1.com/sb/notifications/vpn/default/us/windows/browser-black/index.html
IP 45.133.44.3:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjectcdn.barscreative1.com
Fingerprint0B:AE:8A:C0:29:EA:B0:86:29:66:F6:7E:76:63:66:57:38:88:FC:E6
ValidityMon, 15 May 2023 04:01:53 GMT - Sun, 13 Aug 2023 04:01:52 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (1363), with no line terminators
Hash 1a5b426d37981c2561c0c410a17093c4
12037df29848b566b7eba7e7754b4bc437f1bc2d
fdebeae754a9d41224feae1556750e43b1a6cf897948cae57a3f14120ddf00bb
GET /sb/notifications/vpn/default/us/windows/browser-black/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:58 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 10 Apr 2020 10:20:16 GMT
etag: W/"5e904860-50a"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Wed, 24 May 2023 10:32:58 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
images.outbrainimg.com/transform/v3/eyJpdSI6IjkwNWNkNGVkNWMwNWMwM2MzZmQ4ZGVhODFjOGU2NGU1NTJhMDVjYzRjY2Y0Y2YyOTU5ODBiM2U5NmYwMzE1N2MiLCJ3IjoxODAsImgiOjE2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
2.18.173.172200 OK 8.4 kB URL GET HTTP/2 images.outbrainimg.com/transform/v3/eyJpdSI6IjkwNWNkNGVkNWMwNWMwM2MzZmQ4ZGVhODFjOGU2NGU1NTJhMDVjYzRjY2Y0Y2YyOTU5ODBiM2U5NmYwMzE1N2MiLCJ3IjoxODAsImgiOjE2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
IP 2.18.173.172:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerDigiCert Inc
Subject*.outbrainimg.com
Fingerprint4F:05:15:71:93:78:ED:64:53:30:81:ED:DA:9C:FE:4F:7B:F9:41:BE
ValidityThu, 02 Mar 2023 00:00:00 GMT - Sat, 02 Mar 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 270x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 597d4bb2fe3eeb3a3ede30364e325d05
68c37879eb512d455b932d44482fab6b3e08db35
aaf4465e5c640fff48ce806fdbfbe491c350eff368d1b340518f8e472ccd32aa
GET /transform/v3/eyJpdSI6IjkwNWNkNGVkNWMwNWMwM2MzZmQ4ZGVhODFjOGU2NGU1NTJhMDVjYzRjY2Y0Y2YyOTU5ODBiM2U5NmYwMzE1N2MiLCJ3IjoxODAsImgiOjE2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp HTTP/1.1
Host: images.outbrainimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/webp
content-length: 8370
last-modified: Sat, 29 Apr 2023 10:51:56 GMT
x-traceid: 06a2d2bae4e8c9f25785936b8b83eb89
cache-control: max-age=487352
date: Wed, 24 May 2023 09:33:03 GMT
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
timing-allow-origin: *, *
X-Firefox-Spdy: h2
js.wpadmngr.com/static/adManager.m.js
45.133.44.52200 OK 158 kB URL GET HTTP/2 js.wpadmngr.com/static/adManager.m.js
IP 45.133.44.52:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjectjs.wpadmngr.com
FingerprintA9:7C:F8:A4:B8:B3:E3:98:76:72:9E:0B:4A:FB:FB:39:D4:F4:54:3D
ValidityTue, 16 May 2023 02:02:19 GMT - Mon, 14 Aug 2023 02:02:18 GMT
Size 158 kB (158096 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:57 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 19 May 2023 08:16:51 GMT
etag: W/"64673073-26990"
content-encoding: gzip
expires: Wed, 24 May 2023 09:37:57 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
api.purpleads.io/x/v2/f?pid=1cec1e2cca304d63b01ec8a66850a56d&ts=1684920778790
3.229.139.30200 OK 0 B URL OPTIONS HTTP/2 api.purpleads.io/x/v2/f?pid=1cec1e2cca304d63b01ec8a66850a56d&ts=1684920778790
IP 3.229.139.30:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerAmazon
Subject*.purpleads.io
Fingerprint2C:07:41:61:C9:75:ED:6A:72:5B:30:CE:B3:18:1C:47:DB:07:BF:D4
ValidityFri, 24 Feb 2023 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /x/v2/f?pid=1cec1e2cca304d63b01ec8a66850a56d&ts=1684920778790 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:59 GMT
access-control-allow-origin: https://dfiles.eu
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-max-age: 86400
X-Firefox-Spdy: h2
api.purpleads.io/x/v2/f?pid=1cec1e2cca304d63b01ec8a66850a56d&ts=1684920778790
3.229.139.30200 OK 2.8 kB URL GET HTTP/2 api.purpleads.io/x/v2/f?pid=1cec1e2cca304d63b01ec8a66850a56d&ts=1684920778790
IP 3.229.139.30:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerAmazon
Subject*.purpleads.io
Fingerprint2C:07:41:61:C9:75:ED:6A:72:5B:30:CE:B3:18:1C:47:DB:07:BF:D4
ValidityFri, 24 Feb 2023 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- troff or preprocessor input, ASCII text, with very long lines (2948), with no line terminators
Hash 2476abf76bff28b922ae404ea2ea5b18
42d8da025e375c1c4419791dafe82ab594558946
18c4ea965f2fa27f9af3ffe4f95064da0be9d32862083e6d38d701d5431fdcfe
GET /x/v2/f?pid=1cec1e2cca304d63b01ec8a66850a56d&ts=1684920778790 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Content-Type: application/json
x-purpleads-version: 2.0.2
x-request-url: aHR0cHM6Ly9kZmlsZXMuZXUvZmlsZXMvN3NhZjlvcGV5
Authorization: Bearer 64df4768ef6a3d343387f03963cc6d27:a3fc5ba00d8a1e88f69e3c15e8e8c501507f1b2063b64e48a97000a1c4480fda350894047ca3535d3ce8fc5253d0214840300a723dc6ecae38a57d550d5ed683
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:59 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dfiles.eu
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
set-cookie: pa-user-id=6203c5ba-dec5-4980-9789-1968b282642f; Domain=.purpleads.io; Path=/
pa-user-id: 6203c5ba-dec5-4980-9789-1968b282642f
etag: W/"af4-LXKiTM9nqZFEynFXRltUwtyU6ac"
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
addresseepaper.com/sfp.js
0.0.0.0 0 B URL GET addresseepaper.com/sfp.js
IP 0.0.0.0:0
Requested by https://dfiles.eu/files/7saf9opey
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.74200 OK 6.8 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.74:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type ASCII text, with very long lines (7013), with no line terminators
Hash 49475c425d6c00477bb339179326c49b
bd97deeb753f44f43a21feafa92d98239fa511bd
598841a98ad357d2896d2f093ea3e4e1d44e24b3351268ffd45e61ff8c1d0e09
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 May 2023 09:32:58 GMT
date: Wed, 24 May 2023 09:32:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
handbaggather.com/c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js
192.243.59.13200 OK 86 kB URL GET HTTP/1.1 handbaggather.com/c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js
IP 192.243.59.13:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjecthandbaggather.com
FingerprintAA:C3:B2:B7:C4:DC:3B:FA:64:BF:B0:F3:38:ED:6B:B3:B1:27:20:81
ValidityFri, 28 Apr 2023 01:16:44 GMT - Thu, 27 Jul 2023 01:16:43 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 13c4563a17f6dc9e1300a518fc3fc0d6
81f80c27a9e4fa28366d5c622b19ec5c011468f4
3902335dbf9162261d54a5bd11e5a91baf52ef1aa798d04da48b6cfbc101e44d
Analyzer Verdict Alert quad9 Sinkholed
GET /c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js HTTP/1.1
Host: handbaggather.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 May 2023 09:32:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cdceea325bac4dc91c366a54573fd61c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
handbaggather.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fwindows%2Fbrowser-black%2Fcss%2Fstyle.css&l=4254&fd=211
173.233.137.44200 OK 0 B URL GET HTTP/1.1 handbaggather.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fwindows%2Fbrowser-black%2Fcss%2Fstyle.css&l=4254&fd=211
IP 173.233.137.44:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjecthandbaggather.com
FingerprintAA:C3:B2:B7:C4:DC:3B:FA:64:BF:B0:F3:38:ED:6B:B3:B1:27:20:81
ValidityFri, 28 Apr 2023 01:16:44 GMT - Thu, 27 Jul 2023 01:16:43 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fwindows%2Fbrowser-black%2Fcss%2Fstyle.css&l=4254&fd=211 HTTP/1.1
Host: handbaggather.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 May 2023 09:32:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/notifications/vpn/default/us/windows/browser-black/css/style.css
172.64.197.23200 OK 4.3 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/vpn/default/us/windows/browser-black/css/style.css
IP 172.64.197.23:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint88:10:E4:38:7C:46:CF:44:7C:D0:C8:1F:06:39:9F:7E:A5:2E:27:4A
ValidityThu, 27 Apr 2023 15:05:54 GMT - Wed, 26 Jul 2023 15:05:53 GMT
File type ASCII text, with very long lines (4527), with no line terminators
Hash 40c6ffeef90ad98d94c1372966894621
5bc102fc9c9611c9d3e61becc379ae35a0bb9144
79f73975b3bf9b7e48480b5dfe30e368b6902703c66b72e676763c5e62046d33
GET /sb/notifications/vpn/default/us/windows/browser-black/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:58 GMT
content-type: text/css
last-modified: Fri, 27 Nov 2020 13:45:32 GMT
etag: W/"5fc102fc-109e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 383344
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abSX%2Bx%2F7czcccLT%2Ftia4sSXf6pOv2G%2BJeHfF%2FTGQ2D0dJAvj3H6bkE%2BjQWMlwwVmZ1RWsqSYtmvg45joc3OPBNBwZJjO1rlosIwL34FglHB%2FANaOOVgylPSVJmsuwBisEuKVin%2BHWztN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc488d3ed5376db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.unblockia.com/h.js
54.230.111.2200 OK 166 kB IP 54.230.111.2:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerAmazon
Subject*.unblockia.com
FingerprintF2:6F:03:00:E3:4A:B1:87:3C:4D:28:BB:E6:CE:8F:F1:2A:6E:1B:5D
ValidityTue, 21 Feb 2023 00:00:00 GMT - Fri, 22 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 166 kB (166192 bytes)
Hash 3d75dc8f7c4000ccdac0fff2f09d78a8
9008e9830c5f3a690cbb6cc94ddb34b59fc12677
203af4ee7878df10c428ce6599c619695219f48681b832ef3f856abdd299b8e8
GET /h.js HTTP/1.1
Host: cdn.unblockia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Mon, 22 May 2023 09:17:35 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-content-sha256: 3b11cd91ab382736a9ba8e63029f318e3177aa77903aa4fa093a80765fac8c07
x-amz-version-id: gKayxwShEzJAnBjNaPvAM9Fj3A2ZU3Kt
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:987257285531:build/unblockia-loader-codebuild-project:6a48fce0-eba0-40cc-8a72-49f5d7d1abde
x-amz-meta-codebuild-content-md5: 60511405d11f9acd0880a4539ae338cb
server: AmazonS3
content-encoding: br
date: Wed, 24 May 2023 09:19:59 GMT
etag: W/"3d75dc8f7c4000ccdac0fff2f09d78a8"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gvAGYKcrsmg2TfTVF_oiQRiSSgIpu9m17S3or175nFBhwbO9WQcUyA==
age: 778
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
cdn.prplads.com/load.js?publisherId=64df4768ef6a3d343387f03963cc6d27:a3fc5ba00d8a1e88f69e3c15e8e8c501507f1b2063b64e48a97000a1c4480fda350894047ca3535d3ce8fc5253d0214840300a723dc6ecae38a57d550d5ed683
104.26.3.51200 OK 44 kB URL GET HTTP/2 cdn.prplads.com/load.js?publisherId=64df4768ef6a3d343387f03963cc6d27:a3fc5ba00d8a1e88f69e3c15e8e8c501507f1b2063b64e48a97000a1c4480fda350894047ca3535d3ce8fc5253d0214840300a723dc6ecae38a57d550d5ed683
IP 104.26.3.51:443
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerGoogle Trust Services LLC
Subjectprplads.com
Fingerprint44:46:5A:F0:A0:B0:25:70:06:3F:E4:EB:02:D5:A2:67:7A:E3:7D:0E
ValidityWed, 19 Apr 2023 12:34:16 GMT - Tue, 18 Jul 2023 12:34:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /load.js?publisherId=64df4768ef6a3d343387f03963cc6d27:a3fc5ba00d8a1e88f69e3c15e8e8c501507f1b2063b64e48a97000a1c4480fda350894047ca3535d3ce8fc5253d0214840300a723dc6ecae38a57d550d5ed683 HTTP/1.1
Host: cdn.prplads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 09:32:58 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"103f53a915d53d541a023f9c8352e84c"
last-modified: Wed, 03 May 2023 17:14:59 GMT
x-amz-id-2: c0BBo0bTVFeShG8i+7lo2b2VE/UirvGjsaEwxq/wwMJ6ns1s3aKZvOG0lzRnXyQ2PtAWUDAre3c=
x-amz-request-id: VF6G331VR5CZSWHS
cache-control: max-age=86400
cf-cache-status: HIT
age: 2086
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8VkSD58dDVcVcTrc4sovVyF63536TIUlmtE5IOWxd5Yzvy8Paw5FVI7WcJMsVqqDc7TzqF4zl3ETgVPNrJ3%2FCga%2FKReuXiHYsVkW8gFtZCnJkks6vOmRkt%2FKsvYfAlRZgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc488d3ef9cb4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
ntvpwpush.com/dl/cookies
168.119.25.102200 OK 620 B IP 168.119.25.102:443
ASN #24940 Hetzner Online GmbH
Requested by https://dfiles.eu/files/7saf9opey
Certificate IssuerLet's Encrypt
Subjectnotification.tubecup.net
FingerprintC3:3A:0A:7D:9C:4B:21:97:39:A7:AD:B8:87:47:F1:35:32:D9:84:53
ValidityFri, 28 Apr 2023 11:39:09 GMT - Thu, 27 Jul 2023 11:39:08 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (656), with no line terminators
Hash 0f28ac8b62710210d8c20200cb32caf2
e5cf4c2df4e48eff5fe877531dd3f12351c0c37d
2e6743f06e4cc09ff077b579b75511eaaf5ccf370f70fd2075d74725bf5b872c
GET /dl/cookies HTTP/1.1
Host: ntvpwpush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 24 May 2023 09:32:59 GMT
content-type: text/html
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2