| datanodes.to/1cdlarnvbyin/HENPRI-SteamGG.NET.zip |  104.26.14.76 | 302 Found | 82 kB |
URL User Request GET datanodes.to/1cdlarnvbyin/HENPRI-SteamGG.NET.zip IP104.26.14.76:443
CertificateIssuerGoogle Trust Services Subjectdatanodes.to FingerprintD9:3F:9B:36:AD:60:B2:6A:04:7D:E2:B7:FD:25:79:C2:CC:03:AE:81 ValidityMon, 10 Feb 2025 03:57:57 GMT - Sun, 11 May 2025 04:57:50 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1cdlarnvbyin/HENPRI-SteamGG.NET.zip HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 11 Mar 2025 14:23:49 GMT
location: https://datanodes.to/download
cf-cache-status: BYPASS
set-cookie: file_name=HENPRI-SteamGG.NET.zip; domain=.datanodes.to; path=/; expires=Tue, 11-Mar-2025 15:23:49 GMT
lang=english; domain=.datanodes.to; path=/
file_code=1cdlarnvbyin; domain=.datanodes.to; path=/; expires=Tue, 11-Mar-2025 15:23:49 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cbxhf8%2Bs62Xq17Jzaj6JmbjVWzgiJIGxxHaLJhJFkLyob4qqMRigDD6PvguJD9bj9Syqu0MXK0KShUrde9MOt2htw6mhHifUbh1jui%2BoWu5KfEY70O6VPznNnlrOzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91ebb6403caa56ab-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=64510&min_rtt=58969&rtt_var=20205&sent=8&recv=10&lost=0&retrans=0&sent_bytes=3275&recv_bytes=1274&delivery_rate=62885&cwnd=254&unsent_bytes=0&cid=e0e4cc9e0ac072ee&ts=198&x=0"
X-Firefox-Spdy: h2
|
|
| datanodes.to/theme_2023/dist/assets/_plugin-vue_export-helper-c27b6911.js | 104.26.14.76 | 200 OK | 91 B |
URL GET datanodes.to/theme_2023/dist/assets/_plugin-vue_export-helper-c27b6911.js IP104.26.14.76:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectdatanodes.to FingerprintD9:3F:9B:36:AD:60:B2:6A:04:7D:E2:B7:FD:25:79:C2:CC:03:AE:81 ValidityMon, 10 Feb 2025 03:57:57 GMT - Sun, 11 May 2025 04:57:50 GMT
File typeASCII text, with no line terminators Hash45eeffa41efe748ab4232b212a4829ef 5acfb0bd66dde75e532234d76f92a904e512d5f0 f9283800c2d9ca1dc2d4db040a4e53927149d0caedc21857059dd1628d5417b7
GET /theme_2023/dist/assets/_plugin-vue_export-helper-c27b6911.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/theme_2023/dist/assets/VirusScan-e53a5e80.js
Cookie: file_name=HENPRI-SteamGG.NET.zip; lang=english; file_code=1cdlarnvbyin; affiliate=zur6Hiy8G%2BwJ2fSUcUnMpzKwockJi9uGgv36kU5lh1TfBsox3p5GoBg3ZUih6Kuo3yrkTYZeixYQS007nOSjzyw2qsUXOcxXNfQ%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 11 Mar 2025 14:23:51 GMT
content-type: application/javascript
last-modified: Sun, 09 Feb 2025 16:17:00 GMT
etag: W/"67a8d4fc-5b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2605
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2FSJjpEy0Hm5%2Bg0YRA7m3TTav9A5Y2xnRPStaJ3tj%2FPrEvrjtOqG5ag%2B86yJSKEWwXSJ%2BEhP46%2FMVWW8eCRnZADCUHbfeJvXzERlabTydPvE7OUvST%2FfH8XKEK%2FaBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91ebb64cac8856ab-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=60275&min_rtt=58684&rtt_var=1318&sent=191&recv=76&lost=0&retrans=8&sent_bytes=185451&recv_bytes=3032&delivery_rate=1685827&cwnd=262&unsent_bytes=0&cid=e0e4cc9e0ac072ee&ts=2105&x=0"
X-Firefox-Spdy: h2
|
|
| datanodes.to/theme_2023/dist/assets/open-closed-f13f7375.js | 104.26.14.76 | 200 OK | 3.5 kB |
URL GET datanodes.to/theme_2023/dist/assets/open-closed-f13f7375.js IP104.26.14.76:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectdatanodes.to FingerprintD9:3F:9B:36:AD:60:B2:6A:04:7D:E2:B7:FD:25:79:C2:CC:03:AE:81 ValidityMon, 10 Feb 2025 03:57:57 GMT - Sun, 11 May 2025 04:57:50 GMT
File typeJavaScript source, ASCII text, with very long lines (3595), with no line terminators Hash3ea1e1c98c032731766e57e74e10d366 f9075bbaa2aba6c29bc24fcb8181fb7d6d777784 5b85003f57bd4e3cde19be8f32f1513b3b982bd20e5f20bf7a024789b2be31ca
GET /theme_2023/dist/assets/open-closed-f13f7375.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/theme_2023/dist/assets/FileActions-fa6032ae.js
Cookie: file_name=HENPRI-SteamGG.NET.zip; lang=english; file_code=1cdlarnvbyin; affiliate=zur6Hiy8G%2BwJ2fSUcUnMpzKwockJi9uGgv36kU5lh1TfBsox3p5GoBg3ZUih6Kuo3yrkTYZeixYQS007nOSjzyw2qsUXOcxXNfQ%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 11 Mar 2025 14:23:51 GMT
content-type: application/javascript
last-modified: Sun, 09 Feb 2025 16:17:00 GMT
etag: W/"67a8d4fc-d9f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2605
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BXkUZOv1YrKHAp3XphuoH1YNQUZqTV%2F4qU0evO%2FQ3CzDSbaUnZh8u3Eqh2x0BZR7Jn8f%2BDfLq1b89ybZ7qGR0C3yMQi9Ujw33tAFepvtRYw%2BNljznKTrvyZLnQ2%2FDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91ebb64dbdb856ab-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=58855&min_rtt=58304&rtt_var=181&sent=246&recv=100&lost=0&retrans=8&sent_bytes=238773&recv_bytes=3654&delivery_rate=1685827&cwnd=262&unsent_bytes=0&cid=e0e4cc9e0ac072ee&ts=2266&x=0"
X-Firefox-Spdy: h2
|
|
| datanodes.to/theme_2023/dist/assets/Tooltip-298cb247.js | 104.26.14.76 | 200 OK | 17 kB |
URL GET datanodes.to/theme_2023/dist/assets/Tooltip-298cb247.js IP104.26.14.76:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectdatanodes.to FingerprintD9:3F:9B:36:AD:60:B2:6A:04:7D:E2:B7:FD:25:79:C2:CC:03:AE:81 ValidityMon, 10 Feb 2025 03:57:57 GMT - Sun, 11 May 2025 04:57:50 GMT
File typeJavaScript source, ASCII text, with very long lines (16550) Hashe9abb5c958cc124ca4108f522fececdb cb0430b6ad9229cf2179a201e15360e496f24491 8125fdfeff86def1e8543526af797cbb7eb4bd87a161da3f18968b3fd8a83e53
GET /theme_2023/dist/assets/Tooltip-298cb247.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/theme_2023/dist/assets/FileActions-fa6032ae.js
Cookie: file_name=HENPRI-SteamGG.NET.zip; lang=english; file_code=1cdlarnvbyin; affiliate=zur6Hiy8G%2BwJ2fSUcUnMpzKwockJi9uGgv36kU5lh1TfBsox3p5GoBg3ZUih6Kuo3yrkTYZeixYQS007nOSjzyw2qsUXOcxXNfQ%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 11 Mar 2025 14:23:51 GMT
content-type: application/javascript
last-modified: Sun, 09 Feb 2025 16:17:00 GMT
etag: W/"67a8d4fc-40a7"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2605
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GL5JF8qOT1VWL0Yxdy7NL%2B%2BlvmuPatfEwGKOJEhycqyV7SxDd7roJ03LsMR0Syu%2BqZy%2FIPZR1GTE43iC4Copx5p4UHbXMXOpi0Ncxe1M2reDhd1w2kiij2sgOz9gng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91ebb64dadb456ab-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=58855&min_rtt=58304&rtt_var=181&sent=238&recv=100&lost=0&retrans=8&sent_bytes=231329&recv_bytes=3654&delivery_rate=1685827&cwnd=262&unsent_bytes=0&cid=e0e4cc9e0ac072ee&ts=2262&x=0"
X-Firefox-Spdy: h2
|
|
| neyandfartooma.com/SGVQQnhnWjMxRR0zCnYbHCs5Gz19JxFwPiQxOwc5EjIaCyovMHY2ESxYYXNNcFNkcV44DDR/SW4WJCMMPRZtc14hCzYtRW4TbXNWe1F+cU5mUXY3RXlDJDIZL1hhZAg8ETx/SX9RYXVIe1VjcE59UQ | 172.67.195.86 | 204 No Content | 0 B |
URL GET neyandfartooma.com/SGVQQnhnWjMxRR0zCnYbHCs5Gz19JxFwPiQxOwc5EjIaCyovMHY2ESxYYXNNcFNkcV44DDR/SW4WJCMMPRZtc14hCzYtRW4TbXNWe1F+cU5mUXY3RXlDJDIZL1hhZAg8ETx/SX9RYXVIe1VjcE59UQ IP172.67.195.86:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectneyandfartooma.com Fingerprint27:F9:BA:43:8E:E9:4B:0C:38:9E:7A:48:C3:E3:C1:AA:F2:C2:09:CF ValidityMon, 17 Feb 2025 14:43:40 GMT - Sun, 18 May 2025 15:42:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /SGVQQnhnWjMxRR0zCnYbHCs5Gz19JxFwPiQxOwc5EjIaCyovMHY2ESxYYXNNcFNkcV44DDR/SW4WJCMMPRZtc14hCzYtRW4TbXNWe1F+cU5mUXY3RXlDJDIZL1hhZAg8ETx/SX9RYXVIe1VjcE59UQ HTTP/1.1
Host: neyandfartooma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Tue, 11 Mar 2025 14:23:53 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91ebb653defa0afe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| elyandbegantoti.com/TTRoV1IsVgs6bSwJCnEnP1hVcmALEVoRNn9RGWMqeUFaJmErQwt5MSFbHTM0P1sGI3wjURxyYAtVCj01OlcvOBwbBVwABB9EOgEXfFYwIGIEZgRuCAVfKRQWOlMuARAIUSxmCCtyKW82C185MQYMZiQPKnlVPWQqGX1ZMDYcYT1yYAt9BGJjHGAbEgolAS0UNXhgKxULLncfFTQJYjEHEwtHJgYHOmQwERgDbAM/Hxx2UBUHfHY/FTV1dj8CEwx8HxY3H2YuDxN8UCMQAxR3PwUEDnguJAUMcj4OCiV2IBADHH8+ZzEJYFkgGxVTOgcKDFMqBhcfUSAGfwBNPGYlBGYQPBcadR8BAzRcJBQ1DH0wET0pdRIdAhV1ABQQJg0MMgMLcDA8EwRzPgELFVhRARc6cSofAwQGPxFmB3UtFTAVUwMBAyFbIQIHBGIsFhQMcj0eIRVDGxIKIUQhAwN8dk49ISJaGGoWLmdaJCs4eyBnHzx/Bmc |  3.164.240.69 | 200 OK | 3.1 kB |
URL GET elyandbegantoti.com/TTRoV1IsVgs6bSwJCnEnP1hVcmALEVoRNn9RGWMqeUFaJmErQwt5MSFbHTM0P1sGI3wjURxyYAtVCj01OlcvOBwbBVwABB9EOgEXfFYwIGIEZgRuCAVfKRQWOlMuARAIUSxmCCtyKW82C185MQYMZiQPKnlVPWQqGX1ZMDYcYT1yYAt9BGJjHGAbEgolAS0UNXhgKxULLncfFTQJYjEHEwtHJgYHOmQwERgDbAM/Hxx2UBUHfHY/FTV1dj8CEwx8HxY3H2YuDxN8UCMQAxR3PwUEDnguJAUMcj4OCiV2IBADHH8+ZzEJYFkgGxVTOgcKDFMqBhcfUSAGfwBNPGYlBGYQPBcadR8BAzRcJBQ1DH0wET0pdRIdAhV1ABQQJg0MMgMLcDA8EwRzPgELFVhRARc6cSofAwQGPxFmB3UtFTAVUwMBAyFbIQIHBGIsFhQMcj0eIRVDGxIKIUQhAwN8dk49ISJaGGoWLmdaJCs4eyBnHzx/Bmc IP3.164.240.69:443
Requested byhttps://datanodes.to/download CertificateIssuerAmazon Subjectelyandbegantoti.com Fingerprint5D:0B:B9:67:3A:DF:54:6D:93:0F:E7:7A:03:C1:3A:4D:95:EE:29:2C ValiditySun, 09 Mar 2025 00:00:00 GMT - Tue, 07 Apr 2026 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (3100), with no line terminators Hash4d9f2a2decc002bdd22336431c7cdd8a 642945e30502cc6e40ec23dc65ebc3fc7568d239 0a3decbd5ade48ce4cff7ebe116c6a8f682b0d2365fb391eee29fdaeba4f3287
GET /TTRoV1IsVgs6bSwJCnEnP1hVcmALEVoRNn9RGWMqeUFaJmErQwt5MSFbHTM0P1sGI3wjURxyYAtVCj01OlcvOBwbBVwABB9EOgEXfFYwIGIEZgRuCAVfKRQWOlMuARAIUSxmCCtyKW82C185MQYMZiQPKnlVPWQqGX1ZMDYcYT1yYAt9BGJjHGAbEgolAS0UNXhgKxULLncfFTQJYjEHEwtHJgYHOmQwERgDbAM/Hxx2UBUHfHY/FTV1dj8CEwx8HxY3H2YuDxN8UCMQAxR3PwUEDnguJAUMcj4OCiV2IBADHH8+ZzEJYFkgGxVTOgcKDFMqBhcfUSAGfwBNPGYlBGYQPBcadR8BAzRcJBQ1DH0wET0pdRIdAhV1ABQQJg0MMgMLcDA8EwRzPgELFVhRARc6cSofAwQGPxFmB3UtFTAVUwMBAyFbIQIHBGIsFhQMcj0eIRVDGxIKIUQhAwN8dk49ISJaGGoWLmdaJCs4eyBnHzx/Bmc HTTP/1.1
Host: elyandbegantoti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1216
date: Tue, 11 Mar 2025 14:23:53 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
set-cookie: AWSALB=owFpI25MNsbFjfko3VQ6DWGRq1ZrgYml5jpkDnqcBBW1hj8LAjYAuQ/4307p+yUoJhKwFDOncNQwSuk9taKUN1tlKKxCDGibANGCBdMuOz3tCJzVbSEgWKQyPCMh; Expires=Tue, 18 Mar 2025 14:23:53 GMT; Path=/
AWSALBCORS=owFpI25MNsbFjfko3VQ6DWGRq1ZrgYml5jpkDnqcBBW1hj8LAjYAuQ/4307p+yUoJhKwFDOncNQwSuk9taKUN1tlKKxCDGibANGCBdMuOz3tCJzVbSEgWKQyPCMh; Expires=Tue, 18 Mar 2025 14:23:53 GMT; Path=/; SameSite=None
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0ca3a24436a7d86916b35130b21285a8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: B82m45VcqkMqCYbajj0qNVnK1LO__I2yRcCPp9TKdhiI-O9P3lkIfA==
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/J79K9xgfxwT6Syzx-UyWdD89/styles__ltr.css | 216.58.211.3 | 200 OK | 79 kB |
URL GET www.gstatic.com/recaptcha/releases/J79K9xgfxwT6Syzx-UyWdD89/styles__ltr.css IP216.58.211.3:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=J79K9xgfxwT6Syzx-UyWdD89&size=invisible&cb=aga6sdsov8or CertificateIssuerGoogle Trust Services Subject*.gstatic.com FingerprintA4:5F:89:8D:68:B4:5F:99:BE:F5:66:6F:C1:5E:A5:8C:72:BF:1E:D5 ValidityWed, 26 Feb 2025 15:33:59 GMT - Wed, 21 May 2025 15:33:58 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash6af145664eb7177b2280dffa8492731c 1e95f2f04e7b6335081e7cdbdcc48a4654a44ed3 0767863bfde47d05640ad76bd3a33aa5cd7dfba5391e1d80347f7ec41563e404
GET /recaptcha/releases/J79K9xgfxwT6Syzx-UyWdD89/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
timing-allow-origin: *
content-length: 42056
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 11 Mar 2025 08:58:40 GMT
expires: Wed, 11 Mar 2026 08:58:40 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 10 Mar 2025 16:03:14 GMT
content-type: text/css
vary: Accept-Encoding
age: 19513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/J79K9xgfxwT6Syzx-UyWdD89/recaptcha__en.js | 216.58.211.3 | 200 OK | 559 kB |
URL GET www.gstatic.com/recaptcha/releases/J79K9xgfxwT6Syzx-UyWdD89/recaptcha__en.js IP216.58.211.3:443
Requested byhttps://www.google.com/recaptcha/api2/webworker.js?hl=en&v=J79K9xgfxwT6Syzx-UyWdD89 CertificateIssuerGoogle Trust Services Subject*.gstatic.com FingerprintA4:5F:89:8D:68:B4:5F:99:BE:F5:66:6F:C1:5E:A5:8C:72:BF:1E:D5 ValidityWed, 26 Feb 2025 15:33:59 GMT - Wed, 21 May 2025 15:33:58 GMT
Size559 kB (558604 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /recaptcha/releases/J79K9xgfxwT6Syzx-UyWdD89/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
timing-allow-origin: *
content-length: 220830
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 11 Mar 2025 08:58:41 GMT
expires: Wed, 11 Mar 2026 08:58:41 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 10 Mar 2025 16:03:14 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 19513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api2/clr?k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs | 216.58.207.228 | 200 OK | 0 B |
URL POST www.google.com/recaptcha/api2/clr?k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs IP216.58.207.228:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectwww.google.com Fingerprint53:F5:E3:47:F6:DC:80:83:14:A1:CE:39:7B:A1:98:61:74:03:86:E2 ValidityMon, 06 Jan 2025 08:37:56 GMT - Mon, 31 Mar 2025 08:37:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /recaptcha/api2/clr?k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://datanodes.to/
Content-Length: 1810
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/binary
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
cross-origin-resource-policy: cross-origin
date: Tue, 11 Mar 2025 14:23:55 GMT
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| datanodes.to/theme_2023/dist/assets/LoadingIcon-59fcef50.js | 104.26.14.76 | 200 OK | 667 B |
URL GET datanodes.to/theme_2023/dist/assets/LoadingIcon-59fcef50.js IP104.26.14.76:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectdatanodes.to FingerprintD9:3F:9B:36:AD:60:B2:6A:04:7D:E2:B7:FD:25:79:C2:CC:03:AE:81 ValidityMon, 10 Feb 2025 03:57:57 GMT - Sun, 11 May 2025 04:57:50 GMT
File typeASCII text, with very long lines (714), with no line terminators Hashb90614bc98aeca91e691d23e37c171b4 a39e57e9fea9962559b1103391f11a32ee4c2a86 d2cfe4f893fa1316bbef6ff68a069038eae5dd0cffcd5f337f01d647d5db1fcc
GET /theme_2023/dist/assets/LoadingIcon-59fcef50.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/theme_2023/dist/assets/VirusScan-e53a5e80.js
Cookie: file_name=HENPRI-SteamGG.NET.zip; lang=english; file_code=1cdlarnvbyin; affiliate=zur6Hiy8G%2BwJ2fSUcUnMpzKwockJi9uGgv36kU5lh1TfBsox3p5GoBg3ZUih6Kuo3yrkTYZeixYQS007nOSjzyw2qsUXOcxXNfQ%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 11 Mar 2025 14:23:51 GMT
content-type: application/javascript
last-modified: Sun, 09 Feb 2025 16:17:00 GMT
etag: W/"67a8d4fc-29b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2605
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bgUOhl6skdz3wIeToF%2Bm3OyDBZSh%2FF95FCN4jt710yhKZF5KThTrZM3xZ3Cf35I%2FmT8k3SOSfmlZCN8QOpQtKnaBshxGxqhmAjJp%2FKYTsQMMNeINhyw5Idg5tcvnNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91ebb64cac8356ab-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=60275&min_rtt=58684&rtt_var=1318&sent=182&recv=76&lost=0&retrans=8&sent_bytes=181667&recv_bytes=3032&delivery_rate=1685827&cwnd=262&unsent_bytes=0&cid=e0e4cc9e0ac072ee&ts=2098&x=0"
X-Firefox-Spdy: h2
|
|
| datanodes.to/cdn-cgi/challenge-platform/h/g/scripts/jsd/f3b948d8acb8/main.js? | 104.26.14.76 | 200 OK | 8.6 kB |
URL GET datanodes.to/cdn-cgi/challenge-platform/h/g/scripts/jsd/f3b948d8acb8/main.js? IP104.26.14.76:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectdatanodes.to FingerprintD9:3F:9B:36:AD:60:B2:6A:04:7D:E2:B7:FD:25:79:C2:CC:03:AE:81 ValidityMon, 10 Feb 2025 03:57:57 GMT - Sun, 11 May 2025 04:57:50 GMT
File typeJavaScript source, ASCII text, with very long lines (8580), with no line terminators Hash6856b9d05e73394d5a7688e27bcbc679 a83870544a87f3eb57803dce6efcb3ec96015ba4 49eb2a857efaded2ec3a54d173ed02266fbb3101d079f89732e8f9fb052ade29
GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/f3b948d8acb8/main.js? HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: file_name=HENPRI-SteamGG.NET.zip; lang=english; file_code=1cdlarnvbyin; affiliate=zur6Hiy8G%2BwJ2fSUcUnMpzKwockJi9uGgv36kU5lh1TfBsox3p5GoBg3ZUih6Kuo3yrkTYZeixYQS007nOSjzyw2qsUXOcxXNfQ%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 11 Mar 2025 14:23:51 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LTlLvHFjugXV0xMqERGw4%2BUWL064n7%2BAff693YtzsqRKYirb91zpWIXiEOCNLjsa6V1JRRBipM0aIdg5YLYOkSr4CiHm%2FAuSmEaDZxN6O%2FS6MZlDw0BzHPZ7UCLQrw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91ebb64d8d7f56ab-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=58855&min_rtt=58304&rtt_var=181&sent=217&recv=96&lost=0&retrans=8&sent_bytes=214609&recv_bytes=3159&delivery_rate=1685827&cwnd=262&unsent_bytes=0&cid=e0e4cc9e0ac072ee&ts=2240&x=0"
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700;800;900&display=swap | 142.250.74.74 | 200 OK | 5.9 kB |
URL GET fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700;800;900&display=swap IP142.250.74.74:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectupload.video.google.com FingerprintF1:11:17:AF:9C:89:34:EE:D5:CB:84:40:84:EA:01:19:A9:F6:ED:C2 ValidityWed, 26 Feb 2025 15:33:59 GMT - Wed, 21 May 2025 15:33:58 GMT
File typeASCII text, with very long lines (6040), with no line terminators Hash92ce94ca50fec890cfe6d268de5f1144 0e3e7d60e754ad04897b3a77587cbd6743dd0c55 441f7117ae375b9c180bc1e49590c0fc489ebfa13b21c3a1c8e8c77862c9b42b
GET /css2?family=Poppins:wght@300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 11 Mar 2025 14:23:51 GMT
date: Tue, 11 Mar 2025 14:23:51 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| datanodes.to/theme_2023/src/assets/images/virus-scan.png | 104.26.14.76 | 200 OK | 34 kB |
URL GET datanodes.to/theme_2023/src/assets/images/virus-scan.png IP104.26.14.76:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectdatanodes.to FingerprintD9:3F:9B:36:AD:60:B2:6A:04:7D:E2:B7:FD:25:79:C2:CC:03:AE:81 ValidityMon, 10 Feb 2025 03:57:57 GMT - Sun, 11 May 2025 04:57:50 GMT
File typePNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced Hashed8693e5b49bbfec66898fd26b979317 0fe86ee5614e13c3c93672a4d57ef69555f3e701 5b6ef28011995150a50e6e59ca8728a5f0f92c7dfe27f08433e398a7fc177a9d
GET /theme_2023/src/assets/images/virus-scan.png HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: file_name=HENPRI-SteamGG.NET.zip; lang=english; file_code=1cdlarnvbyin; affiliate=zur6Hiy8G%2BwJ2fSUcUnMpzKwockJi9uGgv36kU5lh1TfBsox3p5GoBg3ZUih6Kuo3yrkTYZeixYQS007nOSjzyw2qsUXOcxXNfQ%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 11 Mar 2025 14:23:50 GMT
content-type: image/png
content-length: 33827
last-modified: Wed, 31 Jan 2024 09:41:40 GMT
etag: "65ba15d4-8423"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2978
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1FnTCXPcdB%2Faxc77e7P0h%2BnTNl7roqCmorYUkrto66POHduPB67ycZiOsVDgrafwkrFVqbEqjBMKGG24LfPm%2FOLy5kyIXK03GRfTo6%2BXkPQEHYx15xCn4UwFVtYZfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91ebb6468c9256ab-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=71710&min_rtt=58969&rtt_var=16324&sent=83&recv=33&lost=0&retrans=8&sent_bytes=72647&recv_bytes=2025&delivery_rate=60123&cwnd=256&unsent_bytes=0&cid=e0e4cc9e0ac072ee&ts=1116&x=0"
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=J79K9xgfxwT6Syzx-UyWdD89&size=invisible&cb=aga6sdsov8or | 216.58.207.228 | 200 OK | 72 kB |
URL GET www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=J79K9xgfxwT6Syzx-UyWdD89&size=invisible&cb=aga6sdsov8or IP216.58.207.228:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectwww.google.com Fingerprint53:F5:E3:47:F6:DC:80:83:14:A1:CE:39:7B:A1:98:61:74:03:86:E2 ValidityMon, 06 Jan 2025 08:37:56 GMT - Mon, 31 Mar 2025 08:37:55 GMT
File typeHTML document, ASCII text, with very long lines (56411) Hash34741695c97438a8073531786c5d2e21 c19d4dc8f4c399da799f0eb1519c5f3781418b05 da1b8eb6073e4bcfe3a06a100b883c9bc5fe14a56563037c7f8ecf3755804d2d
GET /recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=J79K9xgfxwT6Syzx-UyWdD89&size=invisible&cb=aga6sdsov8or HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}, {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 11 Mar 2025 14:23:52 GMT
content-security-policy: script-src 'nonce-bDrq3O1_SrWx13zXYnys8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| scarcerpokomoo.com/1clkn/31269 |  23.109.170.202 | 200 OK | 27 kB |
URL GET scarcerpokomoo.com/1clkn/31269 IP23.109.170.202:443
Requested byhttps://datanodes.to/download CertificateIssuerLet's Encrypt Subjectscarcerpokomoo.com FingerprintF4:48:08:E7:F1:2E:D8:13:D9:09:23:3A:5E:9D:B7:B6:9E:2F:3A:A1 ValidityWed, 29 Jan 2025 22:58:28 GMT - Tue, 29 Apr 2025 22:58:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /1clkn/31269 HTTP/1.1
Host: scarcerpokomoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 11 Mar 2025 14:23:51 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2B2dUFnYQDeASKlPDqi1fwkRT6B%2BtCuykV9PYSE32bTH6T8TwvKB7gb8kZ4afgeGKsbdqaV21ZD62o%2Br5tGl72vC1ZxceR46zWzol%2BJhfhtC7Cus5tES4TabJq6AYjKcPjof6aqza7jhD3VmiZIV4OMWdIe2v2lWwRItJiIaSvytJovg4hPoxFyJ7rIyt9ZL9EYNYizO%2BQviktj2V%2BQcDKPE883N9m4UZjl07JxEc8WSEJ%2FgtOg3A0GfuNVNJ6deYGmFl2%2F%2F73ONxZiUTSpgZCbNw72R%2B3Z03l; expires=Wed, 12-Mar-2025 14:23:51 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyEEKwjAQRuGZoQSKQvmxB%2BgJtEEQXdelJAtP0NYihZKUJCre3rj4Fu8RkdRbyLyi0u1lr0%2BZPmca%2FIQYCxkdlPHh03%2FBAdIeIcFhY%2BPim86%2FXMp%2FRPFv8IzSDj42ZkoJ4iLKrh%2BW6XC938CrIkjyiiHxURP4rXY%2F6E0cMQ%3D%3D; expires=Wed, 12-Mar-2025 14:23:51 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| datanodes.to/images/logo.png?v=1 | 104.26.14.76 | 200 OK | 15 kB |
URL GET datanodes.to/images/logo.png?v=1 IP104.26.14.76:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectdatanodes.to FingerprintD9:3F:9B:36:AD:60:B2:6A:04:7D:E2:B7:FD:25:79:C2:CC:03:AE:81 ValidityMon, 10 Feb 2025 03:57:57 GMT - Sun, 11 May 2025 04:57:50 GMT
File typePNG image data, 364 x 230, 8-bit/color RGBA, non-interlaced Hashc9338a5cbd74ee24aee2175a5ac9cfac eb519e37c50d2dd8908d80a2dd203879f2a430c9 e73da34c3963cd34608bc4016fd1060cf58de21ef14321a153ec45bc004ff56e
GET /images/logo.png?v=1 HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: file_name=HENPRI-SteamGG.NET.zip; lang=english; file_code=1cdlarnvbyin; affiliate=zur6Hiy8G%2BwJ2fSUcUnMpzKwockJi9uGgv36kU5lh1TfBsox3p5GoBg3ZUih6Kuo3yrkTYZeixYQS007nOSjzyw2qsUXOcxXNfQ%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 11 Mar 2025 14:23:50 GMT
content-type: image/png
content-length: 15350
last-modified: Tue, 16 Jan 2024 14:16:42 GMT
etag: "65a68fca-3bf6"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2978
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u93KoILlx9OyVJxnSNfWN7N%2FPKpRK5lPh3b6o%2FtK%2B5bpHXJnvg8CNcC0VC51OJJfux4wSHsaaLkHg2i1gqahzmHRNaDqekP79EhMdXyR1rRQUe11gYfGhzqbKTQuDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91ebb6467c8e56ab-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=71710&min_rtt=58969&rtt_var=16324&sent=68&recv=33&lost=0&retrans=8&sent_bytes=56681&recv_bytes=2025&delivery_rate=60123&cwnd=256&unsent_bytes=0&cid=e0e4cc9e0ac072ee&ts=1112&x=0"
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api.js?render=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs | 216.58.207.228 | 200 OK | 945 B |
URL GET www.google.com/recaptcha/api.js?render=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs IP216.58.207.228:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectwww.google.com Fingerprint53:F5:E3:47:F6:DC:80:83:14:A1:CE:39:7B:A1:98:61:74:03:86:E2 ValidityMon, 06 Jan 2025 08:37:56 GMT - Mon, 31 Mar 2025 08:37:55 GMT
File typeJavaScript source, ASCII text, with very long lines (945), with no line terminators Hashed324b688fdf57a7511c57e090e3656e 5524d665051893385bb58855dfcab7682d0ce1cc 68ed3665bf3b044fa49466cd62c3156214af66ee59b53d14d5c9539191a06393
GET /recaptcha/api.js?render=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Tue, 11 Mar 2025 14:23:51 GMT
date: Tue, 11 Mar 2025 14:23:51 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| datanodes.to/cdn-cgi/challenge-platform/scripts/jsd/main.js | 104.26.14.76 | 302 Found | 8.6 kB |
URL GET datanodes.to/cdn-cgi/challenge-platform/scripts/jsd/main.js IP104.26.14.76:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectdatanodes.to FingerprintD9:3F:9B:36:AD:60:B2:6A:04:7D:E2:B7:FD:25:79:C2:CC:03:AE:81 ValidityMon, 10 Feb 2025 03:57:57 GMT - Sun, 11 May 2025 04:57:50 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: file_name=HENPRI-SteamGG.NET.zip; lang=english; file_code=1cdlarnvbyin; affiliate=zur6Hiy8G%2BwJ2fSUcUnMpzKwockJi9uGgv36kU5lh1TfBsox3p5GoBg3ZUih6Kuo3yrkTYZeixYQS007nOSjzyw2qsUXOcxXNfQ%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 11 Mar 2025 14:23:51 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/f3b948d8acb8/main.js?
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=smrUFkvUE%2BXP9CM2ervoNdsUu6AVnMOuwwEvOqP2ui00W8oERKJ2ycBw53zEEfwiuhYvwDENskbomDmLxxK5Kqit4QuTCsFV4gs86w62pTxeVeSuFKYudtjt2%2FmurQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91ebb64c7c5456ab-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=60275&min_rtt=58684&rtt_var=1318&sent=180&recv=71&lost=0&retrans=8&sent_bytes=181140&recv_bytes=2406&delivery_rate=1685827&cwnd=262&unsent_bytes=0&cid=e0e4cc9e0ac072ee&ts=2062&x=0"
X-Firefox-Spdy: h2
|
|
| datanodes.to/theme_2023/dist/assets/index-dd92db6d.js | 104.26.14.76 | 200 OK | 6.4 kB |
URL GET datanodes.to/theme_2023/dist/assets/index-dd92db6d.js IP104.26.14.76:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectdatanodes.to FingerprintD9:3F:9B:36:AD:60:B2:6A:04:7D:E2:B7:FD:25:79:C2:CC:03:AE:81 ValidityMon, 10 Feb 2025 03:57:57 GMT - Sun, 11 May 2025 04:57:50 GMT
File typeASCII text, with very long lines (6800), with no line terminators Hashb6c2b858946a0197c1f2e7a5e18c2378 92094e2c5eac137efeb75d1f1e979587d89a7f84 cfe2a5d81530356e55e4f034baec1ccaa1ce862e0e8268e4c9c78ae2bd7beda9
GET /theme_2023/dist/assets/index-dd92db6d.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/theme_2023/dist/assets/VirusScan-e53a5e80.js
Cookie: file_name=HENPRI-SteamGG.NET.zip; lang=english; file_code=1cdlarnvbyin; affiliate=zur6Hiy8G%2BwJ2fSUcUnMpzKwockJi9uGgv36kU5lh1TfBsox3p5GoBg3ZUih6Kuo3yrkTYZeixYQS007nOSjzyw2qsUXOcxXNfQ%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 11 Mar 2025 14:23:51 GMT
content-type: application/javascript
last-modified: Sun, 09 Feb 2025 16:17:00 GMT
etag: W/"67a8d4fc-18f9"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2605
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lkwcS81M%2FIG%2FQjtAsjcR0TPELBtq0Vv5gjWtqJypTnkHyOjkNbPiIcXvIG7pMwm1q%2Bxv8aCuGfvoF13Y30ipnoRMnxwhFmQFgPhOGlfhY%2FmNn%2B07egfJZCQYueRM%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91ebb64cac8656ab-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=60275&min_rtt=58684&rtt_var=1318&sent=187&recv=76&lost=0&retrans=8&sent_bytes=183505&recv_bytes=3032&delivery_rate=1685827&cwnd=262&unsent_bytes=0&cid=e0e4cc9e0ac072ee&ts=2105&x=0"
X-Firefox-Spdy: h2
|
|
| datanodes.to/cdn-cgi/challenge-platform/h/g/jsd/r/0.8646270595556241:1741702146:8eF5t4SyKuhQsTmOF4Ie_IHZ9oXC3hANeizC38oyhhg/91ebb6415e0f56ab | 104.26.14.76 | 200 OK | 0 B |
URL POST datanodes.to/cdn-cgi/challenge-platform/h/g/jsd/r/0.8646270595556241:1741702146:8eF5t4SyKuhQsTmOF4Ie_IHZ9oXC3hANeizC38oyhhg/91ebb6415e0f56ab IP104.26.14.76:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectdatanodes.to FingerprintD9:3F:9B:36:AD:60:B2:6A:04:7D:E2:B7:FD:25:79:C2:CC:03:AE:81 ValidityMon, 10 Feb 2025 03:57:57 GMT - Sun, 11 May 2025 04:57:50 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/challenge-platform/h/g/jsd/r/0.8646270595556241:1741702146:8eF5t4SyKuhQsTmOF4Ie_IHZ9oXC3hANeizC38oyhhg/91ebb6415e0f56ab HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 12068
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: file_name=HENPRI-SteamGG.NET.zip; lang=english; file_code=1cdlarnvbyin; affiliate=zur6Hiy8G%2BwJ2fSUcUnMpzKwockJi9uGgv36kU5lh1TfBsox3p5GoBg3ZUih6Kuo3yrkTYZeixYQS007nOSjzyw2qsUXOcxXNfQ%3D; _ga_7DP7NV2LKF=GS1.1.1741703031.1.0.1741703031.60.0.0; _ga=GA1.1.471354628.1741703032
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 11 Mar 2025 14:23:52 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=; Path=/; Expires=Thu, 01-Jan-70 00:00:00 GMT; Domain=datanodes.to; HttpOnly; Secure; SameSite=None
cf_clearance=ltzK63i3j0HXgIXdlrswPDwPac2o5xUe0bx76T3ekGo-1741703032-1.2.1.1-Lfwu9rYPlOTPbHJZw9ZHXuWKUTYkmm5R_WPXtjsvws9JicuRuDuM7iRKkbmsgeD4W9fs6.m9iqh5ZmvuA_KGUk8JSimmoiy4kSsafwFMOwaSJzCorkR_CBTGU38YFK7hxzdTqAIYhKpNn3q7EP6835XRRNay2jzLLJwnbLzJ53hbCGyT3OeUKRF1H.ik33FtD5nv1y1Rbvs_rtXCUCHpfEtRxGD85waYTapNfwiaeEDYfJMqe8XpnOTJZe54m64uBY_n.nKnfFD3D2iMqI3XZNj0ZE0kSJc6HQX.57oEuWCQQiJE9u2m5lHZ_837r0W8cIAt_M9BaumkShrngT_IcifoS22RDSx_gOXTyPggkCI; Path=/; Expires=Wed, 11-Mar-26 14:23:52 GMT; Domain=datanodes.to; HttpOnly; Secure; SameSite=None; Partitioned
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8E7bLvyVcg9LyerevpcEaz9BOQxtsf8qY%2BOTJ6BsHO0WNFG2aXhYKYhk%2Fg9nXYWpqy4h4pErRvVMlOsMo5UwlIfTlY46csDRR1cpZktJTEk%2F8KpPWzNlwRwBvYKhCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 91ebb64f981d56ab-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=58818&min_rtt=58113&rtt_var=231&sent=261&recv=138&lost=0&retrans=8&sent_bytes=244187&recv_bytes=16173&delivery_rate=1685827&cwnd=262&unsent_bytes=0&cid=e0e4cc9e0ac072ee&ts=2612&x=0"
X-Firefox-Spdy: h2
|
|
| ukankingwithea.com/ | 104.21.96.1 | 200 OK | 24 B |
IP104.21.96.1:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectukankingwithea.com Fingerprint02:7E:37:44:90:B9:05:B4:82:CD:5A:71:84:A1:C8:84:66:33:BC:78 ValiditySat, 01 Mar 2025 13:28:14 GMT - Fri, 30 May 2025 14:26:54 GMT
File typeASCII text, with no line terminators Hash804a1d46fa17269f8e8210ede1298e82 398805e0c3741f1b5d579eb72dfc1e1d271ab130 015d3e1558952cd59151f964a02d0f36eb4241f96f18e8f8550105627065896e
GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://datanodes.to/
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 11 Mar 2025 14:23:53 GMT
content-type: text/plain
set-cookie: csu=9277586078691@1@1741703033; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://datanodes.to
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ffVPtbbvaZm6AYSRy1K5S7gWTnNzhN2nMgJ2TPxaCkyMwnnb1y%2B%2BkayTEu9LJq25hWp8TmoG0TU4xn8PFKSZlPf6Cn5yqQHxxHJZ5j3cO9TnwkdBAVFx2%2BaepQSFUcIHf9hDIoI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 91ebb653fc04569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=63602&min_rtt=57805&rtt_var=8375&sent=94&recv=16&lost=0&retrans=0&sent_bytes=107742&recv_bytes=1284&delivery_rate=1170631&cwnd=255&unsent_bytes=0&cid=00a97f342b93a655&ts=211&x=0"
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/J79K9xgfxwT6Syzx-UyWdD89/recaptcha__en.js | 216.58.211.3 | 200 OK | 559 kB |
URL GET www.gstatic.com/recaptcha/releases/J79K9xgfxwT6Syzx-UyWdD89/recaptcha__en.js IP216.58.211.3:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=J79K9xgfxwT6Syzx-UyWdD89&size=invisible&cb=aga6sdsov8or CertificateIssuerGoogle Trust Services Subject*.gstatic.com FingerprintA4:5F:89:8D:68:B4:5F:99:BE:F5:66:6F:C1:5E:A5:8C:72:BF:1E:D5 ValidityWed, 26 Feb 2025 15:33:59 GMT - Wed, 21 May 2025 15:33:58 GMT
Size559 kB (558604 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /recaptcha/releases/J79K9xgfxwT6Syzx-UyWdD89/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
timing-allow-origin: *
content-length: 220830
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 11 Mar 2025 08:58:41 GMT
expires: Wed, 11 Mar 2026 08:58:41 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 10 Mar 2025 16:03:14 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 19512
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ukankingwithea.com/asd100.bin | 104.21.96.1 | 200 OK | 102 kB |
URL GET ukankingwithea.com/asd100.bin IP104.21.96.1:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectukankingwithea.com Fingerprint02:7E:37:44:90:B9:05:B4:82:CD:5A:71:84:A1:C8:84:66:33:BC:78 ValiditySat, 01 Mar 2025 13:28:14 GMT - Fri, 30 May 2025 14:26:54 GMT
Size102 kB (102400 bytes) Hash4c6426ac7ef186464ecbb0d81cbfcb1e 5a6918eebd9d635e8f632e3ef34e3792b1b5ec13 f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://datanodes.to/
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Cookie: csu=9277586078691@1@1741703033
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 11 Mar 2025 14:23:53 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://datanodes.to
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 3962
last-modified: Tue, 11 Mar 2025 13:17:51 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B0%2FNrTOYk2JweCO8kh%2BbjlTq%2BRNWr7a32cGggvCesy2Gioubt9RNHEt0C0pwKvIFMu%2BB1c3yDnOUeL9PuY4Ts0dySZcCrgBEa76txOrnnuCrhqhS5%2BAJGZduy3tV6cipRHRx2rI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91ebb655aea7569d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=60738&min_rtt=57805&rtt_var=3488&sent=97&recv=27&lost=0&retrans=0&sent_bytes=108360&recv_bytes=1453&delivery_rate=701087&cwnd=255&unsent_bytes=0&cid=00a97f342b93a655&ts=371&x=0"
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api2/webworker.js?hl=en&v=J79K9xgfxwT6Syzx-UyWdD89 | 216.58.207.228 | 200 OK | 102 B |
URL GET www.google.com/recaptcha/api2/webworker.js?hl=en&v=J79K9xgfxwT6Syzx-UyWdD89 IP216.58.207.228:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=J79K9xgfxwT6Syzx-UyWdD89&size=invisible&cb=aga6sdsov8or CertificateIssuerGoogle Trust Services Subjectwww.google.com Fingerprint53:F5:E3:47:F6:DC:80:83:14:A1:CE:39:7B:A1:98:61:74:03:86:E2 ValidityMon, 06 Jan 2025 08:37:56 GMT - Mon, 31 Mar 2025 08:37:55 GMT
File typeASCII text, with no line terminators Hash85cf33a7525444b6ca922f12fdb45e9c 5bc107045cce930f2e2ff8a134a52afcb7edb55b 223a644c50bb4e93aee4c2c96ae68188d4bc0b1ba5a10f32293eb32066857a47
GET /recaptcha/api2/webworker.js?hl=en&v=J79K9xgfxwT6Syzx-UyWdD89 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=J79K9xgfxwT6Syzx-UyWdD89&size=invisible&cb=aga6sdsov8or
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}, {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
expires: Tue, 11 Mar 2025 14:23:53 GMT
date: Tue, 11 Mar 2025 14:23:53 GMT
cache-control: private, max-age=300
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: same-site
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api2/reload?k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs | 216.58.207.228 | 200 OK | 39 kB |
URL POST www.google.com/recaptcha/api2/reload?k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs IP216.58.207.228:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=J79K9xgfxwT6Syzx-UyWdD89&size=invisible&cb=aga6sdsov8or CertificateIssuerGoogle Trust Services Subjectwww.google.com Fingerprint53:F5:E3:47:F6:DC:80:83:14:A1:CE:39:7B:A1:98:61:74:03:86:E2 ValidityMon, 06 Jan 2025 08:37:56 GMT - Mon, 31 Mar 2025 08:37:55 GMT
File typeASCII text, with very long lines (38853) Hash434b05dd2cf4ea6476db25c40e1ad747 f8e7181a252a6f34f3d39ecf6602e60c623b5fac ca91906d1f3d2ceae7b7ace2a671e5688b6a0c4ed7110dd19f15e9272969af30
POST /recaptcha/api2/reload?k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 11011
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=J79K9xgfxwT6Syzx-UyWdD89&size=invisible&cb=aga6sdsov8or
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: same-site
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
content-encoding: gzip
date: Tue, 11 Mar 2025 14:23:55 GMT
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: _GRECAPTCHA=09AP_l5mN8BCUfChxSRmTHhoNkgAlj9bFDYIAOJ15SfcLoUiJ50jOJF7RD-1loWwLS7jGjdpJo84tqtMCVAt3lvrY; Expires=Sun, 07-Sep-2025 14:23:55 GMT; Path=/recaptcha; Secure; HttpOnly; Priority=HIGH; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 11 Mar 2025 14:23:55 GMT
cache-control: private
X-Firefox-Spdy: h2
|
|
| | 104.26.14.76 | 200 OK | 82 kB |
IP104.26.14.76:443
CertificateIssuerGoogle Trust Services Subjectdatanodes.to FingerprintD9:3F:9B:36:AD:60:B2:6A:04:7D:E2:B7:FD:25:79:C2:CC:03:AE:81 ValidityMon, 10 Feb 2025 03:57:57 GMT - Sun, 11 May 2025 04:57:50 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /download HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: file_name=HENPRI-SteamGG.NET.zip; lang=english; file_code=1cdlarnvbyin
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 11 Mar 2025 14:23:50 GMT
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
set-cookie: affiliate=zur6Hiy8G%2BwJ2fSUcUnMpzKwockJi9uGgv36kU5lh1TfBsox3p5GoBg3ZUih6Kuo3yrkTYZeixYQS007nOSjzyw2qsUXOcxXNfQ%3D; domain=.datanodes.to; path=/; expires=Tue, 25-Mar-2025 14:23:50 GMT
expires: Mon, 10 Mar 2025 14:23:50 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MK%2BaC%2BfF%2F9Pf7n1KM5SIKTTvc3gb1MkDqdyvOvZkJSiYl327hteEf6T08bKy2pyhR8IHvKHx%2F3uC9gg9foBST8yg%2BY7MVXzy2Y2%2BV2Vd%2FNajbY4BBDiN1rQ9xIPhsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 91ebb6415e0f56ab-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=63398&min_rtt=58969&rtt_var=13296&sent=11&recv=13&lost=0&retrans=0&sent_bytes=4065&recv_bytes=1404&delivery_rate=62885&cwnd=256&unsent_bytes=0&cid=e0e4cc9e0ac072ee&ts=628&x=0"
X-Firefox-Spdy: h2
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7DP7NV2LKF&cid=471354628.1741703032>m=45je5362v9175474265za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102814060&tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102814060&z=1131072606 | 142.250.74.131 | 200 OK | 42 B |
URL GET www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7DP7NV2LKF&cid=471354628.1741703032>m=45je5362v9175474265za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102814060&tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102814060&z=1131072606 IP142.250.74.131:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subject*.google.no Fingerprint26:B7:26:CB:C6:A9:06:E9:C0:85:18:1A:20:54:87:E3:8B:35:EC:7C ValidityWed, 26 Feb 2025 15:35:45 GMT - Wed, 21 May 2025 15:35:44 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7DP7NV2LKF&cid=471354628.1741703032>m=45je5362v9175474265za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102814060&tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102814060&z=1131072606 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 11 Mar 2025 14:23:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail | 64.233.164.84 | 302 Found | 0 B |
URL GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail IP64.233.164.84:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectaccounts.google.com Fingerprint0B:AE:C0:D6:4D:D9:36:6A:9E:55:63:03:A2:D1:49:77:18:BD:75:08 ValidityWed, 26 Feb 2025 15:34:53 GMT - Wed, 21 May 2025 15:34:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:-fIgkEZVhmSjbevgTvOrqVY3udPNRw:3KYMbM-AXQLxyuPh; Expires=Thu, 11-Mar-2027 14:23:53 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 11 Mar 2025 14:23:53 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASSHyko_HTCrlpvcYyOUUeYe0jGC3aPI4actQwmL7lhCgc7-9Mj0ExxidqnDJKrwP4ZdydDHGMu7Ug
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-u9W9UTnK-TyApq9Bji3SOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| datanodes.to/favicon.ico | 104.26.14.76 | 200 OK | 2.5 kB |
IP104.26.14.76:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectdatanodes.to FingerprintD9:3F:9B:36:AD:60:B2:6A:04:7D:E2:B7:FD:25:79:C2:CC:03:AE:81 ValidityMon, 10 Feb 2025 03:57:57 GMT - Sun, 11 May 2025 04:57:50 GMT
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hashc813091dc9f029ba08588f60cc450755 d2b2f0efc676eff758c4194d80ff2e9ee973f556 682e513cfa795efc1e53c502e9a8aa3d91db160b7fd15f94de2a4156a6961474
GET /favicon.ico HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: file_name=HENPRI-SteamGG.NET.zip; lang=english; file_code=1cdlarnvbyin; affiliate=zur6Hiy8G%2BwJ2fSUcUnMpzKwockJi9uGgv36kU5lh1TfBsox3p5GoBg3ZUih6Kuo3yrkTYZeixYQS007nOSjzyw2qsUXOcxXNfQ%3D; _ga_7DP7NV2LKF=GS1.1.1741703031.1.0.1741703031.60.0.0; _ga=GA1.1.471354628.1741703032
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 11 Mar 2025 14:23:52 GMT
content-type: image/x-icon
last-modified: Thu, 01 Sep 2022 19:47:58 GMT
etag: W/"63110c6e-99d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2978
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uCjbx5%2Felqzvk%2FuZre66lw8%2FlUnl1Hm3rkItpfw%2BjcGq1%2FHcZJJfc2k%2FeIahIu0IWsfWbTspSL9uk6XPLKWwbp4UmTZYnwSxHSBmWUXGmG66Ewsv5oR7OsG3hAoSsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91ebb64f880b56ab-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=58743&min_rtt=58288&rtt_var=105&sent=255&recv=131&lost=0&retrans=8&sent_bytes=241154&recv_bytes=13951&delivery_rate=1685827&cwnd=262&unsent_bytes=0&cid=e0e4cc9e0ac072ee&ts=2548&x=0"
X-Firefox-Spdy: h2
|
|
| neyandfartooma.com/UVJ4Znl+bRsVRAIKEDIgPD5BMj4TCi8+ERsLPiQoNGIAFC8XOV4SEDVvSVdMaWRNUV8hOxxbSHchDAcNJCFFV184PB4JRHckRVdXYmZWVU9/Zl4TRGB0DBYYNm9JQAklJhRbSGZmSVFJYmJLVE9mZA | 172.67.195.86 | 204 No Content | 0 B |
URL GET neyandfartooma.com/UVJ4Znl+bRsVRAIKEDIgPD5BMj4TCi8+ERsLPiQoNGIAFC8XOV4SEDVvSVdMaWRNUV8hOxxbSHchDAcNJCFFV184PB4JRHckRVdXYmZWVU9/Zl4TRGB0DBYYNm9JQAklJhRbSGZmSVFJYmJLVE9mZA IP172.67.195.86:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectneyandfartooma.com Fingerprint27:F9:BA:43:8E:E9:4B:0C:38:9E:7A:48:C3:E3:C1:AA:F2:C2:09:CF ValidityMon, 17 Feb 2025 14:43:40 GMT - Sun, 18 May 2025 15:42:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /UVJ4Znl+bRsVRAIKEDIgPD5BMj4TCi8+ERsLPiQoNGIAFC8XOV4SEDVvSVdMaWRNUV8hOxxbSHchDAcNJCFFV184PB4JRHckRVdXYmZWVU9/Zl4TRGB0DBYYNm9JQAklJhRbSGZmSVFJYmJLVE9mZA HTTP/1.1
Host: neyandfartooma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Tue, 11 Mar 2025 14:23:53 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tp4tXc8YCPq%2Fv1X8LKqZQjxxfnEmYQx%2Bn6QFq5vn%2BqBIULhOeddSpj%2Fz9BMiujwIyQ77e%2Bh%2FUEFtSHezUTbrFDBusi%2BADDnqMMWu%2B0qsGhv4KqDCp88B%2BHMzrR4UdiLF%2B9T4VEs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 91ebb653ef020afe-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=66707&min_rtt=60058&rtt_var=21666&sent=9&recv=11&lost=0&retrans=0&sent_bytes=3353&recv_bytes=1392&delivery_rate=62332&cwnd=254&unsent_bytes=0&cid=702ebce0e1c5e37c&ts=208&x=0"
X-Firefox-Spdy: h2
|
|
| accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASSHyko_HTCrlpvcYyOUUeYe0jGC3aPI4actQwmL7lhCgc7-9Mj0ExxidqnDJKrwP4ZdydDHGMu7Ug | 64.233.164.84 | 302 Found | 0 B |
URL GET accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASSHyko_HTCrlpvcYyOUUeYe0jGC3aPI4actQwmL7lhCgc7-9Mj0ExxidqnDJKrwP4ZdydDHGMu7Ug IP64.233.164.84:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectaccounts.google.com Fingerprint0B:AE:C0:D6:4D:D9:36:6A:9E:55:63:03:A2:D1:49:77:18:BD:75:08 ValidityWed, 26 Feb 2025 15:34:53 GMT - Wed, 21 May 2025 15:34:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASSHyko_HTCrlpvcYyOUUeYe0jGC3aPI4actQwmL7lhCgc7-9Mj0ExxidqnDJKrwP4ZdydDHGMu7Ug HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://datanodes.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:T8_f4xCQ-DrbrIMNSvEQpi4V5YHFGQ:HuprHhNsu18jfWmA;Path=/;Expires=Thu, 11-Mar-2027 14:23:53 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 11 Mar 2025 14:23:53 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASSHykoiR-OyoBIAJ_BCAhnu5db9WQ_kb_XGLzyorSBWRo9Cw9Pi06xx-89RQpWvM7sKF8ghwWys2A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1826407147%3A1741703033526487&ddm=1
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-lCjvHr-aBxOafvHusaImPg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 421
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api2/clr?k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs | 216.58.207.228 | 200 OK | 0 B |
URL POST www.google.com/recaptcha/api2/clr?k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs IP216.58.207.228:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectwww.google.com Fingerprint53:F5:E3:47:F6:DC:80:83:14:A1:CE:39:7B:A1:98:61:74:03:86:E2 ValidityMon, 06 Jan 2025 08:37:56 GMT - Mon, 31 Mar 2025 08:37:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /recaptcha/api2/clr?k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://datanodes.to/
Content-Length: 1810
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/binary
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
date: Tue, 11 Mar 2025 14:23:55 GMT
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2 | 142.250.74.163 | 200 OK | 7.9 kB |
URL GET fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2 IP142.250.74.163:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subject*.gstatic.com FingerprintA4:5F:89:8D:68:B4:5F:99:BE:F5:66:6F:C1:5E:A5:8C:72:BF:1E:D5 ValidityWed, 26 Feb 2025 15:33:59 GMT - Wed, 21 May 2025 15:33:58 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7884, version 1.0 Hash9212f6f9860f9fc6c69b02fedf6db8c3 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Mar 2025 10:14:35 GMT
expires: Fri, 06 Mar 2026 10:14:35 GMT
cache-control: public, max-age=31536000
age: 446956
last-modified: Wed, 04 Dec 2024 06:53:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| d2eq4x4u2q3fwc.cloudfront.net/?uxqed=1158643 | 54.230.245.20 | 200 OK | 343 kB |
URL GET d2eq4x4u2q3fwc.cloudfront.net/?uxqed=1158643 IP54.230.245.20:443
Requested byhttps://datanodes.to/download CertificateIssuerAmazon Subject*.cloudfront.net Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62 ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT
Size343 kB (343020 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?uxqed=1158643 HTTP/1.1
Host: d2eq4x4u2q3fwc.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 112107
date: Tue, 11 Mar 2025 12:33:35 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sk4Ln8GjmmdR-qb_XG6h8MfBLvIzJIt2w86DuJtZLUgTz2wW0x0dzg==
age: 6617
X-Firefox-Spdy: h2
|
|
| d2eq4x4u2q3fwc.cloudfront.net/?uxqed=1158643 | 54.230.245.20 | 200 OK | 343 kB |
URL GET d2eq4x4u2q3fwc.cloudfront.net/?uxqed=1158643 IP54.230.245.20:443
Requested byhttps://datanodes.to/download CertificateIssuerAmazon Subject*.cloudfront.net Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62 ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT
Size343 kB (343020 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?uxqed=1158643 HTTP/1.1
Host: d2eq4x4u2q3fwc.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://datanodes.to/
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 112108
date: Tue, 11 Mar 2025 12:33:35 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://datanodes.to
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8O6FWEZeYjTNyTtVug87YDi5AaQ51zqfhr5ZrfEfqrIZOF1aCsQQGA==
age: 6617
X-Firefox-Spdy: h2
|
|
| euboicarmpit.top/pntne |  212.117.186.84 | 200 OK | 0 B |
IP212.117.186.84:443
Requested byhttps://datanodes.to/download CertificateIssuerZeroSSL Subjecteuboicarmpit.top Fingerprint77:F4:85:F1:8C:25:27:43:1E:E1:0E:08:B6:AC:66:00:73:68:BD:BC ValiditySat, 08 Mar 2025 00:00:00 GMT - Fri, 06 Jun 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
OPTIONS /pntne HTTP/1.1
Host: euboicarmpit.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://datanodes.to/
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 11 Mar 2025 14:23:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://datanodes.to
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.163 | 200 OK | 15 kB |
URL GET fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.163:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=J79K9xgfxwT6Syzx-UyWdD89&size=invisible&cb=aga6sdsov8or CertificateIssuerGoogle Trust Services Subject*.gstatic.com FingerprintA4:5F:89:8D:68:B4:5F:99:BE:F5:66:6F:C1:5E:A5:8C:72:BF:1E:D5 ValidityWed, 26 Feb 2025 15:33:59 GMT - Wed, 21 May 2025 15:33:58 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0 Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Mar 2025 10:07:38 GMT
expires: Fri, 06 Mar 2026 10:07:38 GMT
cache-control: public, max-age=31536000
age: 447375
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| euboicarmpit.top/pntne | 212.117.186.84 | 200 OK | 2 B |
IP212.117.186.84:443
Requested byhttps://datanodes.to/download CertificateIssuerZeroSSL Subjecteuboicarmpit.top Fingerprint77:F4:85:F1:8C:25:27:43:1E:E1:0E:08:B6:AC:66:00:73:68:BD:BC ValiditySat, 08 Mar 2025 00:00:00 GMT - Fri, 06 Jun 2025 23:59:59 GMT
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /pntne HTTP/1.1
Host: euboicarmpit.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://datanodes.to/
Content-Type: application/json
Content-Length: 76
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 11 Mar 2025 14:23:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://datanodes.to
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2B2dUFnYQDeASKlPDqi1fwkRT6B%2BtCuykV9PYSE32bTH6T8TwvKB7gb8kZ4afgeGKsbdqaV21ZD62o%2Br5tGl72vC1ZxceR46zWzol%2BJhfhtC7Cus5tES4TabJq6AYjKcPjof6aqza7jhD3VmiZIV4OMWdIe2v2lWwRItJiIaSvytJovg4hPoxFyJ7rIyt9ZL9EYNYizO%2BQviktj2V%2BQcDKPE883N9m4UZjl07JxEc8WSEJ%2FgtOg3A0GfuNVNJ6deYGmFl2%2F%2F73ONxZiUTSpgZCbNw72R%2B3Z03l; expires=Wed, 12-Mar-2025 14:23:52 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyEEKwjAQRuGZoQSKQvmxB%2BgJtEEQXdelJAtP0NYihZKUJCre3rj4Fu8RkdRbyLyi0u1lr0%2BZPmca%2FIQYCxkdlPHh03%2FBAdIeIcFhY%2BPim86%2FXMp%2FRPFv8IzSDj42ZkoJ4iLKrh%2BW6XC938CrIkjyiiHxURP4rXY%2F6E0cMQ%3D%3D; expires=Wed, 12-Mar-2025 14:23:52 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| www.gstatic.com/recaptcha/api2/logo_48.png | 216.58.211.3 | 200 OK | 2.2 kB |
URL GET www.gstatic.com/recaptcha/api2/logo_48.png IP216.58.211.3:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=J79K9xgfxwT6Syzx-UyWdD89&size=invisible&cb=aga6sdsov8or CertificateIssuerGoogle Trust Services Subject*.gstatic.com FingerprintA4:5F:89:8D:68:B4:5F:99:BE:F5:66:6F:C1:5E:A5:8C:72:BF:1E:D5 ValidityWed, 26 Feb 2025 15:33:59 GMT - Wed, 21 May 2025 15:33:58 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hashef9941290c50cd3866e2ba6b793f010d 4736508c795667dcea21f8d864233031223b7832 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/J79K9xgfxwT6Syzx-UyWdD89/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 07 Mar 2025 19:49:08 GMT
expires: Fri, 14 Mar 2025 19:49:08 GMT
cache-control: public, max-age=604800
age: 326086
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api2/clr?k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs | 216.58.207.228 | 200 OK | 0 B |
URL POST www.google.com/recaptcha/api2/clr?k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs IP216.58.207.228:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectwww.google.com Fingerprint53:F5:E3:47:F6:DC:80:83:14:A1:CE:39:7B:A1:98:61:74:03:86:E2 ValidityMon, 06 Jan 2025 08:37:56 GMT - Mon, 31 Mar 2025 08:37:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /recaptcha/api2/clr?k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://datanodes.to/
Content-Length: 1810
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/binary
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Mar 2025 14:23:55 GMT
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 | 142.250.74.163 | 200 OK | 7.8 kB |
URL GET fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 IP142.250.74.163:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subject*.gstatic.com FingerprintA4:5F:89:8D:68:B4:5F:99:BE:F5:66:6F:C1:5E:A5:8C:72:BF:1E:D5 ValidityWed, 26 Feb 2025 15:33:59 GMT - Wed, 21 May 2025 15:33:58 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7816, version 1.0 Hash25b0e113ca7cce3770d542736db26368 cb726212d5d525021752a1d8470a0fb593e0c49e 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v22/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Mar 2025 10:24:48 GMT
expires: Fri, 06 Mar 2026 10:24:48 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 04 Dec 2024 06:53:03 GMT
content-type: font/woff2
age: 446343
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| datanodes.to/theme_2023/dist/assets/FileActions-fa6032ae.js | 104.26.14.76 | 200 OK | 79 kB |
URL GET datanodes.to/theme_2023/dist/assets/FileActions-fa6032ae.js IP104.26.14.76:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectdatanodes.to FingerprintD9:3F:9B:36:AD:60:B2:6A:04:7D:E2:B7:FD:25:79:C2:CC:03:AE:81 ValidityMon, 10 Feb 2025 03:57:57 GMT - Sun, 11 May 2025 04:57:50 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /theme_2023/dist/assets/FileActions-fa6032ae.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/theme_2023/dist/assets/app-80bcdb82.js
Cookie: file_name=HENPRI-SteamGG.NET.zip; lang=english; file_code=1cdlarnvbyin; affiliate=zur6Hiy8G%2BwJ2fSUcUnMpzKwockJi9uGgv36kU5lh1TfBsox3p5GoBg3ZUih6Kuo3yrkTYZeixYQS007nOSjzyw2qsUXOcxXNfQ%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 11 Mar 2025 14:23:51 GMT
content-type: application/javascript
last-modified: Sun, 09 Feb 2025 16:17:00 GMT
etag: W/"67a8d4fc-13480"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2605
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eQqamz3fPW3AxW6Mp7K1xkK4dACvtJ75TdQNuZwLMCIPc4QenV%2F0wwWutqUWKb5cjnvOHw3HziP%2FkQOmhda22qGUpKyoY7zuK%2FEXhvEKUdBVTR73RWfvepPtu4BWkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91ebb64cac8056ab-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=60275&min_rtt=58684&rtt_var=1318&sent=193&recv=76&lost=0&retrans=8&sent_bytes=186097&recv_bytes=3032&delivery_rate=1685827&cwnd=262&unsent_bytes=0&cid=e0e4cc9e0ac072ee&ts=2106&x=0"
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/J79K9xgfxwT6Syzx-UyWdD89/recaptcha__en.js | 216.58.211.3 | 200 OK | 559 kB |
URL GET www.gstatic.com/recaptcha/releases/J79K9xgfxwT6Syzx-UyWdD89/recaptcha__en.js IP216.58.211.3:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subject*.gstatic.com FingerprintA4:5F:89:8D:68:B4:5F:99:BE:F5:66:6F:C1:5E:A5:8C:72:BF:1E:D5 ValidityWed, 26 Feb 2025 15:33:59 GMT - Wed, 21 May 2025 15:33:58 GMT
Size559 kB (558604 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /recaptcha/releases/J79K9xgfxwT6Syzx-UyWdD89/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
timing-allow-origin: *
content-length: 220830
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 11 Mar 2025 08:58:41 GMT
expires: Wed, 11 Mar 2026 08:58:41 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 10 Mar 2025 16:03:14 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 19511
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| elyandbegantoti.com/VHdqZzE1FQkKDjVKCEFEJhtXQgMSUlghVWYSG1NJYAJYFgIyAAlJUjgYHwNXJhgEEx86Eh5CAxI4DlR7LC0yImQcJVIjZTM6CCFnPDY4DFUeIloxdAI2Lz93FjE6IWAFMSwPRjE2ODZ0DDY/LGcsRygvVic1OQBrFzY4KXkGDQUydhAyPTFJETsvVwgWJhJXZhw1MD5nLD4JIl08Nj81fAI1Wh91AjY/MXk8DzogYBk/Lw8BBTE7InIcMQk2dBEYDC9ZbC4tHwUFJi8qSQZGUzFnESEpMGMdLi01aDEyDS1iBTIvK3MCPSs2ZwY1PTJ7ASEAKWIFMkciYhM1BiJjATUpKWcwMzw2XRYlBjVmGUYgJmAGFCIyWhEAPCJ7EC8vIXwCMjwkdzM2OS9zZSI8HVUSJgElZwUiMCRgETUuNUkFLiwfYAY/OwtwBQ0sI2A4MQw1AAUyPSJwch0ZCF8kSh5UVTZHXyxAPTEO | 3.164.240.69 | 200 OK | 3.1 kB |
URL GET elyandbegantoti.com/VHdqZzE1FQkKDjVKCEFEJhtXQgMSUlghVWYSG1NJYAJYFgIyAAlJUjgYHwNXJhgEEx86Eh5CAxI4DlR7LC0yImQcJVIjZTM6CCFnPDY4DFUeIloxdAI2Lz93FjE6IWAFMSwPRjE2ODZ0DDY/LGcsRygvVic1OQBrFzY4KXkGDQUydhAyPTFJETsvVwgWJhJXZhw1MD5nLD4JIl08Nj81fAI1Wh91AjY/MXk8DzogYBk/Lw8BBTE7InIcMQk2dBEYDC9ZbC4tHwUFJi8qSQZGUzFnESEpMGMdLi01aDEyDS1iBTIvK3MCPSs2ZwY1PTJ7ASEAKWIFMkciYhM1BiJjATUpKWcwMzw2XRYlBjVmGUYgJmAGFCIyWhEAPCJ7EC8vIXwCMjwkdzM2OS9zZSI8HVUSJgElZwUiMCRgETUuNUkFLiwfYAY/OwtwBQ0sI2A4MQw1AAUyPSJwch0ZCF8kSh5UVTZHXyxAPTEO IP3.164.240.69:443
Requested byhttps://datanodes.to/download CertificateIssuerAmazon Subjectelyandbegantoti.com Fingerprint5D:0B:B9:67:3A:DF:54:6D:93:0F:E7:7A:03:C1:3A:4D:95:EE:29:2C ValiditySun, 09 Mar 2025 00:00:00 GMT - Tue, 07 Apr 2026 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (3091), with no line terminators Hashae1401043aeba88345c487f0ec957d81 85aac1df818c109d14ed9aaa539a94ab67b0c75b 285e3002b7f19b1cfa83c7c3c69153a21cb3934ec68a982a9058402fd715d22b
GET /VHdqZzE1FQkKDjVKCEFEJhtXQgMSUlghVWYSG1NJYAJYFgIyAAlJUjgYHwNXJhgEEx86Eh5CAxI4DlR7LC0yImQcJVIjZTM6CCFnPDY4DFUeIloxdAI2Lz93FjE6IWAFMSwPRjE2ODZ0DDY/LGcsRygvVic1OQBrFzY4KXkGDQUydhAyPTFJETsvVwgWJhJXZhw1MD5nLD4JIl08Nj81fAI1Wh91AjY/MXk8DzogYBk/Lw8BBTE7InIcMQk2dBEYDC9ZbC4tHwUFJi8qSQZGUzFnESEpMGMdLi01aDEyDS1iBTIvK3MCPSs2ZwY1PTJ7ASEAKWIFMkciYhM1BiJjATUpKWcwMzw2XRYlBjVmGUYgJmAGFCIyWhEAPCJ7EC8vIXwCMjwkdzM2OS9zZSI8HVUSJgElZwUiMCRgETUuNUkFLiwfYAY/OwtwBQ0sI2A4MQw1AAUyPSJwch0ZCF8kSh5UVTZHXyxAPTEO HTTP/1.1
Host: elyandbegantoti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1205
date: Tue, 11 Mar 2025 14:23:53 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
set-cookie: AWSALB=1y1A6nQEDzWAnBr71ok4wrlZsqQLs9boZTyFhupVVCHkd7gcSC7d02dRoGbgQA6NFkdICw/AweX7cGeCZa59z6EZEikiSx1kcvmtTBVwE9yZHtUbIFNJniHakHT1; Expires=Tue, 18 Mar 2025 14:23:53 GMT; Path=/
AWSALBCORS=1y1A6nQEDzWAnBr71ok4wrlZsqQLs9boZTyFhupVVCHkd7gcSC7d02dRoGbgQA6NFkdICw/AweX7cGeCZa59z6EZEikiSx1kcvmtTBVwE9yZHtUbIFNJniHakHT1; Expires=Tue, 18 Mar 2025 14:23:53 GMT; Path=/; SameSite=None
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0ca3a24436a7d86916b35130b21285a8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: DjNnfsYStHP7M4F2ePUlKielNZ_DNbZVvXDTHP6FPeiszT1oy-1l-g==
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api2/clr?k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs | 216.58.207.228 | 200 OK | 0 B |
URL POST www.google.com/recaptcha/api2/clr?k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs IP216.58.207.228:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=J79K9xgfxwT6Syzx-UyWdD89&size=invisible&cb=aga6sdsov8or CertificateIssuerGoogle Trust Services Subjectwww.google.com Fingerprint53:F5:E3:47:F6:DC:80:83:14:A1:CE:39:7B:A1:98:61:74:03:86:E2 ValidityMon, 06 Jan 2025 08:37:56 GMT - Mon, 31 Mar 2025 08:37:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /recaptcha/api2/clr?k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuf
Content-Length: 1793
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=J79K9xgfxwT6Syzx-UyWdD89&size=invisible&cb=aga6sdsov8or
Cookie: _GRECAPTCHA=09AP_l5mN8BCUfChxSRmTHhoNkgAlj9bFDYIAOJ15SfcLoUiJ50jOJF7RD-1loWwLS7jGjdpJo84tqtMCVAt3lvrY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/binary
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
date: Tue, 11 Mar 2025 14:23:55 GMT
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| datanodes.to/theme_2023/dist/assets/VirusScan-e53a5e80.js | 104.26.14.76 | 200 OK | 1.1 kB |
URL GET datanodes.to/theme_2023/dist/assets/VirusScan-e53a5e80.js IP104.26.14.76:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectdatanodes.to FingerprintD9:3F:9B:36:AD:60:B2:6A:04:7D:E2:B7:FD:25:79:C2:CC:03:AE:81 ValidityMon, 10 Feb 2025 03:57:57 GMT - Sun, 11 May 2025 04:57:50 GMT
File typeASCII text, with very long lines (1175), with no line terminators Hash5552241fb700f202104206d16e48bd20 6fce7454b07364109a522cced0d401f6845ee41e 6a127e427de7fba1468b29e95cf86145a218594ca2625e1171dc98b97dff2cc4
GET /theme_2023/dist/assets/VirusScan-e53a5e80.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/theme_2023/dist/assets/app-80bcdb82.js
Cookie: file_name=HENPRI-SteamGG.NET.zip; lang=english; file_code=1cdlarnvbyin; affiliate=zur6Hiy8G%2BwJ2fSUcUnMpzKwockJi9uGgv36kU5lh1TfBsox3p5GoBg3ZUih6Kuo3yrkTYZeixYQS007nOSjzyw2qsUXOcxXNfQ%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 11 Mar 2025 14:23:51 GMT
content-type: application/javascript
last-modified: Sun, 09 Feb 2025 16:17:00 GMT
etag: W/"67a8d4fc-460"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2605
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1p5vpm8d5U7FC%2BuzL4kSSwcQx0%2BNCo0ESszZDns0KYPutFTxjlq0cWfw4qWiT9t2m06c8Sq%2BOVyh37%2FgygHnHpl%2F0%2B2AAj2PQrqkVgy8bvRGyoeNyEQikZ33zNUROg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91ebb64b9b3256ab-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=62091&min_rtt=58684&rtt_var=1093&sent=177&recv=64&lost=0&retrans=8&sent_bytes=179961&recv_bytes=2292&delivery_rate=1685827&cwnd=262&unsent_bytes=0&cid=e0e4cc9e0ac072ee&ts=1928&x=0"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 | 142.250.74.163 | 200 OK | 8.0 kB |
URL GET fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 IP142.250.74.163:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subject*.gstatic.com FingerprintA4:5F:89:8D:68:B4:5F:99:BE:F5:66:6F:C1:5E:A5:8C:72:BF:1E:D5 ValidityWed, 26 Feb 2025 15:33:59 GMT - Wed, 21 May 2025 15:33:58 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 8000, version 1.0 Hash72993dddf88a63e8f226656f7de88e57 179f97ec0275f09603a8db94d4380eb584d81cd5 f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 07 Mar 2025 18:41:08 GMT
expires: Sat, 07 Mar 2026 18:41:08 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 04 Dec 2024 06:53:31 GMT
content-type: font/woff2
age: 330164
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 | 142.250.74.163 | 200 OK | 7.7 kB |
URL GET fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 IP142.250.74.163:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subject*.gstatic.com FingerprintA4:5F:89:8D:68:B4:5F:99:BE:F5:66:6F:C1:5E:A5:8C:72:BF:1E:D5 ValidityWed, 26 Feb 2025 15:33:59 GMT - Wed, 21 May 2025 15:33:58 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7748, version 1.0 Hasha09f2fccfee35b7247b08a1a266f0328 0da2d17e738f46d2a09e6fb7969da451719a9820 cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 07 Mar 2025 20:39:21 GMT
expires: Sat, 07 Mar 2026 20:39:21 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 04 Dec 2024 06:54:05 GMT
content-type: font/woff2
age: 323070
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASSHyko9eCQKWE8wHGRjPy7nsWaGz_xrmvwHJZYiC2yGAyvc8X1i_1u_XuwrIxLI7Wknm5t0HFEKsQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1125807131%3A1741703033520543&ddm=1 | 64.233.164.84 | 403 Forbidden | 0 B |
URL GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASSHyko9eCQKWE8wHGRjPy7nsWaGz_xrmvwHJZYiC2yGAyvc8X1i_1u_XuwrIxLI7Wknm5t0HFEKsQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1125807131%3A1741703033520543&ddm=1 IP64.233.164.84:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectaccounts.google.com Fingerprint0B:AE:C0:D6:4D:D9:36:6A:9E:55:63:03:A2:D1:49:77:18:BD:75:08 ValidityWed, 26 Feb 2025 15:34:53 GMT - Wed, 21 May 2025 15:34:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASSHyko9eCQKWE8wHGRjPy7nsWaGz_xrmvwHJZYiC2yGAyvc8X1i_1u_XuwrIxLI7Wknm5t0HFEKsQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1125807131%3A1741703033520543&ddm=1 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://datanodes.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 11 Mar 2025 14:23:53 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-ViewUmwHPzjzjGxj3j9AlA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.google.com/tools/feedback/help_api.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.JkwoUECwqWs.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube | 64.233.164.84 | 302 Found | 0 B |
URL GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP64.233.164.84:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectaccounts.google.com Fingerprint0B:AE:C0:D6:4D:D9:36:6A:9E:55:63:03:A2:D1:49:77:18:BD:75:08 ValidityWed, 26 Feb 2025 15:34:53 GMT - Wed, 21 May 2025 15:34:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:nXYdbGDY3IeG-oCfPYbT43LKkX34jw:sPsrlpmo7GiSaRg2; Expires=Thu, 11-Mar-2027 14:23:53 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 11 Mar 2025 14:23:53 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASSHykroHfPa8qZ2ZyjF3zyCG76HKLdzsKoEc3VcAUsJ8K-2GwjxbkWJN3tOMtK_CF6ZTJtfXOJZKQ
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-VAoCUc-vlJ4d1PWir7cy7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASSHykoiR-OyoBIAJ_BCAhnu5db9WQ_kb_XGLzyorSBWRo9Cw9Pi06xx-89RQpWvM7sKF8ghwWys2A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1826407147%3A1741703033526487&ddm=1 | 64.233.164.84 | 403 Forbidden | 0 B |
URL GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASSHykoiR-OyoBIAJ_BCAhnu5db9WQ_kb_XGLzyorSBWRo9Cw9Pi06xx-89RQpWvM7sKF8ghwWys2A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1826407147%3A1741703033526487&ddm=1 IP64.233.164.84:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectaccounts.google.com Fingerprint0B:AE:C0:D6:4D:D9:36:6A:9E:55:63:03:A2:D1:49:77:18:BD:75:08 ValidityWed, 26 Feb 2025 15:34:53 GMT - Wed, 21 May 2025 15:34:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASSHykoiR-OyoBIAJ_BCAhnu5db9WQ_kb_XGLzyorSBWRo9Cw9Pi06xx-89RQpWvM7sKF8ghwWys2A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1826407147%3A1741703033526487&ddm=1 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://datanodes.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 11 Mar 2025 14:23:53 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-G8yQUhRWdnkSmh6qHAWKvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.google.com/tools/feedback/help_api.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.JkwoUECwqWs.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL GET fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.74.163:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=J79K9xgfxwT6Syzx-UyWdD89&size=invisible&cb=aga6sdsov8or CertificateIssuerGoogle Trust Services Subject*.gstatic.com FingerprintA4:5F:89:8D:68:B4:5F:99:BE:F5:66:6F:C1:5E:A5:8C:72:BF:1E:D5 ValidityWed, 26 Feb 2025 15:33:59 GMT - Wed, 21 May 2025 15:33:58 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0 Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Mar 2025 10:30:29 GMT
expires: Fri, 06 Mar 2026 10:30:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 446004
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-7DP7NV2LKF>m=45je5362v9175474265za200&_p=1741703031377&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102814060&cid=471354628.1741703032&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1741703031&sct=1&seg=0&dl=https%3A%2F%2Fdatanodes.to%2Fdownload&dt=Download%20HENPRI%20SteamGG%20zip&en=scroll&epn.percent_scrolled=90&tfd=7787 | 216.239.32.36 | 204 No Content | 0 B |
URL POST region1.analytics.google.com/g/collect?v=2&tid=G-7DP7NV2LKF>m=45je5362v9175474265za200&_p=1741703031377&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102814060&cid=471354628.1741703032&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1741703031&sct=1&seg=0&dl=https%3A%2F%2Fdatanodes.to%2Fdownload&dt=Download%20HENPRI%20SteamGG%20zip&en=scroll&epn.percent_scrolled=90&tfd=7787 IP216.239.32.36:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subject*.google-analytics.com FingerprintAE:1B:D4:56:41:F7:15:A7:24:B8:F3:55:83:91:17:2C:97:12:67:6E ValidityWed, 26 Feb 2025 15:32:54 GMT - Wed, 21 May 2025 15:32:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7DP7NV2LKF>m=45je5362v9175474265za200&_p=1741703031377&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102814060&cid=471354628.1741703032&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1741703031&sct=1&seg=0&dl=https%3A%2F%2Fdatanodes.to%2Fdownload&dt=Download%20HENPRI%20SteamGG%20zip&en=scroll&epn.percent_scrolled=90&tfd=7787 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://datanodes.to/
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://datanodes.to
date: Tue, 11 Mar 2025 14:23:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:136:0
report-to: {"group":"ascnsrsggc:136:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| datanodes.to/theme_2023/dist/assets/app-36afb1c9.css | 104.26.14.76 | 200 OK | 53 kB |
URL GET datanodes.to/theme_2023/dist/assets/app-36afb1c9.css IP104.26.14.76:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectdatanodes.to FingerprintD9:3F:9B:36:AD:60:B2:6A:04:7D:E2:B7:FD:25:79:C2:CC:03:AE:81 ValidityMon, 10 Feb 2025 03:57:57 GMT - Sun, 11 May 2025 04:57:50 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /theme_2023/dist/assets/app-36afb1c9.css HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: file_name=HENPRI-SteamGG.NET.zip; lang=english; file_code=1cdlarnvbyin; affiliate=zur6Hiy8G%2BwJ2fSUcUnMpzKwockJi9uGgv36kU5lh1TfBsox3p5GoBg3ZUih6Kuo3yrkTYZeixYQS007nOSjzyw2qsUXOcxXNfQ%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 11 Mar 2025 14:23:50 GMT
content-type: text/css
last-modified: Sun, 09 Feb 2025 16:17:00 GMT
etag: W/"67a8d4fc-cf77"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2978
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K6oWYLJ6RE7FXJlfuP9hPpYcls75mKZE2v7PXNS6UWB0uW%2Fj5%2B0339uAkPfnNKEyB6OiPrmcBDxVtDOEUb%2FfFYgLKkUGw9HG%2FQa9WGQBemnsH0r81vmHaXAwMjnQjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91ebb6467c8c56ab-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=71710&min_rtt=58969&rtt_var=16324&sent=58&recv=33&lost=0&retrans=8&sent_bytes=46192&recv_bytes=2025&delivery_rate=60123&cwnd=256&unsent_bytes=0&cid=e0e4cc9e0ac072ee&ts=1108&x=0"
X-Firefox-Spdy: h2
|
|
| datanodes.to/theme_2023/dist/assets/app-80bcdb82.js | 104.26.14.76 | 200 OK | 183 kB |
URL GET datanodes.to/theme_2023/dist/assets/app-80bcdb82.js IP104.26.14.76:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectdatanodes.to FingerprintD9:3F:9B:36:AD:60:B2:6A:04:7D:E2:B7:FD:25:79:C2:CC:03:AE:81 ValidityMon, 10 Feb 2025 03:57:57 GMT - Sun, 11 May 2025 04:57:50 GMT
File typeJavaScript source, ASCII text, with very long lines (32531) Size183 kB (183021 bytes) Hash68168e1fcc3f0b89637287285c331e9b 2252e15424087258ef80a353512b685215e68335 df548d433ea12395b99a860e96667848bea70b8eeae6348959d3a1cee6fa57c4
GET /theme_2023/dist/assets/app-80bcdb82.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: file_name=HENPRI-SteamGG.NET.zip; lang=english; file_code=1cdlarnvbyin; affiliate=zur6Hiy8G%2BwJ2fSUcUnMpzKwockJi9uGgv36kU5lh1TfBsox3p5GoBg3ZUih6Kuo3yrkTYZeixYQS007nOSjzyw2qsUXOcxXNfQ%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 11 Mar 2025 14:23:50 GMT
content-type: application/javascript
last-modified: Sun, 09 Feb 2025 16:17:00 GMT
etag: W/"67a8d4fc-2caed"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2604
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jkUzcYK6b4VtXNaUCvRHHYb4xyYuKaWtQBev%2FLE0nVKCNFwqFddu%2Fbiq5QRLul369qSV4fCRVUFf16KEcoIWWYiSjtu62irXp%2FPuKt2QqtW1qF1%2FPVBys71RN8Ra3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91ebb6468c9556ab-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=71710&min_rtt=58969&rtt_var=16324&sent=112&recv=33&lost=0&retrans=8&sent_bytes=107216&recv_bytes=2025&delivery_rate=60123&cwnd=256&unsent_bytes=0&cid=e0e4cc9e0ac072ee&ts=1128&x=0"
X-Firefox-Spdy: h2
|
|
| euboicarmpit.top/pntne | 212.117.186.84 | 200 OK | 0 B |
IP212.117.186.84:443
Requested byhttps://datanodes.to/download CertificateIssuerZeroSSL Subjecteuboicarmpit.top Fingerprint77:F4:85:F1:8C:25:27:43:1E:E1:0E:08:B6:AC:66:00:73:68:BD:BC ValiditySat, 08 Mar 2025 00:00:00 GMT - Fri, 06 Jun 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
OPTIONS /pntne HTTP/1.1
Host: euboicarmpit.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://datanodes.to/
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 11 Mar 2025 14:23:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://datanodes.to
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| datanodes.to/theme_2023/dist/assets/Util-ba300788.js | 104.26.14.76 | 200 OK | 2.9 kB |
URL GET datanodes.to/theme_2023/dist/assets/Util-ba300788.js IP104.26.14.76:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectdatanodes.to FingerprintD9:3F:9B:36:AD:60:B2:6A:04:7D:E2:B7:FD:25:79:C2:CC:03:AE:81 ValidityMon, 10 Feb 2025 03:57:57 GMT - Sun, 11 May 2025 04:57:50 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (2940), with no line terminators Hash6c48312b1653befcf2adee03a49501ef 82c3a6bcfce4b219d5d37fbf9f2dcd5c508bcf48 114a397e85d5141cb6dad08c073e11e25fbdee2891681e3238f76977ada40124
GET /theme_2023/dist/assets/Util-ba300788.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/theme_2023/dist/assets/FileActions-fa6032ae.js
Cookie: file_name=HENPRI-SteamGG.NET.zip; lang=english; file_code=1cdlarnvbyin; affiliate=zur6Hiy8G%2BwJ2fSUcUnMpzKwockJi9uGgv36kU5lh1TfBsox3p5GoBg3ZUih6Kuo3yrkTYZeixYQS007nOSjzyw2qsUXOcxXNfQ%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 11 Mar 2025 14:23:51 GMT
content-type: application/javascript
last-modified: Sun, 09 Feb 2025 16:17:00 GMT
etag: W/"67a8d4fc-b29"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2605
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lMS9YiEnRuCukMdfmHEO0SeP7P%2BP5QGmufOGxr0O%2F4kRtwyf08VwYhItlS0YGLRYoH2OupZ9MBPj4NVBYseusxuJSLzc79QQ2%2Fh0WN3%2FnFN6BCf%2BaaMHBB7fcE4dnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91ebb64dadb156ab-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=58855&min_rtt=58304&rtt_var=181&sent=224&recv=100&lost=0&retrans=8&sent_bytes=219094&recv_bytes=3654&delivery_rate=1685827&cwnd=262&unsent_bytes=0&cid=e0e4cc9e0ac072ee&ts=2258&x=0"
X-Firefox-Spdy: h2
|
|
| datanodes.to/theme_2023/dist/assets/transition-a1567fd4.js | 104.26.14.76 | 200 OK | 28 kB |
URL GET datanodes.to/theme_2023/dist/assets/transition-a1567fd4.js IP104.26.14.76:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectdatanodes.to FingerprintD9:3F:9B:36:AD:60:B2:6A:04:7D:E2:B7:FD:25:79:C2:CC:03:AE:81 ValidityMon, 10 Feb 2025 03:57:57 GMT - Sun, 11 May 2025 04:57:50 GMT
File typeJavaScript source, ASCII text, with very long lines (27942) Hash6b949827cd27578f8d96e716764745fd fc5d054a81cc11c95726bf55f11fc0c96ae0f58b 579bb21ed189cf13357365e55a2dc69ca1e3866ce7566362e163cfe86b3f3aee
GET /theme_2023/dist/assets/transition-a1567fd4.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/theme_2023/dist/assets/FileActions-fa6032ae.js
Cookie: file_name=HENPRI-SteamGG.NET.zip; lang=english; file_code=1cdlarnvbyin; affiliate=zur6Hiy8G%2BwJ2fSUcUnMpzKwockJi9uGgv36kU5lh1TfBsox3p5GoBg3ZUih6Kuo3yrkTYZeixYQS007nOSjzyw2qsUXOcxXNfQ%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 11 Mar 2025 14:23:51 GMT
content-type: application/javascript
last-modified: Sun, 09 Feb 2025 16:17:00 GMT
etag: W/"67a8d4fc-6d27"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2605
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z7Nv2M8bNHpXqwx6K40NDwrcPgwuaB7Ebc2%2BYUK1yBRI59LqqPmiTf21f7adypJOSXYkscBneS6BjUlAjF%2FFT7GFR%2BYNZBdQJdX2x9xktU%2B2blzteHSAe39dBSos3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91ebb64dadb656ab-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=58855&min_rtt=58304&rtt_var=181&sent=228&recv=100&lost=0&retrans=8&sent_bytes=220881&recv_bytes=3654&delivery_rate=1685827&cwnd=262&unsent_bytes=0&cid=e0e4cc9e0ac072ee&ts=2260&x=0"
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-7DP7NV2LKF | 142.250.74.72 | 200 OK | 364 kB |
URL GET www.googletagmanager.com/gtag/js?id=G-7DP7NV2LKF IP142.250.74.72:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subject*.google-analytics.com FingerprintAE:1B:D4:56:41:F7:15:A7:24:B8:F3:55:83:91:17:2C:97:12:67:6E ValidityWed, 26 Feb 2025 15:32:54 GMT - Wed, 21 May 2025 15:32:53 GMT
File typeJavaScript source, ASCII text, with very long lines (5960) Size364 kB (363963 bytes) Hash48814d2bae82a07c5d0925486859277a 2dcfcbf64b350d880dc638ea3326e3f63bc09a60 4fa2d81b69aefc6d9207951496f087ee5bd52b3cad44a51fe81db56a30f163c6
GET /gtag/js?id=G-7DP7NV2LKF HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 11 Mar 2025 14:23:51 GMT
expires: Tue, 11 Mar 2025 14:23:51 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1003:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1003:0
report-to: {"group":"ascgcycc:1003:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1003:0"}],}
server: Google Tag Manager
content-length: 120482
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| datanodes.to/theme_2023/dist/assets/_commonjsHelpers-d4b30cbb.js | 104.26.14.76 | 200 OK | 571 B |
URL GET datanodes.to/theme_2023/dist/assets/_commonjsHelpers-d4b30cbb.js IP104.26.14.76:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectdatanodes.to FingerprintD9:3F:9B:36:AD:60:B2:6A:04:7D:E2:B7:FD:25:79:C2:CC:03:AE:81 ValidityMon, 10 Feb 2025 03:57:57 GMT - Sun, 11 May 2025 04:57:50 GMT
File typeJavaScript source, ASCII text, with very long lines (578), with no line terminators Hash4269ae966a9de40dcc8745dc7a28e6ed e57e819dec3c4b86c663859673b3f1ed06ac0a80 da99d56059482651e6ec90085973116ebe749cb150a06381d2d968e0349912fe
GET /theme_2023/dist/assets/_commonjsHelpers-d4b30cbb.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/theme_2023/dist/assets/VirusScan-e53a5e80.js
Cookie: file_name=HENPRI-SteamGG.NET.zip; lang=english; file_code=1cdlarnvbyin; affiliate=zur6Hiy8G%2BwJ2fSUcUnMpzKwockJi9uGgv36kU5lh1TfBsox3p5GoBg3ZUih6Kuo3yrkTYZeixYQS007nOSjzyw2qsUXOcxXNfQ%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 11 Mar 2025 14:23:51 GMT
content-type: application/javascript
last-modified: Sun, 09 Feb 2025 16:17:00 GMT
etag: W/"67a8d4fc-23b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2605
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RS2kGfE4CVHltrR1EFxUATUTEhV7njuugTfCVUGvjc4UbuKoAdNOkpcJdemainiPG8NLFntOgJPz87yjuqk5r6ff7fhY3GUKmV%2F5KMhFtlsrZDXt%2B4R97COuxp8TmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91ebb64cac8a56ab-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=60275&min_rtt=58684&rtt_var=1318&sent=185&recv=76&lost=0&retrans=8&sent_bytes=182600&recv_bytes=3032&delivery_rate=1685827&cwnd=262&unsent_bytes=0&cid=e0e4cc9e0ac072ee&ts=2104&x=0"
X-Firefox-Spdy: h2
|
|
| ukankingwithea.com/ | 104.21.96.1 | 200 OK | 24 B |
IP104.21.96.1:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectukankingwithea.com Fingerprint02:7E:37:44:90:B9:05:B4:82:CD:5A:71:84:A1:C8:84:66:33:BC:78 ValiditySat, 01 Mar 2025 13:28:14 GMT - Fri, 30 May 2025 14:26:54 GMT
File typeASCII text, with no line terminators Hash804a1d46fa17269f8e8210ede1298e82 398805e0c3741f1b5d579eb72dfc1e1d271ab130 015d3e1558952cd59151f964a02d0f36eb4241f96f18e8f8550105627065896e
GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://datanodes.to/
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Cookie: csu=9277586078691@1@1741703033
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 11 Mar 2025 14:23:53 GMT
content-type: text/plain
set-cookie: csu=9277586078691@2@1741703033; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://datanodes.to
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FHxkMPfKwZzl%2FJiogXXvtG1f8nZxkJmMFocZo4mWdxN%2BpKsmGZwpa2McihzyZtxVta4BM%2FIeoLMixv%2BSTSm8pNGDHrI%2BXjgBp0XpGAgeMtsolfvm9j4LcROxb2n2fBVEcBQ7t5Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 91ebb655beaa569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=64150&min_rtt=57805&rtt_var=10944&sent=182&recv=52&lost=0&retrans=0&sent_bytes=211875&recv_bytes=1453&delivery_rate=1579604&cwnd=255&unsent_bytes=0&cid=00a97f342b93a655&ts=484&x=0"
X-Firefox-Spdy: h2
|
|
| datanodes.to/theme_2023/dist/assets/Tooltip-4872b02d.css | 104.26.14.76 | 200 OK | 372 B |
URL GET datanodes.to/theme_2023/dist/assets/Tooltip-4872b02d.css IP104.26.14.76:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectdatanodes.to FingerprintD9:3F:9B:36:AD:60:B2:6A:04:7D:E2:B7:FD:25:79:C2:CC:03:AE:81 ValidityMon, 10 Feb 2025 03:57:57 GMT - Sun, 11 May 2025 04:57:50 GMT
File typeASCII text, with very long lines (373), with no line terminators Hash9fa892c8b5cb88d2cb9977b8ab1503e2 56541ba3e043b3a46ad525b4185c436017c8f45a 0b25778dbe5067fa8cdb0569dcb6938bc39856e430289cba0f3098364b33fc3e
GET /theme_2023/dist/assets/Tooltip-4872b02d.css HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: file_name=HENPRI-SteamGG.NET.zip; lang=english; file_code=1cdlarnvbyin; affiliate=zur6Hiy8G%2BwJ2fSUcUnMpzKwockJi9uGgv36kU5lh1TfBsox3p5GoBg3ZUih6Kuo3yrkTYZeixYQS007nOSjzyw2qsUXOcxXNfQ%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 11 Mar 2025 14:23:51 GMT
content-type: text/css
last-modified: Sun, 09 Feb 2025 16:17:00 GMT
etag: W/"67a8d4fc-174"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2978
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3RooodXmgyyPMdOHWOQ9VPxSNCmWsOwjOwd5piQoBRHZDoWWa5QP%2BJppau4ZSDtY3%2BitcFykMZTYfpu1uno3YULbBJxlIWN5tvxlTExQi1FJ5roLITalKQYViRNtTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91ebb64b9b2a56ab-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=62091&min_rtt=58684&rtt_var=1093&sent=174&recv=64&lost=0&retrans=8&sent_bytes=179236&recv_bytes=2292&delivery_rate=1685827&cwnd=262&unsent_bytes=0&cid=e0e4cc9e0ac072ee&ts=1923&x=0"
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-7DP7NV2LKF>m=45je5362v9175474265za200&_p=1741703031377&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102814060&cid=471354628.1741703032&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&sid=1741703031&sct=1&seg=0&dl=https%3A%2F%2Fdatanodes.to%2Fdownload&dt=Download%20HENPRI%20SteamGG%20zip&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2511 | 216.239.32.36 | 204 No Content | 0 B |
URL POST region1.analytics.google.com/g/collect?v=2&tid=G-7DP7NV2LKF>m=45je5362v9175474265za200&_p=1741703031377&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102814060&cid=471354628.1741703032&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&sid=1741703031&sct=1&seg=0&dl=https%3A%2F%2Fdatanodes.to%2Fdownload&dt=Download%20HENPRI%20SteamGG%20zip&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2511 IP216.239.32.36:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subject*.google-analytics.com FingerprintAE:1B:D4:56:41:F7:15:A7:24:B8:F3:55:83:91:17:2C:97:12:67:6E ValidityWed, 26 Feb 2025 15:32:54 GMT - Wed, 21 May 2025 15:32:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7DP7NV2LKF>m=45je5362v9175474265za200&_p=1741703031377&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102814060&cid=471354628.1741703032&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&sid=1741703031&sct=1&seg=0&dl=https%3A%2F%2Fdatanodes.to%2Fdownload&dt=Download%20HENPRI%20SteamGG%20zip&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2511 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://datanodes.to/
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://datanodes.to
date: Tue, 11 Mar 2025 14:23:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:136:0
report-to: {"group":"ascnsrsggc:136:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ukankingwithea.com/asd100.bin | 104.21.96.1 | 200 OK | 102 kB |
URL GET ukankingwithea.com/asd100.bin IP104.21.96.1:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectukankingwithea.com Fingerprint02:7E:37:44:90:B9:05:B4:82:CD:5A:71:84:A1:C8:84:66:33:BC:78 ValiditySat, 01 Mar 2025 13:28:14 GMT - Fri, 30 May 2025 14:26:54 GMT
Size102 kB (102400 bytes) Hash4c6426ac7ef186464ecbb0d81cbfcb1e 5a6918eebd9d635e8f632e3ef34e3792b1b5ec13 f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://datanodes.to/
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 11 Mar 2025 14:23:52 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://datanodes.to
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 3961
last-modified: Tue, 11 Mar 2025 13:17:51 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HFC8thhBEIWFpsMvSrp1X1V%2FBPM3tOseh8PrbDLjGAcVYhrADOtB3oLa%2BBhszp1ON9%2B3o7b8b7lwfNMCMxwyZMCMXzm9roywQNJ3VE5aGFCy2LzM%2FY1l9kMAcMxPVaRSqXHlYWg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91ebb653fc07569d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=58792&min_rtt=58573&rtt_var=16648&sent=7&recv=9&lost=0&retrans=0&sent_bytes=3294&recv_bytes=1253&delivery_rate=63853&cwnd=252&unsent_bytes=0&cid=00a97f342b93a655&ts=110&x=0"
X-Firefox-Spdy: h2
|
|
| euboicarmpit.top/pntne | 212.117.186.84 | 200 OK | 2 B |
IP212.117.186.84:443
Requested byhttps://datanodes.to/download CertificateIssuerZeroSSL Subjecteuboicarmpit.top Fingerprint77:F4:85:F1:8C:25:27:43:1E:E1:0E:08:B6:AC:66:00:73:68:BD:BC ValiditySat, 08 Mar 2025 00:00:00 GMT - Fri, 06 Jun 2025 23:59:59 GMT
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /pntne HTTP/1.1
Host: euboicarmpit.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://datanodes.to/
Content-Type: application/json
Content-Length: 83
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 11 Mar 2025 14:23:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://datanodes.to
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2B2dUFnYQDeASKlPDqi1fwkRT6B%2BtCuykV9PYSE32bTH6T8TwvKB7gb8kZ4afgeGKsbdqaV21ZD62o%2Br5tGl72vC1ZxceR46zWzol%2BJhfhtC7Cus5tES4TabJq6AYjKcPjof6aqza7jhD3VmiZIV4OMWdIe2v2lWwRItJiIaSvytJovg4hPoxFyJ7rIyt9ZL9EYNYizO%2BQviktj2V%2BQcDKPE883N9m4UZjl07JxEc8WSEJ%2FgtOg3A0GfuNVNJ6deYGmFl2%2F%2F73ONxZiUTSpgZCbNw72R%2B3Z03l; expires=Wed, 12-Mar-2025 14:23:52 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyEEKwjAQRuGZoQSKQvmxB%2BgJtEEQXdelJAtP0NYihZKUJCre3rj4Fu8RkdRbyLyi0u1lr0%2BZPmca%2FIQYCxkdlPHh03%2FBAdIeIcFhY%2BPim86%2FXMp%2FRPFv8IzSDj42ZkoJ4iLKrh%2BW6XC938CrIkjyiiHxURP4rXY%2F6E0cMQ%3D%3D; expires=Wed, 12-Mar-2025 14:23:52 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASSHykroHfPa8qZ2ZyjF3zyCG76HKLdzsKoEc3VcAUsJ8K-2GwjxbkWJN3tOMtK_CF6ZTJtfXOJZKQ | 64.233.164.84 | 302 Found | 0 B |
URL GET accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASSHykroHfPa8qZ2ZyjF3zyCG76HKLdzsKoEc3VcAUsJ8K-2GwjxbkWJN3tOMtK_CF6ZTJtfXOJZKQ IP64.233.164.84:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectaccounts.google.com Fingerprint0B:AE:C0:D6:4D:D9:36:6A:9E:55:63:03:A2:D1:49:77:18:BD:75:08 ValidityWed, 26 Feb 2025 15:34:53 GMT - Wed, 21 May 2025 15:34:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASSHykroHfPa8qZ2ZyjF3zyCG76HKLdzsKoEc3VcAUsJ8K-2GwjxbkWJN3tOMtK_CF6ZTJtfXOJZKQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://datanodes.to/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:hj5pNMysha8buR6IUv_CwCS8OdNfPg:TUjsraK90gYjkozE;Path=/;Expires=Thu, 11-Mar-2027 14:23:53 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 11 Mar 2025 14:23:53 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASSHyko9eCQKWE8wHGRjPy7nsWaGz_xrmvwHJZYiC2yGAyvc8X1i_1u_XuwrIxLI7Wknm5t0HFEKsQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1125807131%3A1741703033520543&ddm=1
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-G-nQPL2ChNmSWwDFS3-sKQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 424
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api2/clr?k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs | 216.58.207.228 | 200 OK | 0 B |
URL POST www.google.com/recaptcha/api2/clr?k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs IP216.58.207.228:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services Subjectwww.google.com Fingerprint53:F5:E3:47:F6:DC:80:83:14:A1:CE:39:7B:A1:98:61:74:03:86:E2 ValidityMon, 06 Jan 2025 08:37:56 GMT - Mon, 31 Mar 2025 08:37:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /recaptcha/api2/clr?k=6LdhelkqAAAAAH_f47GPnSuEgnjRo4Pf0ukRioGs HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://datanodes.to/
Content-Length: 1810
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/binary
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
date: Tue, 11 Mar 2025 14:23:55 GMT
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
0.0.0.0