Report - datanodes.to/gj89ja53kwei/FATAL.FRAME.MOBW-C9ZA.zip

Report Overview

Visited public
2024-12-19 10:36:14
Tags
URL
datanodes.to/gj89ja53kwei/FATAL.FRAME.MOBW-C9ZA.zip
Finishing URL
datanodes.to/download
IP / ASN
104.26.14.76
#13335 CLOUDFLARENET
Title
Download

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.gstatic.com	unknown	2008-02-11	2012-05-29	2024-12-18	2.4 kB	711 kB	142.250.74.35
www.google.no	25607	2001-02-26	2012-06-26	2024-12-18	702 B	578 B	142.250.74.163
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2024-12-18	1.7 kB	1.7 kB	216.239.34.36
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2024-12-18	473 B	6.6 kB	142.250.74.42
datanodes.to	unknown	unknown	2022-08-16	2024-12-19	5.0 kB	241 kB	172.67.69.166
scarcerpokomoo.com	unknown	2024-02-28	2024-02-28	2024-12-12	401 B	1.2 kB	23.109.170.68
www.googletagmanager.com	75	2011-11-11	2012-10-04	2024-12-18	419 B	111 kB	142.250.74.168
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2024-12-18	3.1 kB	67 kB	216.58.207.227
www.google.com	7	1997-09-15	2015-05-10	2024-12-18	3.9 kB	75 kB	142.250.74.164

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-12-19	medium	scarcerpokomoo.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (18)

	URL	From	Size	First Seen	Last Seen
	datanodes.to/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	8.7 kB	2024-12-19	2024-12-19
Pretty URL datanodes.to/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 172.67.69.166 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-19 10:36 Last Seen2024-12-19 10:36 Times Seen1 Hash 4a790c0e4753fe3d39fb6876216843c7 d30315cd8a21924d441496933c9eb713c5f65076 722791f144e6776d3acd32a7c986213b1325fed863307b44a9f000cdc14b546d Loading...

	datanodes.to/download	ScriptElement	201 B	2024-01-28	2025-05-02
Pretty URL datanodes.to/download IP 172.67.69.166 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-28 23:21 Last Seen2025-05-02 03:45 Times Seen4431 Hash 91d8cca2b82a7c5662115578bd3f5d2c 8d5b2b8321f95d3d8dbd0564329c0a766caa94a7 ffc523a7eb7f38b0e10cf099f40e1c0537c1c75210f0491ddac4e2496eb9d8b5 Loading...

	unknown	Function	16 kB	2024-09-28	2025-04-28
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-09-28 07:27 Last Seen2025-04-28 19:58 Times Seen32 Hash e447eeceeeff2d86dccf7fa2e2045ef4 09cfa91e7d3885959b84c3506ff14214ee08accf 060c48b2ff548651342abb879588a66b8e560d81ba016f3099db2e2a05477624 Loading...

	www.googletagmanager.com/gtag/js?id=G-7DP7NV2LKF	ScriptElement	332 kB	2024-12-19	2024-12-19
Pretty URL www.googletagmanager.com/gtag/js?id=G-7DP7NV2LKF IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-19 10:36 Last Seen2024-12-19 13:16 Times Seen2 Hash 4860969482fee35c235ee2d292352b94 c7f33a931c8a9c38c3e3fde647ca92d62f8cd48c fbd6887d9a4adc758386623a46358d3630d9532bd513738339102b363e24640b Loading...

	www.google.com/js/bg/97uzgHxzdqXefmTg8wPeKCy4kla86q4zhj2nq_yidw0.js	ScriptElement	19 kB	2024-12-07	2025-01-08
Pretty URL www.google.com/js/bg/97uzgHxzdqXefmTg8wPeKCy4kla86q4zhj2nq_yidw0.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-07 09:48 Last Seen2025-01-08 07:58 Times Seen2292 Hash 5e9d6916710bd471114da1f09e81dd28 e4c997e3045cff62f7295fe65f71757401c2a175 f7bbb3807c7376a5de7e64e0f303de282cb89256bceaae33863da7abfca2770d Loading...

	www.google.com/recaptcha/api.js?render=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs	ScriptElement	904 B	2024-12-16	2025-01-16
Pretty URL www.google.com/recaptcha/api.js?render=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-16 17:41 Last Seen2025-01-16 02:30 Times Seen322 Hash 8f4c8fe0161261c260656ab0f6e7e721 7ff1ee9f7a0823e3bcfaf919bb19dd8ec9979490 9678a35c30c6cfdd2a3b789d81079078c7bade76bc1a332dd3abf4e01dfc3224 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=o759j2wudeqe	ScriptElement	69 B	2023-03-07	2025-05-02
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=o759j2wudeqe IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-05-02 04:26 Times Seen115275 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=o759j2wudeqe	ScriptElement	38 kB	2024-12-19	2024-12-19
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=o759j2wudeqe IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-19 10:36 Last Seen2024-12-19 10:36 Times Seen1 Hash f571557f0667cf673bd9d7ba9aeac1aa adab87772cde83db414bade2be967ae1b2fad5a4 acfad364c1d17323d936358fd3719a842086c75afc97c801bfcc1d6ab79c317d Loading...

	datanodes.to/download	ScriptElement	921 B	2024-12-19	2024-12-19
Pretty URL datanodes.to/download IP 172.67.69.166 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-19 10:36 Last Seen2024-12-19 10:36 Times Seen1 Hash 6ddcbac76a8fde504659e2b802f0f23d 8737d46729626d4dc46d30ab3c63ae1e4ce88c8c e3761bf65bb0dfd8fab390740a4f9c5c9057c7bf97f5b7ab05ce9f40b412095e Loading...

	datanodes.to/theme_2023/dist/assets/app-afc25dff.js	ScriptElement	178 kB	2024-07-17	2025-01-12
Pretty URL datanodes.to/theme_2023/dist/assets/app-afc25dff.js IP 172.67.69.166 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-17 13:50 Last Seen2025-01-12 22:24 Times Seen328 Hash c0d07effe2af02c10e7bf4de80eeef4b 47e82a065e01cbec19e4dd44495e517e25fb31fa 3f6b382b99fa71fbf418a32d4580b4d8a52139183ffea41afec7039f5cc61da9 Loading...

	unknown	ScriptElement	236 B	2024-12-19	2024-12-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-19 10:36 Last Seen2024-12-19 10:36 Times Seen1 Hash e4620a5e79b3052689e9f4a1e5030999 97ecc58d279b57d260c55f0c77d67abb6cdde63c 26f3b011a0476f479cd2b0432d39d1021df1f80842fb6603c2629de8df76b851 Loading...

	www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js	ScriptElement	560 kB	2024-12-12	2025-03-18
Pretty URL www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-12 06:57 Last Seen2025-03-18 08:34 Times Seen9332 Hash 19ddac3be88eda2c8263c5d52fa7f6bd c81720778f57c56244c72ce6ef402bb4de5f9619 b261530f05e272e18b5b5c86d860c4979c82b5b6c538e1643b3c94fc9ba76dd6 Loading...

	datanodes.to/download	ScriptElement	0 B	0001-01-01	2025-05-02
Pretty URL datanodes.to/download IP 172.67.69.166 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-02 04:26 Times Seen4593729 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	scarcerpokomoo.com/1clkn/31269	ScriptElement	6 B	2023-03-07	2025-05-02
Pretty URL scarcerpokomoo.com/1clkn/31269 IP 23.109.170.68 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-02 03:45 Times Seen12384 Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 6feba4f57762246f39ca5e276316839f	22 B	2024-12-07 09:48	2025-01-08 07:58
Pretty Observations First Seen2024-12-07 09:48 Last Seen2025-01-08 07:58 Times Seen2260 Hash 6feba4f57762246f39ca5e276316839f 10eeaa5c4fe6952863826c37007c64ce80ac027e 34850d9e4b43254db34ca07ec9588befacafef0a24b1828b29b281206e2606c5 Loading...

	#2 Eval - f6f309ec3a3bace3a308013320c43800	62 B	2024-12-07 09:48	2025-01-08 07:58
Pretty Observations First Seen2024-12-07 09:48 Last Seen2025-01-08 07:58 Times Seen2268 Hash f6f309ec3a3bace3a308013320c43800 3aff4f7c4e0252f5b0c04cb4d13329dc0dfb3339 8759c49257e803f4a3358f6aedfbc8ea05baeb534b407136d9a08d78623b32fd Loading...

	#3 Eval - 0a52f750f49233023a7b394e1522dd48	20 kB	2024-12-19 10:36	2024-12-19 10:36
Pretty Observations First Seen2024-12-19 10:36 Last Seen2024-12-19 10:36 Times Seen1 Hash 0a52f750f49233023a7b394e1522dd48 623df2aab4dc28034111315f28960454af1a58ca c0c34c060a0988966eb971d4ef422874c3bf29f237a291c3e330fc416a926d87 Loading...

	#4 Eval - 5396f99b45c09f4799bce097a258d995	22 B	2024-12-07 09:48	2025-01-08 07:58
Pretty Observations First Seen2024-12-07 09:48 Last Seen2025-01-08 07:58 Times Seen2273 Hash 5396f99b45c09f4799bce097a258d995 2e397cf7bce79e14da6d6daf2e88596314613506 ff5f7e71d19c042c28932f0c0b4d0985d21231609ba88a261b93c7e43387a4d3 Loading...

HTTP Transactions (32)

URL IP Response Size

datanodes.to/download

172.67.69.166

301 Moved Permanently

167 B

URL User Request GET HTTP/2
datanodes.to/download
IP
172.67.69.166:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectdatanodes.to
Fingerprint6A:4F:30:87:2D:80:B6:38:58:6A:31:14:AD:8F:57:08:6C:FB:4C:AD
ValidityFri, 13 Dec 2024 03:07:42 GMT - Thu, 13 Mar 2025 04:07:38 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET /download HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: file_name=FATAL.FRAME.MOBW-C9ZA.zip; file_code=gj89ja53kwei; lang=english
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Thu, 19 Dec 2024 10:35:47 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 19 Dec 2024 11:35:47 GMT
Location: https://datanodes.to/download
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8npCUBGIks76qEwgd3GGHm6YKIJJt%2Bdfpj0KQ7r66XQNrMlh5d5cf3NYXEQuAtDHxwzWp0zqbTzgiUKgKmyLLwWWtHTUmOtTAZkOcy9ZWAFm%2FsxJbEM6unvvxF7K3g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8f46bf776b9756c6-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=414&min_rtt=414&rtt_var=207&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=476&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

datanodes.to/images/logo.png?v=1

172.67.69.166

200 OK

15 kB

URL GET HTTP/2
datanodes.to/images/logo.png?v=1
IP
172.67.69.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://datanodes.to/download
Certificate
IssuerGoogle Trust Services
Subjectdatanodes.to
Fingerprint6A:4F:30:87:2D:80:B6:38:58:6A:31:14:AD:8F:57:08:6C:FB:4C:AD
ValidityFri, 13 Dec 2024 03:07:42 GMT - Thu, 13 Mar 2025 04:07:38 GMT

File type
PNG image data, 364 x 230, 8-bit/color RGBA, non-interlaced
Size
15 kB (15350 bytes)
Hash
c9338a5cbd74ee24aee2175a5ac9cfac
eb519e37c50d2dd8908d80a2dd203879f2a430c9
e73da34c3963cd34608bc4016fd1060cf58de21ef14321a153ec45bc004ff56e

HTTP Headers

GET /images/logo.png?v=1 HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: file_name=FATAL.FRAME.MOBW-C9ZA.zip; file_code=gj89ja53kwei; lang=english
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 19 Dec 2024 10:35:48 GMT
content-type: image/png
content-length: 15350
last-modified: Tue, 16 Jan 2024 14:16:42 GMT
etag: "65a68fca-3bf6"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2399
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nvNqUxbPBnPmQmbbnFvXO77I4zlMc8WBuII97h21geHdGExnwUsfS1BeMgadrMaZ5l5jeEf96KDzLRMPY923mbamh3W3LPwqAZ7duGeEFEtVVrVPwiBKWKGEH1LnfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f46bf78fc17b515-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1236&min_rtt=474&rtt_var=1367&sent=28&recv=31&lost=0&retrans=0&sent_bytes=15298&recv_bytes=1779&delivery_rate=12833087&cwnd=257&unsent_bytes=0&cid=470b8d8eebf50a8f&ts=748&x=0"
X-Firefox-Spdy: h2

datanodes.to/theme_2023/dist/assets/app-8feab043.css

172.67.69.166

200 OK

11 kB

URL GET HTTP/2
datanodes.to/theme_2023/dist/assets/app-8feab043.css
IP
172.67.69.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://datanodes.to/download
Certificate
IssuerGoogle Trust Services
Subjectdatanodes.to
Fingerprint6A:4F:30:87:2D:80:B6:38:58:6A:31:14:AD:8F:57:08:6C:FB:4C:AD
ValidityFri, 13 Dec 2024 03:07:42 GMT - Thu, 13 Mar 2025 04:07:38 GMT

File type
Unicode text, UTF-8 text, with very long lines (59054)
Size
11 kB (10931 bytes)
Hash
84823f76336a9711557c078e2dbe05eb
fd6c72756207d872e2ec8396ce481666d68054ab
8feab04397269bbffdc0cdf1d05782bdd9118431be5eaeb9fdf736932bf15231

HTTP Headers

GET /theme_2023/dist/assets/app-8feab043.css HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: file_name=FATAL.FRAME.MOBW-C9ZA.zip; file_code=gj89ja53kwei; lang=english
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 19 Dec 2024 10:35:48 GMT
content-type: text/css
last-modified: Wed, 17 Jul 2024 10:45:34 GMT
etag: W/"6697a0ce-e6b7"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2399
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hI7LBXYJ4RR5oT9aP4xF1R%2F9FvpGUumEsNkel08dFC4KunpRIizhJznKSFFoGcmtN0niFafWpQGL3xq%2Fdu6KreYUyOzGf83z2eT1z98NVjNUT5WiB7DnsdFdvRdMoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f46bf78fc16b515-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=1236&min_rtt=474&rtt_var=1367&sent=42&recv=31&lost=0&retrans=0&sent_bytes=31479&recv_bytes=1779&delivery_rate=12833087&cwnd=257&unsent_bytes=0&cid=470b8d8eebf50a8f&ts=749&x=0"
X-Firefox-Spdy: h2

scarcerpokomoo.com/1clkn/31269

23.109.170.68

200 OK

26 B

URL GET HTTP/1.1
scarcerpokomoo.com/1clkn/31269
IP
23.109.170.68:443
ASN
#7979 SERVERS-COM

Requested by
https://datanodes.to/download
Certificate
IssuerLet's Encrypt
Subjectscarcerpokomoo.com
Fingerprint60:15:AE:2D:35:F1:D4:16:53:7C:66:74:8F:D3:EF:ED:13:CA:96:21
ValiditySun, 24 Nov 2024 22:56:37 GMT - Sat, 22 Feb 2025 22:56:36 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1clkn/31269 HTTP/1.1
Host: scarcerpokomoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 19 Dec 2024 10:35:48 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Fri, 20-Dec-2024 10:35:48 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Fri, 20-Dec-2024 10:35:48 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

www.googletagmanager.com/gtag/js?id=G-7DP7NV2LKF

142.250.74.168

200 OK

110 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-7DP7NV2LKF
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://datanodes.to/download
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint4B:B1:5A:60:07:55:DD:0C:FA:98:D3:8E:E8:58:9E:E7:6A:0D:60:12
ValidityMon, 04 Nov 2024 08:37:47 GMT - Mon, 27 Jan 2025 08:37:46 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
110 kB (110061 bytes)
Hash
4860969482fee35c235ee2d292352b94
c7f33a931c8a9c38c3e3fde647ca92d62f8cd48c
fbd6887d9a4adc758386623a46358d3630d9532bd513738339102b363e24640b

HTTP Headers

GET /gtag/js?id=G-7DP7NV2LKF HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 19 Dec 2024 10:35:48 GMT
expires: Thu, 19 Dec 2024 10:35:48 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 110061
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2

216.58.207.227

200 OK

7.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://datanodes.to/download
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint5E:64:A9:4C:59:5A:8F:EC:57:D9:7F:C4:7E:70:AC:88:F2:67:F1:79
ValidityMon, 04 Nov 2024 08:38:50 GMT - Mon, 27 Jan 2025 08:38:49 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 14 Dec 2024 04:15:23 GMT
expires: Sun, 14 Dec 2025 04:15:23 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 04 Dec 2024 06:53:08 GMT
content-type: font/woff2
age: 454825
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

datanodes.to/cdn-cgi/challenge-platform/scripts/jsd/main.js

172.67.69.166

302 Found

0 B

URL GET HTTP/2
datanodes.to/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
172.67.69.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://datanodes.to/download
Certificate
IssuerGoogle Trust Services
Subjectdatanodes.to
Fingerprint6A:4F:30:87:2D:80:B6:38:58:6A:31:14:AD:8F:57:08:6C:FB:4C:AD
ValidityFri, 13 Dec 2024 03:07:42 GMT - Thu, 13 Mar 2025 04:07:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: file_name=FATAL.FRAME.MOBW-C9ZA.zip; file_code=gj89ja53kwei; lang=english
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Thu, 19 Dec 2024 10:35:48 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ADMGCqYz1q6WEe8yxazkVRRzeTOYeflndrq2cceBvXJ7VhzNPZzuwoDCEfGu1knWJMvnvEkNUYi95Ju2FCUARbejkpzRGsgORTLfCEjuKHTTXyPCpHDz0wIxTIJaXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f46bf7c1f33b515-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1132&min_rtt=474&rtt_var=531&sent=103&recv=48&lost=0&retrans=0&sent_bytes=112536&recv_bytes=1892&delivery_rate=4143061&cwnd=257&unsent_bytes=0&cid=470b8d8eebf50a8f&ts=1243&x=0"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

216.58.207.227

200 OK

8.0 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://datanodes.to/download
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint5E:64:A9:4C:59:5A:8F:EC:57:D9:7F:C4:7E:70:AC:88:F2:67:F1:79
ValidityMon, 04 Nov 2024 08:38:50 GMT - Mon, 27 Jan 2025 08:38:49 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8000, version 1.0
Size
8.0 kB (8000 bytes)
Hash
72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

HTTP Headers

GET /s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 14 Dec 2024 04:10:06 GMT
expires: Sun, 14 Dec 2025 04:10:06 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 04 Dec 2024 06:53:31 GMT
content-type: font/woff2
age: 455142
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

216.58.207.227

200 OK

7.8 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://datanodes.to/download
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint5E:64:A9:4C:59:5A:8F:EC:57:D9:7F:C4:7E:70:AC:88:F2:67:F1:79
ValidityMon, 04 Nov 2024 08:38:50 GMT - Mon, 27 Jan 2025 08:38:49 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7816, version 1.0
Size
7.8 kB (7816 bytes)
Hash
25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

HTTP Headers

GET /s/poppins/v22/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Dec 2024 22:57:31 GMT
expires: Sat, 13 Dec 2025 22:57:31 GMT
cache-control: public, max-age=31536000
age: 473897
last-modified: Wed, 04 Dec 2024 06:53:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

216.58.207.227

200 OK

7.7 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://datanodes.to/download
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint5E:64:A9:4C:59:5A:8F:EC:57:D9:7F:C4:7E:70:AC:88:F2:67:F1:79
ValidityMon, 04 Nov 2024 08:38:50 GMT - Mon, 27 Jan 2025 08:38:49 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 14 Dec 2024 04:07:25 GMT
expires: Sun, 14 Dec 2025 04:07:25 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 04 Dec 2024 06:54:05 GMT
content-type: font/woff2
age: 455303
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js

142.250.74.35

200 OK

221 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=o759j2wudeqe
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint5E:64:A9:4C:59:5A:8F:EC:57:D9:7F:C4:7E:70:AC:88:F2:67:F1:79
ValidityMon, 04 Nov 2024 08:38:50 GMT - Mon, 27 Jan 2025 08:38:49 GMT

File type
JavaScript source, ASCII text, with very long lines (654)
Size
221 kB (220882 bytes)
Hash
19ddac3be88eda2c8263c5d52fa7f6bd
c81720778f57c56244c72ce6ef402bb4de5f9619
b261530f05e272e18b5b5c86d860c4979c82b5b6c538e1643b3c94fc9ba76dd6

HTTP Headers

GET /recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
timing-allow-origin: *
content-length: 220882
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Dec 2024 10:01:52 GMT
expires: Fri, 19 Dec 2025 10:01:52 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 10 Dec 2024 23:05:10 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 2036
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7DP7NV2LKF&cid=1381439451.1734604549&gtm=45je4cc1v9175474265za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=998128374

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7DP7NV2LKF&cid=1381439451.1734604549&gtm=45je4cc1v9175474265za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=998128374
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://datanodes.to/download
Certificate
IssuerGoogle Trust Services
Subject*.google.no
FingerprintA8:FC:63:57:7C:92:2A:02:1C:BE:71:EF:F7:D9:C9:CD:5F:12:37:9A
ValidityMon, 04 Nov 2024 08:40:36 GMT - Mon, 27 Jan 2025 08:40:35 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7DP7NV2LKF&cid=1381439451.1734604549&gtm=45je4cc1v9175474265za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=998128374 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 19 Dec 2024 10:35:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-7DP7NV2LKF&gtm=45je4cc1v9175474265za200&_p=1734604548266&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1381439451.1734604549&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&sid=1734604548&sct=1&seg=0&dl=https%3A%2F%2Fdatanodes.to%2Fdownload&dt=Download&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=967

216.239.34.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-7DP7NV2LKF&gtm=45je4cc1v9175474265za200&_p=1734604548266&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1381439451.1734604549&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&sid=1734604548&sct=1&seg=0&dl=https%3A%2F%2Fdatanodes.to%2Fdownload&dt=Download&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=967
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://datanodes.to/download
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint4B:B1:5A:60:07:55:DD:0C:FA:98:D3:8E:E8:58:9E:E7:6A:0D:60:12
ValidityMon, 04 Nov 2024 08:37:47 GMT - Mon, 27 Jan 2025 08:37:46 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-7DP7NV2LKF&gtm=45je4cc1v9175474265za200&_p=1734604548266&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1381439451.1734604549&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&sid=1734604548&sct=1&seg=0&dl=https%3A%2F%2Fdatanodes.to%2Fdownload&dt=Download&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=967 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://datanodes.to/
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://datanodes.to
date: Thu, 19 Dec 2024 10:35:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

datanodes.to/cdn-cgi/challenge-platform/h/b/jsd/r/8f46bf77ba8db515

172.67.69.166

200 OK

0 B

URL POST HTTP/2
datanodes.to/cdn-cgi/challenge-platform/h/b/jsd/r/8f46bf77ba8db515
IP
172.67.69.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://datanodes.to/download
Certificate
IssuerGoogle Trust Services
Subjectdatanodes.to
Fingerprint6A:4F:30:87:2D:80:B6:38:58:6A:31:14:AD:8F:57:08:6C:FB:4C:AD
ValidityFri, 13 Dec 2024 03:07:42 GMT - Thu, 13 Mar 2025 04:07:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/8f46bf77ba8db515 HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12135
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: file_name=FATAL.FRAME.MOBW-C9ZA.zip; file_code=gj89ja53kwei; lang=english; _ga_7DP7NV2LKF=GS1.1.1734604548.1.0.1734604548.60.0.0; _ga=GA1.1.1381439451.1734604549
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 19 Dec 2024 10:35:48 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=; Path=/; Expires=Thu, 01-Jan-70 00:00:00 GMT; Domain=.datanodes.to; Priority=High; HttpOnly; Secure; SameSite=None
cf_clearance=7kw1tfUlyQBeczBxtG0YBI06ARKIEqn77..5NWbK3.A-1734604548-1.2.1.1-1VinFDnEADSAs424rcp9qflVt4N3NeJ17Nsol9kYa7fM96mhUmFEjse2xR12omVhIPVyw7wyZpG0rTPWOZ_SINu73H0etmbKddtBg1b3Eu49Wyu8LpoHIehxQZt_pncC4RFrhylJC0VYX0nyh16ZTDc0xq9.wtFc6c41v.i4fhjWRUjGDCs5Fi_XZUKP9S4gFCK9QLvfWtWaTqtuY3pqp1_phTvME4CwzWlfqmfaDaB3nxxFD6lZCMW6CDC8y1tEzmBbyrSZm952gJPC7X6tRbNnLdOxh8OIadi72EvfD9LxYZnF.r_Nolec28nBYi2qJ4vK4_ToGa6WcqmYugJp3g; Path=/; Expires=Fri, 19-Dec-25 10:35:48 GMT; Domain=.datanodes.to; Priority=High; HttpOnly; Secure; SameSite=None; Partitioned
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BHrnpoEhvviZqgBI%2FOQbBzwrlB7OnF7ZevaWqR1ioh6ew%2BQSDkzbMIBiBVNTNviMmVvKXTjXxTrZ5WLNr1tC1%2FFLNUxJHIXeqWEzt9ED3ozeTMAByb7G8Ana%2F2ScuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f46bf7e1950b515-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=680&min_rtt=450&rtt_var=304&sent=118&recv=70&lost=0&retrans=0&sent_bytes=120702&recv_bytes=14543&delivery_rate=12107023&cwnd=257&unsent_bytes=0&cid=470b8d8eebf50a8f&ts=1564&x=0"
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/styles__ltr.css

142.250.74.35

200 OK

42 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/styles__ltr.css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=o759j2wudeqe
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint5E:64:A9:4C:59:5A:8F:EC:57:D9:7F:C4:7E:70:AC:88:F2:67:F1:79
ValidityMon, 04 Nov 2024 08:38:50 GMT - Mon, 27 Jan 2025 08:38:49 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
42 kB (42044 bytes)
Hash
6aec8cfd5d3a790339dc627f9f1229b5
b6c8cffe38e1015dd8595f2dd1a92435e2795874
80583fa3c83831a9e036eba0500d1b9c0d30892d0701f1617e0fafaf5aeaa2ca

HTTP Headers

GET /recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
timing-allow-origin: *
content-length: 42044
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Dec 2024 08:49:16 GMT
expires: Fri, 19 Dec 2025 08:49:16 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 10 Dec 2024 23:05:10 GMT
content-type: text/css
vary: Accept-Encoding
age: 6393
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js

142.250.74.35

200 OK

221 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=o759j2wudeqe
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint5E:64:A9:4C:59:5A:8F:EC:57:D9:7F:C4:7E:70:AC:88:F2:67:F1:79
ValidityMon, 04 Nov 2024 08:38:50 GMT - Mon, 27 Jan 2025 08:38:49 GMT

File type
JavaScript source, ASCII text, with very long lines (654)
Size
221 kB (220882 bytes)
Hash
19ddac3be88eda2c8263c5d52fa7f6bd
c81720778f57c56244c72ce6ef402bb4de5f9619
b261530f05e272e18b5b5c86d860c4979c82b5b6c538e1643b3c94fc9ba76dd6

HTTP Headers

GET /recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
timing-allow-origin: *
content-length: 220882
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Dec 2024 10:01:52 GMT
expires: Fri, 19 Dec 2025 10:01:52 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 10 Dec 2024 23:05:10 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 2037
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=o759j2wudeqe
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint5E:64:A9:4C:59:5A:8F:EC:57:D9:7F:C4:7E:70:AC:88:F2:67:F1:79
ValidityMon, 04 Nov 2024 08:38:50 GMT - Mon, 27 Jan 2025 08:38:49 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 14 Dec 2024 04:23:18 GMT
expires: Sun, 14 Dec 2025 04:23:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 454351
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=o759j2wudeqe
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint5E:64:A9:4C:59:5A:8F:EC:57:D9:7F:C4:7E:70:AC:88:F2:67:F1:79
ValidityMon, 04 Nov 2024 08:38:50 GMT - Mon, 27 Jan 2025 08:38:49 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Dec 2024 18:53:03 GMT
expires: Sat, 13 Dec 2025 18:53:03 GMT
cache-control: public, max-age=31536000
age: 488566
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.35

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=o759j2wudeqe
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint5E:64:A9:4C:59:5A:8F:EC:57:D9:7F:C4:7E:70:AC:88:F2:67:F1:79
ValidityMon, 04 Nov 2024 08:38:50 GMT - Mon, 27 Jan 2025 08:38:49 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Dec 2024 19:49:08 GMT
expires: Fri, 20 Dec 2024 19:49:08 GMT
cache-control: public, max-age=604800
age: 485201
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/js/bg/97uzgHxzdqXefmTg8wPeKCy4kla86q4zhj2nq_yidw0.js

142.250.74.164

200 OK

7.7 kB

URL GET HTTP/3
www.google.com/js/bg/97uzgHxzdqXefmTg8wPeKCy4kla86q4zhj2nq_yidw0.js
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=o759j2wudeqe
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint08:EB:C7:D6:BA:86:9E:85:23:FF:C8:A2:9C:EE:A5:DE:3E:65:74:7A
ValidityMon, 04 Nov 2024 08:37:47 GMT - Mon, 27 Jan 2025 08:37:46 GMT

File type
JavaScript source, ASCII text, with very long lines (18228)
Size
7.7 kB (7707 bytes)
Hash
5e9d6916710bd471114da1f09e81dd28
e4c997e3045cff62f7295fe65f71757401c2a175
f7bbb3807c7376a5de7e64e0f303de282cb89256bceaae33863da7abfca2770d

HTTP Headers

GET /js/bg/97uzgHxzdqXefmTg8wPeKCy4kla86q4zhj2nq_yidw0.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=o759j2wudeqe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 14 Dec 2024 04:13:47 GMT
expires: Sun, 14 Dec 2025 04:13:47 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 02 Dec 2024 19:00:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 454922
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js

142.250.74.35

200 OK

221 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=o759j2wudeqe
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint5E:64:A9:4C:59:5A:8F:EC:57:D9:7F:C4:7E:70:AC:88:F2:67:F1:79
ValidityMon, 04 Nov 2024 08:38:50 GMT - Mon, 27 Jan 2025 08:38:49 GMT

File type
JavaScript source, ASCII text, with very long lines (654)
Size
221 kB (220882 bytes)
Hash
19ddac3be88eda2c8263c5d52fa7f6bd
c81720778f57c56244c72ce6ef402bb4de5f9619
b261530f05e272e18b5b5c86d860c4979c82b5b6c538e1643b3c94fc9ba76dd6

HTTP Headers

GET /recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
timing-allow-origin: *
content-length: 220882
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Dec 2024 10:01:52 GMT
expires: Fri, 19 Dec 2025 10:01:52 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 10 Dec 2024 23:05:10 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 2037
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/api2/webworker.js?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF

142.250.74.164

200 OK

4.4 kB

URL GET HTTP/3
www.google.com/recaptcha/api2/webworker.js?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=o759j2wudeqe
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint08:EB:C7:D6:BA:86:9E:85:23:FF:C8:A2:9C:EE:A5:DE:3E:65:74:7A
ValidityMon, 04 Nov 2024 08:37:47 GMT - Mon, 27 Jan 2025 08:37:46 GMT

File type
gzip compressed data, max compression
Size
4.4 kB (4423 bytes)
Hash
626616d030ca6457df49ae1bb8280575
12e75f4a10df0d11db0156ee3f139ac30e6b3b83
3b50d863d1daebc38a030f329f13dd9ef0f649dadb174a27609a623c32d7015d

HTTP Headers

GET /recaptcha/api2/webworker.js?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=o759j2wudeqe
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}, {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
expires: Thu, 19 Dec 2024 10:35:49 GMT
date: Thu, 19 Dec 2024 10:35:49 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: same-site
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/api2/clr?k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs

142.250.74.164

200 OK

0 B

URL POST HTTP/3
www.google.com/recaptcha/api2/clr?k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=o759j2wudeqe
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint08:EB:C7:D6:BA:86:9E:85:23:FF:C8:A2:9C:EE:A5:DE:3E:65:74:7A
ValidityMon, 04 Nov 2024 08:37:47 GMT - Mon, 27 Jan 2025 08:37:46 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /recaptcha/api2/clr?k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuf
Content-Length: 1558
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=o759j2wudeqe
Cookie: _GRECAPTCHA=09AJNbFneM1n9wyMfC-hbYI4zwye4HfnvAB28vYxwEQK8xxZOUnCz8zcIbTBMY0ZygJJOfynsAQDayA42DV3TLjMA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/binary
cross-origin-resource-policy: same-site
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Thu, 19 Dec 2024 10:35:50 GMT
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/api2/reload?k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs

142.250.74.164

200 OK

9.7 kB

URL POST HTTP/3
www.google.com/recaptcha/api2/reload?k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=o759j2wudeqe
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint08:EB:C7:D6:BA:86:9E:85:23:FF:C8:A2:9C:EE:A5:DE:3E:65:74:7A
ValidityMon, 04 Nov 2024 08:37:47 GMT - Mon, 27 Jan 2025 08:37:46 GMT

File type
ASCII text, with very long lines (13134)
Size
9.7 kB (9690 bytes)
Hash
80ff59cd4cba30c57ff6a379d4790b76
d9554b53ef1918a455b4bb14fe5e90c8e093267c
05de9910b806eaf290da7060cadb54fd4c625aa9fa49af635f1815a32fd6cb7b

HTTP Headers

POST /recaptcha/api2/reload?k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 12350
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=o759j2wudeqe
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
content-encoding: gzip
date: Thu, 19 Dec 2024 10:35:50 GMT
server: ESF
cache-control: private
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: _GRECAPTCHA=09AJNbFneM1n9wyMfC-hbYI4zwye4HfnvAB28vYxwEQK8xxZOUnCz8zcIbTBMY0ZygJJOfynsAQDayA42DV3TLjMA; Expires=Tue, 17-Jun-2025 10:35:50 GMT; Path=/recaptcha; Secure; HttpOnly; Priority=HIGH; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 19 Dec 2024 10:35:50 GMT

fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700;800;900&display=swap

142.250.74.42

200 OK

5.9 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700;800;900&display=swap
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://datanodes.to/download
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintD4:A3:E0:67:E1:FB:D8:0C:7B:58:AE:DA:81:4F:CA:47:9A:07:6E:5B
ValidityMon, 04 Nov 2024 08:38:51 GMT - Mon, 27 Jan 2025 08:38:50 GMT

File type
ASCII text, with very long lines (6040), with no line terminators
Size
5.9 kB (5914 bytes)
Hash
92ce94ca50fec890cfe6d268de5f1144
0e3e7d60e754ad04897b3a77587cbd6743dd0c55
441f7117ae375b9c180bc1e49590c0fc489ebfa13b21c3a1c8e8c77862c9b42b

HTTP Headers

GET /css2?family=Poppins:wght@300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 19 Dec 2024 10:35:48 GMT
date: Thu, 19 Dec 2024 10:35:48 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/recaptcha/api.js?render=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs

142.250.74.164

200 OK

904 B

URL GET HTTP/2
www.google.com/recaptcha/api.js?render=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://datanodes.to/download
Certificate
IssuerGoogle Trust Services
Subjectwww.google.com
FingerprintC1:EF:1D:9F:32:BB:31:2D:F3:08:D9:D6:97:9C:21:A1:A2:67:F9:C5
ValidityMon, 04 Nov 2024 08:39:37 GMT - Mon, 27 Jan 2025 08:39:36 GMT

File type
JavaScript source, ASCII text, with very long lines (904), with no line terminators
Size
904 B (904 bytes)
Hash
8f4c8fe0161261c260656ab0f6e7e721
7ff1ee9f7a0823e3bcfaf919bb19dd8ec9979490
9678a35c30c6cfdd2a3b789d81079078c7bade76bc1a332dd3abf4e01dfc3224

HTTP Headers

GET /recaptcha/api.js?render=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Thu, 19 Dec 2024 10:35:48 GMT
date: Thu, 19 Dec 2024 10:35:48 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

datanodes.to/favicon.ico

172.67.69.166

200 OK

2.5 kB

URL GET HTTP/2
datanodes.to/favicon.ico
IP
172.67.69.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://datanodes.to/download
Certificate
IssuerGoogle Trust Services
Subjectdatanodes.to
Fingerprint6A:4F:30:87:2D:80:B6:38:58:6A:31:14:AD:8F:57:08:6C:FB:4C:AD
ValidityFri, 13 Dec 2024 03:07:42 GMT - Thu, 13 Mar 2025 04:07:38 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
2.5 kB (2461 bytes)
Hash
c813091dc9f029ba08588f60cc450755
d2b2f0efc676eff758c4194d80ff2e9ee973f556
682e513cfa795efc1e53c502e9a8aa3d91db160b7fd15f94de2a4156a6961474

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: file_name=FATAL.FRAME.MOBW-C9ZA.zip; file_code=gj89ja53kwei; lang=english; _ga_7DP7NV2LKF=GS1.1.1734604548.1.0.1734604548.60.0.0; _ga=GA1.1.1381439451.1734604549
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 19 Dec 2024 10:35:48 GMT
content-type: image/x-icon
last-modified: Thu, 01 Sep 2022 19:47:58 GMT
etag: W/"63110c6e-99d"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bNN5UYMVEGrouE8vV58S5F%2B0L7rmjFRpSccVLzspdEviCh2wUjeEzaP319GLXP%2FuYnnLCW3qH9CrU%2BFpXp1EWrkED5r%2F5%2FLyvRvoQ8Yrk45dxB%2BVHFkkUrifUPVRqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f46bf7d182bb515-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=815&min_rtt=450&rtt_var=409&sent=110&recv=56&lost=0&retrans=0&sent_bytes=117664&recv_bytes=2178&delivery_rate=12107023&cwnd=257&unsent_bytes=0&cid=470b8d8eebf50a8f&ts=1494&x=0"
X-Firefox-Spdy: h2

datanodes.to/gj89ja53kwei/FATAL.FRAME.MOBW-C9ZA.zip

172.67.69.166

302 Found

17 kB

URL User Request GET HTTP/2
datanodes.to/gj89ja53kwei/FATAL.FRAME.MOBW-C9ZA.zip
IP
172.67.69.166:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectdatanodes.to
Fingerprint6A:4F:30:87:2D:80:B6:38:58:6A:31:14:AD:8F:57:08:6C:FB:4C:AD
ValidityFri, 13 Dec 2024 03:07:42 GMT - Thu, 13 Mar 2025 04:07:38 GMT

File type

Size
17 kB (16638 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /gj89ja53kwei/FATAL.FRAME.MOBW-C9ZA.zip HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 19 Dec 2024 10:35:47 GMT
location: https://datanodes.to/download
cf-cache-status: BYPASS
set-cookie: file_name=FATAL.FRAME.MOBW-C9ZA.zip; domain=.datanodes.to; path=/; expires=Thu, 19-Dec-2024 11:35:47 GMT
file_code=gj89ja53kwei; domain=.datanodes.to; path=/; expires=Thu, 19-Dec-2024 11:35:47 GMT
lang=english; domain=.datanodes.to; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V8gPUZ%2FwXd5MnemV7EVRsVHOHVF57QNZJAz0Dg55OXQywFvglk5pdtH80M0Y8Cl%2Fwi286gHVqlrqb%2B69DHxObyU8%2BB3R%2BlM9HHgoCP6dPGttVr5g1ZYJdeZj2TwHmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f46bf748e6db515-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=5578&min_rtt=474&rtt_var=10204&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3200&recv_bytes=1145&delivery_rate=6693374&cwnd=254&unsent_bytes=0&cid=470b8d8eebf50a8f&ts=143&x=0"
X-Firefox-Spdy: h2

datanodes.to/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?

172.67.69.166

200 OK

8.7 kB

URL GET HTTP/2
datanodes.to/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
IP
172.67.69.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://datanodes.to/download
Certificate
IssuerGoogle Trust Services
Subjectdatanodes.to
Fingerprint6A:4F:30:87:2D:80:B6:38:58:6A:31:14:AD:8F:57:08:6C:FB:4C:AD
ValidityFri, 13 Dec 2024 03:07:42 GMT - Thu, 13 Mar 2025 04:07:38 GMT

File type
JavaScript source, ASCII text, with very long lines (8742), with no line terminators
Size
8.7 kB (8742 bytes)
Hash
4a790c0e4753fe3d39fb6876216843c7
d30315cd8a21924d441496933c9eb713c5f65076
722791f144e6776d3acd32a7c986213b1325fed863307b44a9f000cdc14b546d

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js? HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: file_name=FATAL.FRAME.MOBW-C9ZA.zip; file_code=gj89ja53kwei; lang=english; _ga_7DP7NV2LKF=GS1.1.1734604548.1.0.1734604548.60.0.0; _ga=GA1.1.1381439451.1734604549
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 19 Dec 2024 10:35:48 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OiV1Ec6PyUDVQVLYwm0iVOIOScLIBMEEjKl%2FKWH57Y8Iwpu9ks5XBESzdOFP4zC9ksuOgf6KvkVTrUQGu0U3bMk989K4vYWeFhlDP6GEBFyMSh2QlJ5kQI6QCAXotQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f46bf7d0823b515-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=1103&min_rtt=474&rtt_var=456&sent=105&recv=51&lost=0&retrans=0&sent_bytes=113062&recv_bytes=2178&delivery_rate=4143061&cwnd=257&unsent_bytes=0&cid=470b8d8eebf50a8f&ts=1398&x=0"
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-7DP7NV2LKF&gtm=45je4cc1v9175474265za200&_p=1734604548266&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1381439451.1734604549&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1734604548&sct=1&seg=0&dl=https%3A%2F%2Fdatanodes.to%2Fdownload&dt=Download&en=scroll&epn.percent_scrolled=90&tfd=5991

216.239.34.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-7DP7NV2LKF&gtm=45je4cc1v9175474265za200&_p=1734604548266&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1381439451.1734604549&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1734604548&sct=1&seg=0&dl=https%3A%2F%2Fdatanodes.to%2Fdownload&dt=Download&en=scroll&epn.percent_scrolled=90&tfd=5991
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://datanodes.to/download
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint4B:B1:5A:60:07:55:DD:0C:FA:98:D3:8E:E8:58:9E:E7:6A:0D:60:12
ValidityMon, 04 Nov 2024 08:37:47 GMT - Mon, 27 Jan 2025 08:37:46 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-7DP7NV2LKF&gtm=45je4cc1v9175474265za200&_p=1734604548266&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1381439451.1734604549&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1734604548&sct=1&seg=0&dl=https%3A%2F%2Fdatanodes.to%2Fdownload&dt=Download&en=scroll&epn.percent_scrolled=90&tfd=5991 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://datanodes.to/
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/3 204 No Content
access-control-allow-origin: https://datanodes.to
date: Thu, 19 Dec 2024 10:35:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=o759j2wudeqe

142.250.74.164

200 OK

47 kB

URL GET HTTP/3
www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=o759j2wudeqe
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://datanodes.to/download
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint08:EB:C7:D6:BA:86:9E:85:23:FF:C8:A2:9C:EE:A5:DE:3E:65:74:7A
ValidityMon, 04 Nov 2024 08:37:47 GMT - Mon, 27 Jan 2025 08:37:46 GMT

File type
HTML document, ASCII text, with very long lines (38152)
Size
47 kB (47071 bytes)
Hash
9cc8692550c659dd25e2705fedfe9a52
16c07faf079eec74f63b160edbcd86f085a678e4
92657b81f2568437c37bff61750ce9c478cc171a617f90362bc94171072f506d

HTTP Headers

GET /recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=o759j2wudeqe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}, {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 19 Dec 2024 10:35:49 GMT
content-security-policy: script-src 'nonce-zYMFJ5EE7s3oiQzHsP5WRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

datanodes.to/theme_2023/dist/assets/app-afc25dff.js

172.67.69.166

200 OK

178 kB

URL GET HTTP/2
datanodes.to/theme_2023/dist/assets/app-afc25dff.js
IP
172.67.69.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://datanodes.to/download
Certificate
IssuerGoogle Trust Services
Subjectdatanodes.to
Fingerprint6A:4F:30:87:2D:80:B6:38:58:6A:31:14:AD:8F:57:08:6C:FB:4C:AD
ValidityFri, 13 Dec 2024 03:07:42 GMT - Thu, 13 Mar 2025 04:07:38 GMT

File type
JavaScript source, ASCII text, with very long lines (37379)
Size
178 kB (177925 bytes)
Hash
c0d07effe2af02c10e7bf4de80eeef4b
47e82a065e01cbec19e4dd44495e517e25fb31fa
3f6b382b99fa71fbf418a32d4580b4d8a52139183ffea41afec7039f5cc61da9

HTTP Headers

GET /theme_2023/dist/assets/app-afc25dff.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: file_name=FATAL.FRAME.MOBW-C9ZA.zip; file_code=gj89ja53kwei; lang=english
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 19 Dec 2024 10:35:48 GMT
content-type: application/javascript
last-modified: Wed, 17 Jul 2024 10:45:34 GMT
etag: W/"6697a0ce-2b705"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XKuirtx6SnSYOZkLVOY1gMN4ANlFGjJJYYbYL0rwDFd5iyRnhlKqiSZLs6guPhtRytht%2FXnyJ6CVTEjCZZCIa5AKX%2Fp%2FJpQalnnbmJgedeF%2BWaO%2FVVK5VvU2cCw9vw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f46bf790c1bb515-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=905&min_rtt=474&rtt_var=187&sent=52&recv=42&lost=0&retrans=0&sent_bytes=42630&recv_bytes=1779&delivery_rate=40813725&cwnd=257&unsent_bytes=0&cid=470b8d8eebf50a8f&ts=849&x=0"
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by