Report - datanodes.to/h10wazter9mf/Far_Cry_3_-_Duology_--_fitgirl-repacks.site_--

Report Overview

Visited public
2024-04-16 09:55:38
Tags
Submit Tags
URL
datanodes.to/h10wazter9mf/Far_Cry_3_-_Duology_--_fitgirl-repacks.site_--_.part1.rar
Finishing URL
datanodes.to/download
IP / ASN
31.43.191.18
#210848 Telkom Internet LTD
Title
Download Far Cry Duology fitgirl repacks site part1 rar

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2024-04-15 19:39:18	425 B	419 B	52.29.148.107
continuousselfevidentinestimable.com	unknown	unknown	No data	No data	499 B	467 B	172.240.108.76
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-04-16 05:33:18	473 B	6.1 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-04-16 05:45:06	3.2 kB	67 kB	216.58.207.227
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2024-04-15 14:03:47	2.4 kB	649 kB	142.250.74.35
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2024-04-15 10:15:45	338 B	942 B	143.204.53.97
unseenreport.com	unknown	2022-03-30	2022-03-30 16:33:17	2024-04-15 12:42:52	731 B	423 B	192.243.61.225
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04 23:39:03	2024-04-15 19:40:47	409 B	87 kB	172.67.180.87
scarcerpokomoo.com	unknown	2024-02-28	2024-02-28 06:59:00	2024-04-15 10:59:19	401 B	1.1 kB	23.109.170.134
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2024-04-16 06:58:05	419 B	101 kB	142.250.74.168
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2024-03-23 18:27:44	3.1 kB	69 kB	142.250.74.164
www.google.no	25607	2001-02-26	2016-04-05 21:50:59	2024-04-16 09:23:00	576 B	578 B	142.250.74.163
gymnasiumfilmgale.com	unknown	2024-04-11	2024-04-11 15:32:06	2024-04-14 19:04:59	437 B	31 kB	172.240.127.234
region1.analytics.google.com	unknown	1997-09-15	2022-03-17 12:26:33	2024-04-15 09:39:49	1.6 kB	866 B	216.239.32.36
datanodes.to	unknown	unknown	2022-08-16 10:09:58	2024-04-12 07:45:16	12 kB	422 kB	31.43.191.18

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	scarcerpokomoo.com	Sinkholed
2024-04-16	medium	gymnasiumfilmgale.com	Sinkholed
2024-04-16	medium	continuousselfevidentinestimable.com	Sinkholed
2024-04-16	medium	unseenreport.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (27)

	URL	From	Size	First Seen	Last Seen
	scarcerpokomoo.com/1clkn/31269	ScriptElement	6 B	2023-03-07	2025-07-08
Pretty URL scarcerpokomoo.com/1clkn/31269 IP 23.109.170.134 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-08 03:58 Times Seen13457 Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Loading...

	www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js	ScriptElement	518 kB	2024-04-16	2024-08-20
Pretty URL www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 08:39 Last Seen2024-08-20 04:21 Times Seen766 Hash 8326c23d6b3eed35bc3e62f3294587fd edda17e74e53e85073e5eac9cb6be2163dbfa23c 57f03d3ba66117edc152646341120dd3a1d7d71b9a98a3723af5a8ae61bcb3ab Loading...

	downstairsnegotiatebarren.com/sfp.js	ScriptElement	86 kB	2024-03-29	2024-08-21
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 172.67.180.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13 Last Seen2024-08-21 22:41 Times Seen2254 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

	datanodes.to/theme_2023/dist/assets/app-804de99c.js	ScriptElement	178 kB	2024-03-12	2024-08-20
Pretty URL datanodes.to/theme_2023/dist/assets/app-804de99c.js IP 31.43.191.18 ASN #210848 Telkom Internet LTD Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-12 05:59 Last Seen2024-08-20 07:58 Times Seen490 Hash 532512d47faba69d2df29162722eddf3 1b7797cbb10265d77e26f61b0d202b2340d5657c aff4be5ad0fa681e71bce40919045fe0fed7109e8ca2ee24148e9b9c91c64dde Loading...

	datanodes.to/theme_2023/dist/assets/index-26fc2db3.js	ImportedModule	6.9 kB	2024-03-12	2024-08-20
Pretty URL datanodes.to/theme_2023/dist/assets/index-26fc2db3.js IP 31.43.191.18 ASN #210848 Telkom Internet LTD Introduced by importedModule Embedded in HTML false Observations First Seen2024-03-12 05:59 Last Seen2024-08-20 07:58 Times Seen440 Hash 208fdfff8170735bd569d15c49ef331c a50cb02a49ec0de5483e2928b309c69d708a3a9d c0bd34454c7d029f56806d33376abc31b3e7924fa4d028d571842707b2ae90ff Loading...

	datanodes.to/download	ScriptElement	201 B	2024-01-28	2025-07-08
Pretty URL datanodes.to/download IP 31.43.191.18 ASN #210848 Telkom Internet LTD Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-28 23:21 Last Seen2025-07-08 03:58 Times Seen4989 Hash 91d8cca2b82a7c5662115578bd3f5d2c 8d5b2b8321f95d3d8dbd0564329c0a766caa94a7 ffc523a7eb7f38b0e10cf099f40e1c0537c1c75210f0491ddac4e2496eb9d8b5 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=qxfo48r4jz4y	ScriptElement	69 B	2023-03-07	2025-07-08
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=qxfo48r4jz4y IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-07-08 05:45 Times Seen138233 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	datanodes.to/theme_2023/dist/assets/VirusScan-b512073a.js	ScriptElement	1.1 kB	2024-04-13	2024-08-20
Pretty URL datanodes.to/theme_2023/dist/assets/VirusScan-b512073a.js IP 31.43.191.18 ASN #210848 Telkom Internet LTD Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-13 04:55 Last Seen2024-08-20 04:45 Times Seen308 Hash c0ca7c018bc63759e7761f05e158b720 8c498191c84b902fbaa6326358054655c23033ae 940d0d217e3d34acb1d93c2c2ed8eb194e934bdfd78adc00c15b4bc958652cc4 Loading...

	datanodes.to/theme_2023/dist/assets/Util-a807a770.js	ImportedModule	2.9 kB	2024-03-12	2024-08-20
Pretty URL datanodes.to/theme_2023/dist/assets/Util-a807a770.js IP 31.43.191.18 ASN #210848 Telkom Internet LTD Introduced by importedModule Embedded in HTML false Observations First Seen2024-03-12 05:59 Last Seen2024-08-20 07:58 Times Seen439 Hash e962a082bd7fbcd22d98fc66ffb66a6a da900dd215cd2afe903d45831bd69fb0b5d89dfe fb0732ca0dc4dd3578662939ce36a20ec6c7b180ac376e9aad31adb4bdc6ec9a Loading...

	datanodes.to/theme_2023/dist/assets/transition-4942c40a.js	ImportedModule	28 kB	2024-03-12	2024-08-20
Pretty URL datanodes.to/theme_2023/dist/assets/transition-4942c40a.js IP 31.43.191.18 ASN #210848 Telkom Internet LTD Introduced by importedModule Embedded in HTML false Observations First Seen2024-03-12 05:59 Last Seen2024-08-20 07:58 Times Seen439 Hash 6c585011311e4492ae5a8c20699766ea 56071106c0890eb6f11662f5326adf9e39ca6673 e8c46ae956457ce034b3afed53036b2f8456ac8b9ec68086698b2e77f7cfe01b Loading...

	datanodes.to/download	ScriptElement	0 B	0001-01-01	2025-07-08
Pretty URL datanodes.to/download IP 31.43.191.18 ASN #210848 Telkom Internet LTD Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-07-08 05:46 Times Seen5336218 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	datanodes.to/theme_2023/dist/assets/_plugin-vue_export-helper-c27b6911.js	ImportedModule	91 B	2023-03-08	2025-07-08
Pretty URL datanodes.to/theme_2023/dist/assets/_plugin-vue_export-helper-c27b6911.js IP 31.43.191.18 ASN #210848 Telkom Internet LTD Introduced by importedModule Embedded in HTML false Observations First Seen2023-03-08 16:39 Last Seen2025-07-08 05:29 Times Seen6155 Hash 25e3a5dcaf00fb2b1ba0c8ecea6d2560 7850b3fd4aeb69387bdb5a60025d15c41351d5eb cb85b0f263dbe24e857338301c0627076592e9f1f1a5662929f86d2c126444aa Loading...

	datanodes.to/theme_2023/dist/assets/FileActions-11047178.js	ScriptElement	52 kB	2024-03-12	2024-08-20
Pretty URL datanodes.to/theme_2023/dist/assets/FileActions-11047178.js IP 31.43.191.18 ASN #210848 Telkom Internet LTD Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-12 05:59 Last Seen2024-08-20 07:58 Times Seen439 Hash 2a3cbbaafd1fd12337a39ce4640cd66f 07eedc5b05779f20e24e69a75040380d97b92a56 26103140889e1de0b1d921102798611f98edee5a7e97673784d9dadc282f51fe Loading...

	www.google.com/js/bg/RWTT3oxVpjnMak3qs5vv7tg5xSkq7YqXMGNs3aBXMhQ.js	ScriptElement	18 kB	2024-04-12	2024-08-20
Pretty URL www.google.com/js/bg/RWTT3oxVpjnMak3qs5vv7tg5xSkq7YqXMGNs3aBXMhQ.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 14:56 Last Seen2024-08-20 04:50 Times Seen293 Hash a0b566c1ba416a3899181051b4e22648 6e24d55d8094a8e96bbcdb2c8b2baec42ad59128 4564d3de8c55a639cc6a4deab39befeed839c5292aed8a9730636cdda0573214 Loading...

	www.google.com/recaptcha/api.js?render=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT	ScriptElement	884 B	2024-04-16	2024-08-20
Pretty URL www.google.com/recaptcha/api.js?render=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 11:55 Last Seen2024-08-20 04:19 Times Seen58 Hash 3ab3b2e80b12f2067c7005e0b4575339 a3b902b48bad50aa1420a4b7bcb146489afe1a9d fcc8d21bf5a0eace185d02c54c7663c287746647d2c9214c5a7a42259f5cd45e Loading...

	datanodes.to/theme_2023/dist/assets/LoadingIcon-1eaa7e57.js	ImportedModule	667 B	2024-03-12	2024-08-20
Pretty URL datanodes.to/theme_2023/dist/assets/LoadingIcon-1eaa7e57.js IP 31.43.191.18 ASN #210848 Telkom Internet LTD Introduced by importedModule Embedded in HTML false Observations First Seen2024-03-12 05:59 Last Seen2024-08-20 07:58 Times Seen439 Hash 924715a19e2113e0616560ff6d163f19 a637a2b947f3ee6a23cf14e7a1e85e77262a2e55 ae31dc01e33150d9e9a3adb7746299aa8b97fe25149400b60d0e91c49806af41 Loading...

	datanodes.to/theme_2023/dist/assets/_commonjsHelpers-d4b30cbb.js	ImportedModule	571 B	2023-12-09	2025-07-08
Pretty URL datanodes.to/theme_2023/dist/assets/_commonjsHelpers-d4b30cbb.js IP 31.43.191.18 ASN #210848 Telkom Internet LTD Introduced by importedModule Embedded in HTML false Observations First Seen2023-12-09 19:26 Last Seen2025-07-08 03:58 Times Seen4031 Hash 438e021bb3322f23fb81092ef78dd510 51a31923f243d4af84ef0f6e710bdf202e52c6c9 85533b0eb874013bd2468499e014675813269c8983bf7e0abc366d1715020769 Loading...

	datanodes.to/theme_2023/dist/assets/Tooltip-e907cfa8.js	ImportedModule	17 kB	2024-03-12	2024-08-20
Pretty URL datanodes.to/theme_2023/dist/assets/Tooltip-e907cfa8.js IP 31.43.191.18 ASN #210848 Telkom Internet LTD Introduced by importedModule Embedded in HTML false Observations First Seen2024-03-12 05:59 Last Seen2024-08-20 07:58 Times Seen439 Hash 47570ce2273f6ba76dc8cadb318139d7 24bd9a7efd312beac0db9209ade65a5766b9120f a4047b7166aae1094d906ed2103acbdec37cdf74627c382b8f1007cf26f56078 Loading...

	datanodes.to/theme_2023/dist/assets/open-closed-e5a84f93.js	ImportedModule	3.5 kB	2024-03-12	2024-08-20
Pretty URL datanodes.to/theme_2023/dist/assets/open-closed-e5a84f93.js IP 31.43.191.18 ASN #210848 Telkom Internet LTD Introduced by importedModule Embedded in HTML false Observations First Seen2024-03-12 05:59 Last Seen2024-08-20 07:58 Times Seen440 Hash 81430e48d2b3970c34b08d82381c55eb aaa0206113bd0abfe7064978233356a163624a62 4f85ba591d84f876ed7fa801b00bc0c7eec0e85bfce53e64dd4101fddc1752cc Loading...

	unknown	Function	17 kB	2024-08-20	2024-08-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-08-20 04:19 Last Seen2024-08-20 04:19 Times Seen1 Hash 453fcaa2da3d0596d3d2ae7a1353a7a9 55e5e3b70dc0e375e4d0fbea27e90e3a32d5dae6 4f775d3b0afb99f00d40f99097a890de7d3a0fb658814b29c9f34cba4057cbd4 Loading...

	www.googletagmanager.com/gtag/js?id=G-7DP7NV2LKF	ScriptElement	302 kB	2024-08-20	2024-08-20
Pretty URL www.googletagmanager.com/gtag/js?id=G-7DP7NV2LKF IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 04:19 Last Seen2024-08-20 04:19 Times Seen1 Hash 517abee66245e90a26710d9e93721e71 76b6b36dc223ad6dfce323ab1711e6ac083c171c 819160f9226e7ef443dc85ade68e8b01b5f02cfe1b04e3e7467e5ee5c2894668 Loading...

	gymnasiumfilmgale.com/e1/4e/78/e14e780a032007ee31fa42982e6a623a.js	ScriptElement	81 kB	2024-04-16	2024-08-20
Pretty URL gymnasiumfilmgale.com/e1/4e/78/e14e780a032007ee31fa42982e6a623a.js IP 172.240.127.234 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 11:55 Last Seen2024-08-20 04:19 Times Seen2 Hash fca55a8ac69a7d2f7b66a44f334a454c c0400dfaefb40db16bdb9d6d4c0ad3b4f177b244 49e79f55292f61a94c5cc7386f6ad0d138c32716be7e93723f113db7a68fa1c6 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=qxfo48r4jz4y	ScriptElement	36 kB	2024-08-20	2024-08-20
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=qxfo48r4jz4y IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 04:19 Last Seen2024-08-20 04:19 Times Seen1 Hash fed4099152a9f5dff1df98c78336a3a0 e92258e869d4a7f056404d635de496ad1895c085 6c9a870f9ec4950f25b4f4caab576f78d86466e6019c6dff4acc7c12de94600e Loading...

		Size	First Seen	Last Seen
	#1 Eval - d7f3a36c9e4057af149c4a67cd9cea23	62 B	2024-04-12 14:56	2024-08-20 04:50
Pretty Observations First Seen2024-04-12 14:56 Last Seen2024-08-20 04:50 Times Seen287 Hash d7f3a36c9e4057af149c4a67cd9cea23 df510c4d9191b310a86d88275eb2d8af466e18d3 4029caf99140b5e2c374d4491d8d6ba2877fad979f34a74e632827619f4de10e Loading...

	#2 Eval - 5f9cb5b089ab5be3346f4cc5f277d0dd	18 kB	2024-08-20 04:19	2024-08-20 04:19
Pretty Observations First Seen2024-08-20 04:19 Last Seen2024-08-20 04:19 Times Seen1 Hash 5f9cb5b089ab5be3346f4cc5f277d0dd a8fcc82d03d61d05b5e3a7403e39fcee1093ca9a 1ac2d6ee66ae12bf71e1283353aabc1784c952d3e5d8c205bdca4c77535e1063 Loading...

	#3 Eval - 7684a041dbeafc5914518a2ccd7cf237	22 B	2024-04-12 14:56	2024-08-20 04:50
Pretty Observations First Seen2024-04-12 14:56 Last Seen2024-08-20 04:50 Times Seen288 Hash 7684a041dbeafc5914518a2ccd7cf237 53a194ab0bdd334419c8abe23c2d10e52ae41c8f 4c6849fcc9dbf7c86cb2455fa3ab9949ed39dccdbe53813c785fc6a1e40f877f Loading...

	#4 Eval - d82b93833a9d4586c944a6735ea648a2	22 B	2024-04-12 14:56	2024-08-20 04:50
Pretty Observations First Seen2024-04-12 14:56 Last Seen2024-08-20 04:50 Times Seen289 Hash d82b93833a9d4586c944a6735ea648a2 a3c2823ad7981da69eeffcd799dba3d4ec0111b7 1e06a833698d8b74eecd9c2675c499bb7b164e8183e44d22aca379fb9dec47ae Loading...

HTTP Transactions (46)

URL IP Response Size

GET datanodes.to/h10wazter9mf/Far_Cry_3_-_Duology_--_fitgirl-repacks.site_--_.part1.rar

31.43.191.18

302 Found

0 B

URL User Request GET HTTP/1.1
datanodes.to/h10wazter9mf/Far_Cry_3_-_Duology_--_fitgirl-repacks.site_--_.part1.rar
IP
31.43.191.18:443
ASN
#210848 Telkom Internet LTD

Certificate
IssuerLet's Encrypt
Subjectdatanodes.to
FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E
ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /h10wazter9mf/Far_Cry_3_-_Duology_--_fitgirl-repacks.site_--_.part1.rar HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.14.1
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: file_code=h10wazter9mf; domain=.datanodes.to; path=/; expires=Tue, 16-Apr-2024 10:55:10 GMT
lang=english; domain=.datanodes.to; path=/
file_name=Far_Cry_3_-_Duology_--_fitgirl-repacks.site_--_.part1.rar; domain=.datanodes.to; path=/; expires=Tue, 16-Apr-2024 10:55:10 GMT
Date: Tue, 16 Apr 2024 09:55:10 GMT
Location: https://datanodes.to/download

GET datanodes.to/download

31.43.191.18

200 OK

16 kB

URL User Request GET HTTP/1.1
datanodes.to/download
IP
31.43.191.18:443
ASN
#210848 Telkom Internet LTD

Certificate
IssuerLet's Encrypt
Subjectdatanodes.to
FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E
ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3625)
Size
16 kB (16386 bytes)
Hash
5d492cb5b0b3363dc0679b8aa32335e9
a27238438c37ae104e5f1d7ceded6ced32b5ea37
0263266bd27667e64247eba7b76d7c68cf967b5167ab5ccfda0d801d517fcb8e

HTTP Headers

GET /download HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: file_code=h10wazter9mf; lang=english; file_name=Far_Cry_3_-_Duology_--_fitgirl-repacks.site_--_.part1.rar
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.14.1
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Set-Cookie: affiliate=iTD3qwZob%2FcJ2fSUcUnMp36n%2FpLkG93mdzQDJ7%2FX%2BG068%2B3wPQtJctTCN8k1LBM6kQLKirIuhBIBkvuAd0NF2nDwAe5On%2BM%3D; domain=.datanodes.to; path=/; expires=Tue, 30-Apr-2024 09:55:10 GMT
Expires: Mon, 15 Apr 2024 09:55:10 GMT
Date: Tue, 16 Apr 2024 09:55:10 GMT

GET datanodes.to/theme_2023/dist/assets/app-29263ee8.css

31.43.191.18

200 OK

58 kB

URL GET HTTP/1.1
datanodes.to/theme_2023/dist/assets/app-29263ee8.css
IP
31.43.191.18:443
ASN
#210848 Telkom Internet LTD

Requested by
https://datanodes.to/download
Certificate
IssuerLet's Encrypt
Subjectdatanodes.to
FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E
ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT

File type
Unicode text, UTF-8 text, with very long lines (57897)
Size
58 kB (57906 bytes)
Hash
804746b8bc72d761a892dd04f22900a7
3b8d93b691c09c49537b5423ec5759536e9e722c
29263ee89a9cf511555f2d76a264813aa239f76988cb5f6a1b495ebceaba5df5

HTTP Headers

GET /theme_2023/dist/assets/app-29263ee8.css HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: file_code=h10wazter9mf; lang=english; file_name=Far_Cry_3_-_Duology_--_fitgirl-repacks.site_--_.part1.rar; affiliate=iTD3qwZob%2FcJ2fSUcUnMp36n%2FpLkG93mdzQDJ7%2FX%2BG068%2B3wPQtJctTCN8k1LBM6kQLKirIuhBIBkvuAd0NF2nDwAe5On%2BM%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Tue, 16 Apr 2024 09:55:10 GMT
Content-Type: text/css
Content-Length: 57906
Last-Modified: Tue, 12 Mar 2024 01:03:57 GMT
Connection: keep-alive
ETag: "65efa9fd-e232"
Accept-Ranges: bytes

GET datanodes.to/images/logo.png?v=1

31.43.191.18

200 OK

15 kB

URL GET HTTP/1.1
datanodes.to/images/logo.png?v=1
IP
31.43.191.18:443
ASN
#210848 Telkom Internet LTD

Requested by
https://datanodes.to/download
Certificate
IssuerLet's Encrypt
Subjectdatanodes.to
FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E
ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT

File type
PNG image data, 364 x 230, 8-bit/color RGBA, non-interlaced
Size
15 kB (15350 bytes)
Hash
c9338a5cbd74ee24aee2175a5ac9cfac
eb519e37c50d2dd8908d80a2dd203879f2a430c9
e73da34c3963cd34608bc4016fd1060cf58de21ef14321a153ec45bc004ff56e

HTTP Headers

GET /images/logo.png?v=1 HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: file_code=h10wazter9mf; lang=english; file_name=Far_Cry_3_-_Duology_--_fitgirl-repacks.site_--_.part1.rar; affiliate=iTD3qwZob%2FcJ2fSUcUnMp36n%2FpLkG93mdzQDJ7%2FX%2BG068%2B3wPQtJctTCN8k1LBM6kQLKirIuhBIBkvuAd0NF2nDwAe5On%2BM%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Tue, 16 Apr 2024 09:55:10 GMT
Content-Type: image/png
Content-Length: 15350
Last-Modified: Tue, 16 Jan 2024 14:16:42 GMT
Connection: keep-alive
ETag: "65a68fca-3bf6"
Accept-Ranges: bytes

GET datanodes.to/theme_2023/src/assets/images/virus-scan.png

31.43.191.18

200 OK

34 kB

URL GET HTTP/1.1
datanodes.to/theme_2023/src/assets/images/virus-scan.png
IP
31.43.191.18:443
ASN
#210848 Telkom Internet LTD

Requested by
https://datanodes.to/download
Certificate
IssuerLet's Encrypt
Subjectdatanodes.to
FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E
ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
34 kB (33827 bytes)
Hash
ed8693e5b49bbfec66898fd26b979317
0fe86ee5614e13c3c93672a4d57ef69555f3e701
5b6ef28011995150a50e6e59ca8728a5f0f92c7dfe27f08433e398a7fc177a9d

HTTP Headers

GET /theme_2023/src/assets/images/virus-scan.png HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: file_code=h10wazter9mf; lang=english; file_name=Far_Cry_3_-_Duology_--_fitgirl-repacks.site_--_.part1.rar; affiliate=iTD3qwZob%2FcJ2fSUcUnMp36n%2FpLkG93mdzQDJ7%2FX%2BG068%2B3wPQtJctTCN8k1LBM6kQLKirIuhBIBkvuAd0NF2nDwAe5On%2BM%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Tue, 16 Apr 2024 09:55:10 GMT
Content-Type: image/png
Content-Length: 33827
Last-Modified: Wed, 31 Jan 2024 09:41:40 GMT
Connection: keep-alive
ETag: "65ba15d4-8423"
Accept-Ranges: bytes

GET datanodes.to/theme_2023/dist/assets/app-804de99c.js

31.43.191.18

200 OK

178 kB

URL GET HTTP/1.1
datanodes.to/theme_2023/dist/assets/app-804de99c.js
IP
31.43.191.18:443
ASN
#210848 Telkom Internet LTD

Requested by
https://datanodes.to/download
Certificate
IssuerLet's Encrypt
Subjectdatanodes.to
FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E
ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT

File type
JavaScript source, ASCII text, with very long lines (37384)
Size
178 kB (177920 bytes)
Hash
532512d47faba69d2df29162722eddf3
1b7797cbb10265d77e26f61b0d202b2340d5657c
aff4be5ad0fa681e71bce40919045fe0fed7109e8ca2ee24148e9b9c91c64dde

HTTP Headers

GET /theme_2023/dist/assets/app-804de99c.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: file_code=h10wazter9mf; lang=english; file_name=Far_Cry_3_-_Duology_--_fitgirl-repacks.site_--_.part1.rar; affiliate=iTD3qwZob%2FcJ2fSUcUnMp36n%2FpLkG93mdzQDJ7%2FX%2BG068%2B3wPQtJctTCN8k1LBM6kQLKirIuhBIBkvuAd0NF2nDwAe5On%2BM%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Tue, 16 Apr 2024 09:55:10 GMT
Content-Type: application/javascript
Content-Length: 177920
Last-Modified: Tue, 12 Mar 2024 01:03:57 GMT
Connection: keep-alive
ETag: "65efa9fd-2b700"
Accept-Ranges: bytes

GET www.googletagmanager.com/gtag/js?id=G-7DP7NV2LKF

142.250.74.168

200 OK

101 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-7DP7NV2LKF
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://datanodes.to/download
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
101 kB (100712 bytes)
Hash
517abee66245e90a26710d9e93721e71
76b6b36dc223ad6dfce323ab1711e6ac083c171c
819160f9226e7ef443dc85ade68e8b01b5f02cfe1b04e3e7467e5ee5c2894668

HTTP Headers

GET /gtag/js?id=G-7DP7NV2LKF HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 09:55:11 GMT
expires: Tue, 16 Apr 2024 09:55:11 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100712
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET scarcerpokomoo.com/1clkn/31269

23.109.170.134

200 OK

26 B

URL GET HTTP/1.1
scarcerpokomoo.com/1clkn/31269
IP
23.109.170.134:443
ASN
#7979 SERVERS-COM

Requested by
https://datanodes.to/download
Certificate
IssuerLet's Encrypt
Subjectscarcerpokomoo.com
FingerprintDE:28:D9:27:81:A5:65:7C:78:E5:60:CB:F5:10:13:A4:71:2B:EE:6A
ValidityWed, 28 Feb 2024 04:58:40 GMT - Tue, 28 May 2024 04:58:39 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1clkn/31269 HTTP/1.1
Host: scarcerpokomoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 09:55:11 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Wed, 17-Apr-2024 09:55:11 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Wed, 17-Apr-2024 09:55:11 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET datanodes.to/theme_2023/dist/assets/Tooltip-4872b02d.css

31.43.191.18

200 OK

372 B

URL GET HTTP/1.1
datanodes.to/theme_2023/dist/assets/Tooltip-4872b02d.css
IP
31.43.191.18:443
ASN
#210848 Telkom Internet LTD

Requested by
https://datanodes.to/download
Certificate
IssuerLet's Encrypt
Subjectdatanodes.to
FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E
ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT

File type
ASCII text, with very long lines (371)
Size
372 B (372 bytes)
Hash
cdfb8cc2e705f53d307841b8e9e2fe02
c86370de829ba384fdcde4d556472b27eca7b803
4872b02d2bbe6f70834822916d6e55e3190f18172efaddf935dada716fdb5452

HTTP Headers

GET /theme_2023/dist/assets/Tooltip-4872b02d.css HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: file_code=h10wazter9mf; lang=english; file_name=Far_Cry_3_-_Duology_--_fitgirl-repacks.site_--_.part1.rar; affiliate=iTD3qwZob%2FcJ2fSUcUnMp36n%2FpLkG93mdzQDJ7%2FX%2BG068%2B3wPQtJctTCN8k1LBM6kQLKirIuhBIBkvuAd0NF2nDwAe5On%2BM%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Tue, 16 Apr 2024 09:55:11 GMT
Content-Type: text/css
Content-Length: 372
Last-Modified: Tue, 12 Mar 2024 01:03:57 GMT
Connection: keep-alive
ETag: "65efa9fd-174"
Accept-Ranges: bytes

GET datanodes.to/theme_2023/dist/assets/VirusScan-b512073a.js

31.43.191.18

200 OK

1.1 kB

URL GET HTTP/1.1
datanodes.to/theme_2023/dist/assets/VirusScan-b512073a.js
IP
31.43.191.18:443
ASN
#210848 Telkom Internet LTD

Requested by
https://datanodes.to/download
Certificate
IssuerLet's Encrypt
Subjectdatanodes.to
FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E
ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT

File type
Java source, ASCII text, with very long lines (1119)
Size
1.1 kB (1120 bytes)
Hash
c0ca7c018bc63759e7761f05e158b720
8c498191c84b902fbaa6326358054655c23033ae
940d0d217e3d34acb1d93c2c2ed8eb194e934bdfd78adc00c15b4bc958652cc4

HTTP Headers

GET /theme_2023/dist/assets/VirusScan-b512073a.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/theme_2023/dist/assets/app-804de99c.js
Cookie: file_code=h10wazter9mf; lang=english; file_name=Far_Cry_3_-_Duology_--_fitgirl-repacks.site_--_.part1.rar; affiliate=iTD3qwZob%2FcJ2fSUcUnMp36n%2FpLkG93mdzQDJ7%2FX%2BG068%2B3wPQtJctTCN8k1LBM6kQLKirIuhBIBkvuAd0NF2nDwAe5On%2BM%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Tue, 16 Apr 2024 09:55:11 GMT
Content-Type: application/javascript
Content-Length: 1120
Last-Modified: Tue, 12 Mar 2024 01:03:57 GMT
Connection: keep-alive
ETag: "65efa9fd-460"
Accept-Ranges: bytes

GET datanodes.to/theme_2023/dist/assets/FileActions-11047178.js

31.43.191.18

200 OK

52 kB

URL GET HTTP/1.1
datanodes.to/theme_2023/dist/assets/FileActions-11047178.js
IP
31.43.191.18:443
ASN
#210848 Telkom Internet LTD

Requested by
https://datanodes.to/download
Certificate
IssuerLet's Encrypt
Subjectdatanodes.to
FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E
ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (44817)
Size
52 kB (52275 bytes)
Hash
2a3cbbaafd1fd12337a39ce4640cd66f
07eedc5b05779f20e24e69a75040380d97b92a56
26103140889e1de0b1d921102798611f98edee5a7e97673784d9dadc282f51fe

HTTP Headers

GET /theme_2023/dist/assets/FileActions-11047178.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/theme_2023/dist/assets/app-804de99c.js
Cookie: file_code=h10wazter9mf; lang=english; file_name=Far_Cry_3_-_Duology_--_fitgirl-repacks.site_--_.part1.rar; affiliate=iTD3qwZob%2FcJ2fSUcUnMp36n%2FpLkG93mdzQDJ7%2FX%2BG068%2B3wPQtJctTCN8k1LBM6kQLKirIuhBIBkvuAd0NF2nDwAe5On%2BM%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Tue, 16 Apr 2024 09:55:11 GMT
Content-Type: application/javascript
Content-Length: 52275
Last-Modified: Tue, 12 Mar 2024 01:03:57 GMT
Connection: keep-alive
ETag: "65efa9fd-cc33"
Accept-Ranges: bytes

GET datanodes.to/theme_2023/dist/assets/LoadingIcon-1eaa7e57.js

31.43.191.18

200 OK

667 B

URL GET HTTP/1.1
datanodes.to/theme_2023/dist/assets/LoadingIcon-1eaa7e57.js
IP
31.43.191.18:443
ASN
#210848 Telkom Internet LTD

Requested by
https://datanodes.to/download
Certificate
IssuerLet's Encrypt
Subjectdatanodes.to
FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E
ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT

File type
Java source, ASCII text, with very long lines (666)
Size
667 B (667 bytes)
Hash
924715a19e2113e0616560ff6d163f19
a637a2b947f3ee6a23cf14e7a1e85e77262a2e55
ae31dc01e33150d9e9a3adb7746299aa8b97fe25149400b60d0e91c49806af41

HTTP Headers

GET /theme_2023/dist/assets/LoadingIcon-1eaa7e57.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/theme_2023/dist/assets/VirusScan-b512073a.js
Cookie: file_code=h10wazter9mf; lang=english; file_name=Far_Cry_3_-_Duology_--_fitgirl-repacks.site_--_.part1.rar; affiliate=iTD3qwZob%2FcJ2fSUcUnMp36n%2FpLkG93mdzQDJ7%2FX%2BG068%2B3wPQtJctTCN8k1LBM6kQLKirIuhBIBkvuAd0NF2nDwAe5On%2BM%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Tue, 16 Apr 2024 09:55:11 GMT
Content-Type: application/javascript
Content-Length: 667
Last-Modified: Tue, 12 Mar 2024 01:03:57 GMT
Connection: keep-alive
ETag: "65efa9fd-29b"
Accept-Ranges: bytes

GET datanodes.to/theme_2023/dist/assets/index-26fc2db3.js

31.43.191.18

200 OK

6.9 kB

URL GET HTTP/1.1
datanodes.to/theme_2023/dist/assets/index-26fc2db3.js
IP
31.43.191.18:443
ASN
#210848 Telkom Internet LTD

Requested by
https://datanodes.to/download
Certificate
IssuerLet's Encrypt
Subjectdatanodes.to
FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E
ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT

File type
Java source, ASCII text, with very long lines (6944)
Size
6.9 kB (6945 bytes)
Hash
208fdfff8170735bd569d15c49ef331c
a50cb02a49ec0de5483e2928b309c69d708a3a9d
c0bd34454c7d029f56806d33376abc31b3e7924fa4d028d571842707b2ae90ff

HTTP Headers

GET /theme_2023/dist/assets/index-26fc2db3.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/theme_2023/dist/assets/VirusScan-b512073a.js
Cookie: file_code=h10wazter9mf; lang=english; file_name=Far_Cry_3_-_Duology_--_fitgirl-repacks.site_--_.part1.rar; affiliate=iTD3qwZob%2FcJ2fSUcUnMp36n%2FpLkG93mdzQDJ7%2FX%2BG068%2B3wPQtJctTCN8k1LBM6kQLKirIuhBIBkvuAd0NF2nDwAe5On%2BM%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Tue, 16 Apr 2024 09:55:11 GMT
Content-Type: application/javascript
Content-Length: 6945
Last-Modified: Tue, 12 Mar 2024 01:03:57 GMT
Connection: keep-alive
ETag: "65efa9fd-1b21"
Accept-Ranges: bytes

GET www.google.com/recaptcha/api.js?render=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT

142.250.74.164

200 OK

677 B

URL GET HTTP/2
www.google.com/recaptcha/api.js?render=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://datanodes.to/download
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintCC:CC:99:46:65:6C:77:0B:C8:AA:AD:5E:58:B6:2D:19:B2:C7:0B:06
ValidityMon, 04 Mar 2024 07:19:07 GMT - Mon, 27 May 2024 07:19:06 GMT

File type
gzip compressed data
Size
677 B (677 bytes)
Hash
8c4f76a2d8d9e6a72c134d95c3d6c22b
79e86c554c41db08771a6d50dbc053d0016817c9
7067f855c29db25c44b6a3f9f4d7bd0f2a34fae7451945c672112b79e479f1a9

HTTP Headers

GET /recaptcha/api.js?render=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Tue, 16 Apr 2024 09:55:10 GMT
date: Tue, 16 Apr 2024 09:55:10 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET datanodes.to/theme_2023/dist/assets/_commonjsHelpers-d4b30cbb.js

31.43.191.18

200 OK

571 B

URL GET HTTP/1.1
datanodes.to/theme_2023/dist/assets/_commonjsHelpers-d4b30cbb.js
IP
31.43.191.18:443
ASN
#210848 Telkom Internet LTD

Requested by
https://datanodes.to/download
Certificate
IssuerLet's Encrypt
Subjectdatanodes.to
FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E
ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT

File type
JavaScript source, ASCII text, with very long lines (570)
Size
571 B (571 bytes)
Hash
438e021bb3322f23fb81092ef78dd510
51a31923f243d4af84ef0f6e710bdf202e52c6c9
85533b0eb874013bd2468499e014675813269c8983bf7e0abc366d1715020769

HTTP Headers

GET /theme_2023/dist/assets/_commonjsHelpers-d4b30cbb.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/theme_2023/dist/assets/VirusScan-b512073a.js
Cookie: file_code=h10wazter9mf; lang=english; file_name=Far_Cry_3_-_Duology_--_fitgirl-repacks.site_--_.part1.rar; affiliate=iTD3qwZob%2FcJ2fSUcUnMp36n%2FpLkG93mdzQDJ7%2FX%2BG068%2B3wPQtJctTCN8k1LBM6kQLKirIuhBIBkvuAd0NF2nDwAe5On%2BM%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Tue, 16 Apr 2024 09:55:11 GMT
Content-Type: application/javascript
Content-Length: 571
Last-Modified: Tue, 12 Mar 2024 01:03:57 GMT
Connection: keep-alive
ETag: "65efa9fd-23b"
Accept-Ranges: bytes

GET fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

216.58.207.227

200 OK

7.7 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://datanodes.to/download
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 03:25:26 GMT
expires: Wed, 16 Apr 2025 03:25:26 GMT
cache-control: public, max-age=31536000
age: 23385
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

216.58.207.227

200 OK

8.0 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://datanodes.to/download
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8000, version 1.0
Size
8.0 kB (8000 bytes)
Hash
72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

HTTP Headers

GET /s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 00:30:18 GMT
expires: Wed, 16 Apr 2025 00:30:18 GMT
cache-control: public, max-age=31536000
age: 33893
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

216.58.207.227

200 OK

7.8 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://datanodes.to/download
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7816, version 1.0
Size
7.8 kB (7816 bytes)
Hash
25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

HTTP Headers

GET /s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 20:25:17 GMT
expires: Tue, 15 Apr 2025 20:25:17 GMT
cache-control: public, max-age=31536000
age: 48594
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

216.58.207.227

200 OK

7.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://datanodes.to/download
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 03:21:03 GMT
expires: Wed, 16 Apr 2025 03:21:03 GMT
cache-control: public, max-age=31536000
age: 23648
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET datanodes.to/theme_2023/dist/assets/Util-a807a770.js

31.43.191.18

200 OK

2.9 kB

URL GET HTTP/1.1
datanodes.to/theme_2023/dist/assets/Util-a807a770.js
IP
31.43.191.18:443
ASN
#210848 Telkom Internet LTD

Requested by
https://datanodes.to/download
Certificate
IssuerLet's Encrypt
Subjectdatanodes.to
FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E
ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (2854)
Size
2.9 kB (2857 bytes)
Hash
e962a082bd7fbcd22d98fc66ffb66a6a
da900dd215cd2afe903d45831bd69fb0b5d89dfe
fb0732ca0dc4dd3578662939ce36a20ec6c7b180ac376e9aad31adb4bdc6ec9a

HTTP Headers

GET /theme_2023/dist/assets/Util-a807a770.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/theme_2023/dist/assets/FileActions-11047178.js
Cookie: file_code=h10wazter9mf; lang=english; file_name=Far_Cry_3_-_Duology_--_fitgirl-repacks.site_--_.part1.rar; affiliate=iTD3qwZob%2FcJ2fSUcUnMp36n%2FpLkG93mdzQDJ7%2FX%2BG068%2B3wPQtJctTCN8k1LBM6kQLKirIuhBIBkvuAd0NF2nDwAe5On%2BM%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Tue, 16 Apr 2024 09:55:11 GMT
Content-Type: application/javascript
Content-Length: 2857
Last-Modified: Tue, 12 Mar 2024 01:03:57 GMT
Connection: keep-alive
ETag: "65efa9fd-b29"
Accept-Ranges: bytes

GET datanodes.to/theme_2023/dist/assets/Tooltip-e907cfa8.js

31.43.191.18

200 OK

17 kB

URL GET HTTP/1.1
datanodes.to/theme_2023/dist/assets/Tooltip-e907cfa8.js
IP
31.43.191.18:443
ASN
#210848 Telkom Internet LTD

Requested by
https://datanodes.to/download
Certificate
IssuerLet's Encrypt
Subjectdatanodes.to
FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E
ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT

File type
JavaScript source, ASCII text, with very long lines (16550)
Size
17 kB (16551 bytes)
Hash
47570ce2273f6ba76dc8cadb318139d7
24bd9a7efd312beac0db9209ade65a5766b9120f
a4047b7166aae1094d906ed2103acbdec37cdf74627c382b8f1007cf26f56078

HTTP Headers

GET /theme_2023/dist/assets/Tooltip-e907cfa8.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/theme_2023/dist/assets/FileActions-11047178.js
Cookie: file_code=h10wazter9mf; lang=english; file_name=Far_Cry_3_-_Duology_--_fitgirl-repacks.site_--_.part1.rar; affiliate=iTD3qwZob%2FcJ2fSUcUnMp36n%2FpLkG93mdzQDJ7%2FX%2BG068%2B3wPQtJctTCN8k1LBM6kQLKirIuhBIBkvuAd0NF2nDwAe5On%2BM%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Tue, 16 Apr 2024 09:55:11 GMT
Content-Type: application/javascript
Content-Length: 16551
Last-Modified: Tue, 12 Mar 2024 01:03:57 GMT
Connection: keep-alive
ETag: "65efa9fd-40a7"
Accept-Ranges: bytes

GET datanodes.to/theme_2023/dist/assets/open-closed-e5a84f93.js

31.43.191.18

200 OK

3.5 kB

URL GET HTTP/1.1
datanodes.to/theme_2023/dist/assets/open-closed-e5a84f93.js
IP
31.43.191.18:443
ASN
#210848 Telkom Internet LTD

Requested by
https://datanodes.to/download
Certificate
IssuerLet's Encrypt
Subjectdatanodes.to
FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E
ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT

File type
JavaScript source, ASCII text, with very long lines (1681)
Size
3.5 kB (3487 bytes)
Hash
81430e48d2b3970c34b08d82381c55eb
aaa0206113bd0abfe7064978233356a163624a62
4f85ba591d84f876ed7fa801b00bc0c7eec0e85bfce53e64dd4101fddc1752cc

HTTP Headers

GET /theme_2023/dist/assets/open-closed-e5a84f93.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/theme_2023/dist/assets/FileActions-11047178.js
Cookie: file_code=h10wazter9mf; lang=english; file_name=Far_Cry_3_-_Duology_--_fitgirl-repacks.site_--_.part1.rar; affiliate=iTD3qwZob%2FcJ2fSUcUnMp36n%2FpLkG93mdzQDJ7%2FX%2BG068%2B3wPQtJctTCN8k1LBM6kQLKirIuhBIBkvuAd0NF2nDwAe5On%2BM%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Tue, 16 Apr 2024 09:55:11 GMT
Content-Type: application/javascript
Content-Length: 3487
Last-Modified: Tue, 12 Mar 2024 01:03:57 GMT
Connection: keep-alive
ETag: "65efa9fd-d9f"
Accept-Ranges: bytes

GET datanodes.to/theme_2023/dist/assets/transition-4942c40a.js

31.43.191.18

200 OK

28 kB

URL GET HTTP/1.1
datanodes.to/theme_2023/dist/assets/transition-4942c40a.js
IP
31.43.191.18:443
ASN
#210848 Telkom Internet LTD

Requested by
https://datanodes.to/download
Certificate
IssuerLet's Encrypt
Subjectdatanodes.to
FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E
ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT

File type
JavaScript source, ASCII text, with very long lines (27942)
Size
28 kB (27943 bytes)
Hash
6c585011311e4492ae5a8c20699766ea
56071106c0890eb6f11662f5326adf9e39ca6673
e8c46ae956457ce034b3afed53036b2f8456ac8b9ec68086698b2e77f7cfe01b

HTTP Headers

GET /theme_2023/dist/assets/transition-4942c40a.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/theme_2023/dist/assets/FileActions-11047178.js
Cookie: file_code=h10wazter9mf; lang=english; file_name=Far_Cry_3_-_Duology_--_fitgirl-repacks.site_--_.part1.rar; affiliate=iTD3qwZob%2FcJ2fSUcUnMp36n%2FpLkG93mdzQDJ7%2FX%2BG068%2B3wPQtJctTCN8k1LBM6kQLKirIuhBIBkvuAd0NF2nDwAe5On%2BM%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Tue, 16 Apr 2024 09:55:11 GMT
Content-Type: application/javascript
Content-Length: 27943
Last-Modified: Tue, 12 Mar 2024 01:03:57 GMT
Connection: keep-alive
ETag: "65efa9fd-6d27"
Accept-Ranges: bytes

GET datanodes.to/favicon.ico

31.43.191.18

200 OK

2.5 kB

URL GET HTTP/1.1
datanodes.to/favicon.ico
IP
31.43.191.18:443
ASN
#210848 Telkom Internet LTD

Requested by
https://datanodes.to/download
Certificate
IssuerLet's Encrypt
Subjectdatanodes.to
FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E
ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
2.5 kB (2461 bytes)
Hash
c813091dc9f029ba08588f60cc450755
d2b2f0efc676eff758c4194d80ff2e9ee973f556
682e513cfa795efc1e53c502e9a8aa3d91db160b7fd15f94de2a4156a6961474

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: file_code=h10wazter9mf; lang=english; file_name=Far_Cry_3_-_Duology_--_fitgirl-repacks.site_--_.part1.rar; affiliate=iTD3qwZob%2FcJ2fSUcUnMp36n%2FpLkG93mdzQDJ7%2FX%2BG068%2B3wPQtJctTCN8k1LBM6kQLKirIuhBIBkvuAd0NF2nDwAe5On%2BM%3D; _ga_7DP7NV2LKF=GS1.1.1713261311.1.0.1713261311.60.0.0; _ga=GA1.1.826148549.1713261311
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Tue, 16 Apr 2024 09:55:11 GMT
Content-Type: image/x-icon
Content-Length: 2461
Last-Modified: Thu, 01 Sep 2022 19:47:58 GMT
Connection: keep-alive
ETag: "63110c6e-99d"
Accept-Ranges: bytes

GET www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js

142.250.74.35

200 OK

206 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
JavaScript source, ASCII text, with very long lines (597)
Size
206 kB (206057 bytes)
Hash
8326c23d6b3eed35bc3e62f3294587fd
edda17e74e53e85073e5eac9cb6be2163dbfa23c
57f03d3ba66117edc152646341120dd3a1d7d71b9a98a3723af5a8ae61bcb3ab

HTTP Headers

GET /recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 206057
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 23:55:24 GMT
expires: Tue, 15 Apr 2025 23:55:24 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 02:01:04 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 35987
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7DP7NV2LKF&cid=826148549.1713261311&gtm=45je44f0v9175474265za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=969655274

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7DP7NV2LKF&cid=826148549.1713261311&gtm=45je44f0v9175474265za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=969655274
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://datanodes.to/download
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint0E:DD:25:54:7B:C3:7F:EC:27:35:B1:EC:15:C4:B7:D2:09:71:3B:68
ValidityMon, 04 Mar 2024 07:26:33 GMT - Mon, 27 May 2024 07:26:32 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7DP7NV2LKF&cid=826148549.1713261311&gtm=45je44f0v9175474265za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=969655274 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 16 Apr 2024 09:55:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/styles__ltr.css

142.250.74.35

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/styles__ltr.css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=qxfo48r4jz4y
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
ASCII text, with very long lines (56412), with no line terminators
Size
25 kB (24617 bytes)
Hash
2c00b9f417b688224937053cd0c284a5
17b4c18ebc129055dd25f214c3f11e03e9df2d82
1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed

HTTP Headers

GET /recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24617
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:58:42 GMT
expires: Wed, 16 Apr 2025 08:58:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 02:01:04 GMT
content-type: text/css
vary: Accept-Encoding
age: 3389
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js

142.250.74.35

200 OK

206 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
JavaScript source, ASCII text, with very long lines (597)
Size
206 kB (206057 bytes)
Hash
8326c23d6b3eed35bc3e62f3294587fd
edda17e74e53e85073e5eac9cb6be2163dbfa23c
57f03d3ba66117edc152646341120dd3a1d7d71b9a98a3723af5a8ae61bcb3ab

HTTP Headers

GET /recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 206057
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 23:55:24 GMT
expires: Tue, 15 Apr 2025 23:55:24 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 02:01:04 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 35987
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET gymnasiumfilmgale.com/e1/4e/78/e14e780a032007ee31fa42982e6a623a.js

172.240.127.234

200 OK

30 kB

URL GET HTTP/1.1
gymnasiumfilmgale.com/e1/4e/78/e14e780a032007ee31fa42982e6a623a.js
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://datanodes.to/download
Certificate
IssuerLet's Encrypt
Subjectgymnasiumfilmgale.com
Fingerprint04:6D:C3:29:FB:CA:93:51:E1:75:4E:5A:57:D9:54:FF:34:32:12:BF
ValidityThu, 11 Apr 2024 12:30:46 GMT - Wed, 10 Jul 2024 12:30:45 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
30 kB (29761 bytes)
Hash
fca55a8ac69a7d2f7b66a44f334a454c
c0400dfaefb40db16bdb9d6d4c0ad3b4f177b244
49e79f55292f61a94c5cc7386f6ad0d138c32716be7e93723f113db7a68fa1c6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /e1/4e/78/e14e780a032007ee31fa42982e6a623a.js HTTP/1.1
Host: gymnasiumfilmgale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 09:55:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-2967-layer=0; expires=Sun, 21 Apr 2024 00:55:11 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1383546263c37432371b51a1e1f8daac
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

POST region1.analytics.google.com/g/collect?v=2&tid=G-7DP7NV2LKF&gtm=45je44f0v9175474265za200&_p=1713261311000&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=826148549.1713261311&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713261311&sct=1&seg=0&dl=https%3A%2F%2Fdatanodes.to%2Fdownload&dt=Download%20Far%20Cry%20Duology%20fitgirl%20repacks%20site%20part1%20rar&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=890

216.239.32.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-7DP7NV2LKF&gtm=45je44f0v9175474265za200&_p=1713261311000&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=826148549.1713261311&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713261311&sct=1&seg=0&dl=https%3A%2F%2Fdatanodes.to%2Fdownload&dt=Download%20Far%20Cry%20Duology%20fitgirl%20repacks%20site%20part1%20rar&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=890
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://datanodes.to/download
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-7DP7NV2LKF&gtm=45je44f0v9175474265za200&_p=1713261311000&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=826148549.1713261311&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713261311&sct=1&seg=0&dl=https%3A%2F%2Fdatanodes.to%2Fdownload&dt=Download%20Far%20Cry%20Duology%20fitgirl%20repacks%20site%20part1%20rar&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=890 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://datanodes.to
date: Tue, 16 Apr 2024 09:55:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=qxfo48r4jz4y
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:43:03 GMT
expires: Fri, 11 Apr 2025 02:43:03 GMT
cache-control: public, max-age=31536000
age: 457929
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=qxfo48r4jz4y
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:25:07 GMT
expires: Fri, 11 Apr 2025 17:25:07 GMT
cache-control: public, max-age=31536000
age: 405005
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.google.com/js/bg/RWTT3oxVpjnMak3qs5vv7tg5xSkq7YqXMGNs3aBXMhQ.js

142.250.74.164

200 OK

7.5 kB

URL GET HTTP/3
www.google.com/js/bg/RWTT3oxVpjnMak3qs5vv7tg5xSkq7YqXMGNs3aBXMhQ.js
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=qxfo48r4jz4y
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JavaScript source, ASCII text, with very long lines (17614)
Size
7.5 kB (7470 bytes)
Hash
a0b566c1ba416a3899181051b4e22648
6e24d55d8094a8e96bbcdb2c8b2baec42ad59128
4564d3de8c55a639cc6a4deab39befeed839c5292aed8a9730636cdda0573214

HTTP Headers

GET /js/bg/RWTT3oxVpjnMak3qs5vv7tg5xSkq7YqXMGNs3aBXMhQ.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=qxfo48r4jz4y
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7470
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 10 Apr 2024 05:03:42 GMT
expires: Thu, 10 Apr 2025 05:03:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 04 Apr 2024 18:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 535890
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.35

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=qxfo48r4jz4y
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:54:07 GMT
expires: Thu, 18 Apr 2024 02:54:07 GMT
cache-control: public, max-age=604800
age: 457265
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js

142.250.74.35

200 OK

206 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
JavaScript source, ASCII text, with very long lines (597)
Size
206 kB (206057 bytes)
Hash
8326c23d6b3eed35bc3e62f3294587fd
edda17e74e53e85073e5eac9cb6be2163dbfa23c
57f03d3ba66117edc152646341120dd3a1d7d71b9a98a3723af5a8ae61bcb3ab

HTTP Headers

GET /recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 206057
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 23:55:24 GMT
expires: Tue, 15 Apr 2025 23:55:24 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 02:01:04 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 35988
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
0bea14a24acf01e7602c416935848793
3493b99ca0da4d0c60f848069fa57e39b335a87a
229a97c14569254bf9fe6342e7cd4efd9e4f4b0ff89fb3c1e5c935976ab01062

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 16 Apr 2024 09:55:12 GMT
Last-Modified: Tue, 16 Apr 2024 08:31:45 GMT
Server: ECAcc (ska/F73C)
X-Cache: Miss from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MfrrQ5Pf9ouh3ls7mDmmE_laOMrg--zp6c6B9OGkGH1yNRHiBl4YpA==
Age: 5007

GET proftrafficcounter.com/stats

52.29.148.107

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
52.29.148.107:443
ASN
#16509 AMAZON-02

Requested by
https://datanodes.to/download
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
b878ef49bf571a059a690771eec4f123
07e00857fef313135cbccc650b468bb4af1397e5
69c12c8c637fd95c29b6bd7b4038285eaacafcb0f46d640ed22b5287fe2e87af

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:12 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://datanodes.to
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=8ff75f40-ecd0-4f49-a343-d548c70594e8:1:1; expires=Fri, 14 Apr 2034 09:55:12 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

GET continuousselfevidentinestimable.com/pixel/purst?dl=0&th=0&sc=0&rs=1532&rd=1532&fd=844&bv=24.4.2204&tmpl=70

172.240.108.76

200 OK

0 B

URL GET HTTP/1.1
continuousselfevidentinestimable.com/pixel/purst?dl=0&th=0&sc=0&rs=1532&rd=1532&fd=844&bv=24.4.2204&tmpl=70
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://datanodes.to/download
Certificate
IssuerLet's Encrypt
Subjectcontinuousselfevidentinestimable.com
Fingerprint1F:F4:36:85:7F:D7:60:BF:21:DA:52:FF:00:60:97:80:4B:6D:0D:3A
ValidityMon, 15 Apr 2024 12:20:33 GMT - Sun, 14 Jul 2024 12:20:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1532&rd=1532&fd=844&bv=24.4.2204&tmpl=70 HTTP/1.1
Host: continuousselfevidentinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 09:55:12 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET unseenreport.com/pxf.gif?uuid=8ff75f40-ecd0-4f49-a343-d548c70594e8&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=e14e780a032007ee31fa42982e6a623a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9

192.243.61.225

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=8ff75f40-ecd0-4f49-a343-d548c70594e8&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=e14e780a032007ee31fa42982e6a623a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://datanodes.to/download
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=8ff75f40-ecd0-4f49-a343-d548c70594e8&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=e14e780a032007ee31fa42982e6a623a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 09:55:13 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: efd35298cf115b03b1f918aaea1677cf
Strict-Transport-Security: max-age=0; includeSubdomains

POST region1.analytics.google.com/g/collect?v=2&tid=G-7DP7NV2LKF&gtm=45je44f0v9175474265za200&_p=1713261311000&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=826148549.1713261311&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=2&sid=1713261311&sct=1&seg=0&dl=https%3A%2F%2Fdatanodes.to%2Fdownload&dt=Download%20Far%20Cry%20Duology%20fitgirl%20repacks%20site%20part1%20rar&en=scroll&epn.percent_scrolled=90&tfd=5964

216.239.32.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-7DP7NV2LKF&gtm=45je44f0v9175474265za200&_p=1713261311000&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=826148549.1713261311&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=2&sid=1713261311&sct=1&seg=0&dl=https%3A%2F%2Fdatanodes.to%2Fdownload&dt=Download%20Far%20Cry%20Duology%20fitgirl%20repacks%20site%20part1%20rar&en=scroll&epn.percent_scrolled=90&tfd=5964
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://datanodes.to/download
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-7DP7NV2LKF&gtm=45je44f0v9175474265za200&_p=1713261311000&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=826148549.1713261311&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=2&sid=1713261311&sct=1&seg=0&dl=https%3A%2F%2Fdatanodes.to%2Fdownload&dt=Download%20Far%20Cry%20Duology%20fitgirl%20repacks%20site%20part1%20rar&en=scroll&epn.percent_scrolled=90&tfd=5964 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://datanodes.to
date: Tue, 16 Apr 2024 09:55:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=qxfo48r4jz4y

142.250.74.164

200 OK

44 kB

URL GET HTTP/3
www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=qxfo48r4jz4y
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://datanodes.to/download
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
HTML document, ASCII text, with very long lines (35841)
Size
44 kB (44546 bytes)
Hash
0958bb80bd86046f2c7d2cbe858eeebe
a18a52d2fd5ebe02c8322c5c73160f94ce83dcbd
227c87c351cdf54c64dbfe40e120731cd95e6fe7bac2a1921d1327f94c921a97

HTTP Headers

GET /recaptcha/api2/anchor?ar=1&k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=qxfo48r4jz4y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 16 Apr 2024 09:55:11 GMT
content-security-policy: script-src 'nonce-dPS0ZrWmxtrBxgxJSvh5RQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700;800;900&display=swap

142.250.74.106

200 OK

5.5 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700;800;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://datanodes.to/download
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (5641), with no line terminators
Size
5.5 kB (5515 bytes)
Hash
35b66465b230fcf9cde32761a6187553
23aeb1a7e72b51f65b0ffa6f16c2c43bc1b97e99
61a937f2c296ef8887d128d83dd76b7efb5e17f60e375fdeea4731a290b67d07

HTTP Headers

GET /css2?family=Poppins:wght@300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 09:55:10 GMT
date: Tue, 16 Apr 2024 09:55:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

POST www.google.com/recaptcha/api2/reload?k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT

142.250.74.164

200 OK

13 kB

URL POST HTTP/3
www.google.com/recaptcha/api2/reload?k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=qxfo48r4jz4y
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
ASCII text, with very long lines (13078)
Size
13 kB (13083 bytes)
Hash
4493eb10a9bd727ba5ffe5b3040de434
68439562bd7223d28428b6abd6f406be8adce1ef
217ae41d533adadde8a99cff54499a1200afc9bccceb478da280130869885732

HTTP Headers

POST /recaptcha/api2/reload?k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 9239
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=qxfo48r4jz4y
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
date: Tue, 16 Apr 2024 09:55:13 GMT
expires: Tue, 16 Apr 2024 09:55:13 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
set-cookie: _GRECAPTCHA=09AH0dGfSWJoJ8w4OyYBbvecx02Dhm9F1vQyYRkVQKWY8zpA6APJqvqIUSY6bZK7hEccRwUIfiY5wWs8Y7jeWghEg;Path=/recaptcha;Expires=Sun, 13-Oct-2024 09:55:13 GMT;Secure;HttpOnly;Priority=HIGH;SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.google.com/recaptcha/api2/webworker.js?hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC

142.250.74.164

200 OK

102 B

URL GET HTTP/3
www.google.com/recaptcha/api2/webworker.js?hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=qxfo48r4jz4y
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
ASCII text, with no line terminators
Size
102 B (102 bytes)
Hash
c193745deb63fe67f3aa6b578c40dd99
8a3ecc2696074e71d3b011c99b98cb25229e1a31
d41e076366e4207d57a5fd1725c2024f751c43ae4a3a8e93cc46dfb8462a3e5b

HTTP Headers

GET /recaptcha/api2/webworker.js?hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=qxfo48r4jz4y
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 16 Apr 2024 09:55:12 GMT
date: Tue, 16 Apr 2024 09:55:12 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET datanodes.to/theme_2023/dist/assets/_plugin-vue_export-helper-c27b6911.js

31.43.191.18

200 OK

91 B

URL GET HTTP/1.1
datanodes.to/theme_2023/dist/assets/_plugin-vue_export-helper-c27b6911.js
IP
31.43.191.18:443
ASN
#210848 Telkom Internet LTD

Requested by
https://datanodes.to/download
Certificate
IssuerLet's Encrypt
Subjectdatanodes.to
FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E
ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT

File type
ASCII text, with no line terminators
Size
91 B (91 bytes)
Hash
45eeffa41efe748ab4232b212a4829ef
5acfb0bd66dde75e532234d76f92a904e512d5f0
f9283800c2d9ca1dc2d4db040a4e53927149d0caedc21857059dd1628d5417b7

HTTP Headers

GET /theme_2023/dist/assets/_plugin-vue_export-helper-c27b6911.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/theme_2023/dist/assets/VirusScan-b512073a.js
Cookie: file_code=h10wazter9mf; lang=english; file_name=Far_Cry_3_-_Duology_--_fitgirl-repacks.site_--_.part1.rar; affiliate=iTD3qwZob%2FcJ2fSUcUnMp36n%2FpLkG93mdzQDJ7%2FX%2BG068%2B3wPQtJctTCN8k1LBM6kQLKirIuhBIBkvuAd0NF2nDwAe5On%2BM%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Tue, 16 Apr 2024 09:55:11 GMT
Content-Type: application/javascript
Content-Length: 91
Last-Modified: Tue, 12 Mar 2024 01:03:57 GMT
Connection: keep-alive
ETag: "65efa9fd-5b"
Accept-Ranges: bytes

GET downstairsnegotiatebarren.com/sfp.js

172.67.180.87

200 OK

86 kB

URL GET HTTP/2
downstairsnegotiatebarren.com/sfp.js
IP
172.67.180.87:443
ASN
#13335 CLOUDFLARENET

Requested by
https://datanodes.to/download
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44
ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT

File type

Size
86 kB (85611 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:12 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: e1806646998b00912334254f2153a5ed
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 16 Apr 2024 09:55:11 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZTnuNMthu5LexXlfl8weTrGcOnrccTsegypkqWmkpjNsKNvRZuhXGCCqlOpwlo6uXcELsLHDPwwsos4aG1Tx0P1%2B9GE8douqBO1hCuOofGEW8ZVj06Eek4cmo%2F9LyIdsgZLZ1%2FlrFX9C5EEBuc3MXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87534c606fad7128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (27)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by