Report - dfiles.eu/files/tf2vowhl0%20The_Matrix

Report Overview

URL

dfiles.eu/files/tf2vowhl0%20The_Matrix_Comics.rar
IP

91.226.124.80

ASN

#35415 Webzilla B.V.
Submitted

2023-01-24T21:46:46Z

Access
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

0
Threat Detection Systems

17

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog (7)	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2401	4897	216.58.211.3
www.google.com (1)	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	360	1169	216.58.207.228
pagead2.googlesyndication.com (1)	101	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	424	50512	142.250.74.130
lb.eu-1-id5-sync.com (1)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	416	371	162.19.138.119
jsc.mgid.com (1)	7902	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376	938	104.19.134.78
firefox.settings.services.mozilla.com (2)	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782	2373	35.241.9.150
ocsp.sca1b.amazontrust.com (1)	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350	944	54.230.245.118
img-getpocket.cdn.mozilla.net (6)	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3246	62123	34.120.237.76
cm.steepto.com (2)	36677	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	755	748	104.19.137.80
lbs.eu-1-id5-sync.com (1)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	418	281	141.95.98.64
99fbc8485f.7fc0966988.com (1)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1236	320	45.133.44.24
fonts.gstatic.com (2)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	950	33501	216.58.207.227
sw.wpush.org (2)	78308	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	738	38278	45.133.44.24
static.depositfiles.com (18)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7139	708274	91.226.124.77
cdn.id5-sync.com (1)	1748	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370	611	172.67.38.106
contile.services.mozilla.com (1)	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333	391	34.117.237.239
adsbb.dfiles.eu (8)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4986	174473	91.226.124.78
dominantroute.com (1)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	394	140502	193.200.64.20
js.wpadmngr.com (1)	25762	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	366	374	45.133.44.24
s-img.steepto.com (3)	65200	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2064	38825	104.19.136.80
fp.metricswpsh.com (2)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	929	775	157.90.84.242
r3.o.lencr.org (27)	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9126	23930	23.36.76.226
6ccc293c3d.2f488993d1.com (2)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	859	1071	45.133.44.25
ads.pubmatic.com (1)	469	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	386	73837	23.38.200.201
cdn.cloudimagesb.com (1)	23099	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	415	33087	45.133.44.9
push.services.mozilla.com (1)	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606	127	54.148.70.121
naveljutmistress.com (1)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	443	467	173.233.137.44
ads.a-static.com (1)	642938	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	396	10998	46.166.179.118
unseenreport.com (2)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1416	846	192.243.61.225
dfiles.eu (4)	434493	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2639	10487	91.226.124.80
pl16105218.highcpmrevenuenetwork.com (1)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	410	14143	192.243.59.13
js.wpshsdk.com (4)	12130	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1544	2559	45.133.44.24
id5-sync.com (1)	504	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	438	594	162.19.138.120
cdn.creative-bars1.com (4)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1712	3347	172.64.167.9
cdn.barscreative1.com (1)	25648	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	437	386	45.133.44.4
content-signature-2.cdn.mozilla.net (1)	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413	5844	34.160.144.191
www.gstatic.com (1)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	429	164874	142.250.74.35
friendshipmale.com (1)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	354	28546	172.64.108.35
adserver.adreactor.com (4)	268206	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1858	13237	46.166.179.121
feignthat.com (8)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5710	114268	192.243.59.13
cdn.unblockia.com (1)	20316	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	351	857	54.230.111.2
e1.o.lencr.org (5)	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1690	3647	23.36.76.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-24	medium	friendshipmale.com/sfp.js	Malware
2023-01-24	medium	cdn.barscreative1.com/sb/au/d3/55/fb/d355fb06fa4f4907609b7d285fa07f7a/1664530003.html	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-24	medium	highcpmrevenuenetwork.com	Sinkholed
2023-01-24	medium	2f488993d1.com	Sinkholed
2023-01-24	medium	feignthat.com	Sinkholed
2023-01-24	medium	feignthat.com	Sinkholed
2023-01-24	medium	naveljutmistress.com	Sinkholed
2023-01-24	medium	feignthat.com	Sinkholed
2023-01-24	medium	7fc0966988.com	Sinkholed
2023-01-24	medium	feignthat.com	Sinkholed
2023-01-24	medium	feignthat.com	Sinkholed
2023-01-24	medium	feignthat.com	Sinkholed
2023-01-24	medium	unseenreport.com	Sinkholed
2023-01-24	medium	unseenreport.com	Sinkholed
2023-01-24	medium	feignthat.com	Sinkholed
2023-01-24	medium	feignthat.com	Sinkholed
2023-01-24	medium	2f488993d1.com	Sinkholed

ThreatFox

No alerts detected

HTTP Transactions (135)

URL IP Response Size

dfiles.eu/files/tf2vowhl0%20The_Matrix_Comics.rar

91.226.124.80

302 Moved Temporarily

138

URL HTTP/1.1

dfiles.eu/files/tf2vowhl0%20The_Matrix_Comics.rar
IP

91.226.124.80:0
ASN

#35415 Webzilla B.V.

Magic

HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators

Size

138
Hash

aff950cab4c0265e21d401db15f1026d

f03e18461817f7a6546c8bf8fa8d686d7e30aca0

753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0

HTTP Headers

                                        GET /files/tf2vowhl0%20The_Matrix_Comics.rar HTTP/1.1
Host: dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 24 Jan 2023 21:46:34 GMT
Content-Type: text/html
Content-Length: 138
Connection: close
Location: https://dfiles.eu/files/tf2vowhl0%20The_Matrix_Comics.rar

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

04512fea22644dc0d22c3f3a665f6645

0e213646abfc6d9560ba562362fd9e9115be8354

124d9534f75506b8e8c7535ee7295ac4e6cf5a8249a0edac6940839e56043181

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "124D9534F75506B8E8C7535EE7295AC4E6CF5A8249A0EDAC6940839E56043181"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2858
Expires: Tue, 24 Jan 2023 22:34:12 GMT
Date: Tue, 24 Jan 2023 21:46:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

f416977a8d6dfaafb2dbfd0e68b871f8

dfa97bd829b03162de91c80133f2fde69b58a8d2

2c4d0fd1b7a6d398026a4817267adce203429acdd3defa44a879f0d945f392d5

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C4D0FD1B7A6D398026A4817267ADCE203429ACDD3DEFA44A879F0D945F392D5"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12143
Expires: Wed, 25 Jan 2023 01:08:57 GMT
Date: Tue, 24 Jan 2023 21:46:34 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939

URL HTTP/2

firefox.settings.services.mozilla.com/v1/
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (939), with no line terminators

Size

939
Hash

bf0c602d32b3c14606f22a86183b5e3c

6eabd8d83475eba731968abe1a05a8bfd272f160

6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

                                        GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 24 Jan 2023 21:35:07 GMT
content-type: application/json
age: 687
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

6cd4f1da1215c7473500807c185f2449

b14db0c67cf1f5faf85648ed8f94baf2dd03808b

9750518efd869da5ff74ba65a196445bd4340c909157cc1a420f62c1d07224a0

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9750518EFD869DA5FF74BA65A196445BD4340C909157CC1A420F62C1D07224A0"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5702
Expires: Tue, 24 Jan 2023 23:21:36 GMT
Date: Tue, 24 Jan 2023 21:46:34 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5348

URL HTTP/2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP

34.160.144.191:0
ASN

#15169 GOOGLE

Magic

PEM certificate\012- , ASCII text

Size

5348
Hash

7b922915ebf1fa3639b333f994c74f24

144a3f80b98fd0652d4614f24cf6cbbee40f8938

adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

                                        GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
x-amz-id-2: DfPWG4oVbt6manOzWc/tBRNOi3trv87uE0ZyjAU3EZJV9jbJksDO3u4ahzcQYHcv6Z1BRaPHc2Q=
x-amz-request-id: 6EBJ03FF7A8ASXQR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 24 Jan 2023 20:48:18 GMT
age: 3496
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

4240712235ac355b35572ce256e573d3

ec453c3a2b2730aa6f235ed68d7edfc3b0680346

a6425f4d47ff5ab9c7ac91f2da765c2cf68a4141ecd7d48cf46d539d6ef65a2b

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6425F4D47FF5AB9C7AC91F2DA765C2CF68A4141ECD7D48CF46D539D6EF65A2B"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9981
Expires: Wed, 25 Jan 2023 00:32:55 GMT
Date: Tue, 24 Jan 2023 21:46:34 GMT
Connection: keep-alive

dfiles.eu/files/tf2vowhl0%20The_Matrix_Comics.rar

91.226.124.76

200 OK

9129

URL HTTP/1.1

dfiles.eu/files/tf2vowhl0%20The_Matrix_Comics.rar
IP

91.226.124.76:0
ASN

#35415 Webzilla B.V.

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6441), with CRLF, CR, LF line terminators

Size

9129
Hash

76db0c54842aba4480f8350c365d3e06

15fdda806170347a9d9ccba44cc0038d6a727354

46b9cb3045ee07ea078bbbdfc87a4edcd0924cf25b6c36ebf498d72918346503

HTTP Headers

                                        GET /files/tf2vowhl0%20The_Matrix_Comics.rar HTTP/1.1
Host: dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:46:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: uprand=6bfa444064656fc1c6964ba5d0022a3a; path=/; domain=.dfiles.eu
last_file=tf2vowhl0; path=/; domain=.dfiles.eu
lang_current=en; expires=Wed, 24-Jan-2024 21:46:34 GMT; Max-Age=31536000; path=/; domain=.dfiles.eu; secure
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

URL HTTP/2

contile.services.mozilla.com/v1/tiles
IP

34.117.237.239:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with no line terminators

Size

12
Hash

23e88fb7b99543fb33315b29b1fad9d6

a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

                                        GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 21:46:34 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

216.58.211.3:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

cc2b9a26cf016c0cf9e73531f6004051

408990c14ea8af4c979a277da755c89771672356

36e955bd017c3febc7623ad388bb260757294ca612b94ae5417de6cc04073a82

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 21:46:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js

216.58.207.228

200 OK

555

URL HTTP/2

www.google.com/recaptcha/api.js
IP

216.58.207.228:0
ASN

#15169 GOOGLE

Magic

ASCII text, with very long lines (850), with no line terminators

Size

555
Hash

4fcc8cffc198bb1436d5e909506b0b2a

a6269c7bf1d3614a78b9ba99cfec2b29e0b6ab7e

33b2950d981dcb3af46004be957506985ea0c185b5436fc6435efcdea7699d89

HTTP Headers

                                        GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
expires: Tue, 24 Jan 2023 21:46:35 GMT
date: Tue, 24 Jan 2023 21:46:35 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 555
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

2de513f98952e1ce1001cdaf8281dab2

19acc6d053e7d071f6d74f96ade1a99ab3a8b3ac

4014dff66ec45ecf3dd61487b1475641641e834803518773901a0822a6b62e7a

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4014DFF66EC45ECF3DD61487B1475641641E834803518773901A0822A6B62E7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7001
Expires: Tue, 24 Jan 2023 23:43:16 GMT
Date: Tue, 24 Jan 2023 21:46:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

2de513f98952e1ce1001cdaf8281dab2

19acc6d053e7d071f6d74f96ade1a99ab3a8b3ac

4014dff66ec45ecf3dd61487b1475641641e834803518773901a0822a6b62e7a

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4014DFF66EC45ECF3DD61487B1475641641E834803518773901A0822A6B62E7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7001
Expires: Tue, 24 Jan 2023 23:43:16 GMT
Date: Tue, 24 Jan 2023 21:46:35 GMT
Connection: keep-alive

static.depositfiles.com/js/download_utils.js

91.226.124.77

200 OK

13383

URL HTTP/1.1

static.depositfiles.com/js/download_utils.js
IP

91.226.124.77:0
ASN

#35415 Webzilla B.V.

Magic

ASCII text, with very long lines (2250)

Size

13383
Hash

90a706006bc709cdc974ff3e0e01b34f

89585d2c7cac44c9c03c118bbb38aefba1d8a1e4

16f1515b9938fc7de086c504fe214484d97e237647a5d7fa2cb742a93f00c1ea

HTTP Headers

                                        GET /js/download_utils.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:46:35 GMT
Content-Type: application/javascript
Content-Length: 13383
Last-Modified: Thu, 28 Apr 2022 10:40:27 GMT
Connection: keep-alive
ETag: "626a6f1b-3447"
Expires: Tue, 24 Jan 2023 21:51:35 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

216.58.211.3:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

47d71bf163265666c21e2410fb568043

54a4b0f241af261f878967ce058f5885be476cc4

8b7ce4c8269941cf55ca12415b1abfd7d4ae7bf5823657f3afe5e8dd34bed80b

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 21:46:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

static.depositfiles.com/js/gold_offer.js

91.226.124.77

200 OK

9887

URL HTTP/1.1

static.depositfiles.com/js/gold_offer.js
IP

91.226.124.77:0
ASN

#35415 Webzilla B.V.

Magic

HTML document text\012- HTML document, ASCII text

Size

9887
Hash

041bdbbe3ac15bc57b14933e164b55f8

790f921426d0b602424fb3077ca900af94b5ad9e

a86d8d81e5c254822628c578c40d2d62956ab3060632d1884b5080093365b97b

HTTP Headers

                                        GET /js/gold_offer.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:46:35 GMT
Content-Type: application/javascript
Content-Length: 9887
Last-Modified: Thu, 28 Apr 2022 10:40:27 GMT
Connection: keep-alive
ETag: "626a6f1b-269f"
Expires: Tue, 24 Jan 2023 21:51:35 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes

static.depositfiles.com/js/jquery.validate.js

91.226.124.77

200 OK

38269

URL HTTP/1.1

static.depositfiles.com/js/jquery.validate.js
IP

91.226.124.77:0
ASN

#35415 Webzilla B.V.

Magic

Unicode text, UTF-8 text, with very long lines (1238)

Size

38269
Hash

d5231b6378847ebdb55f64c77d5a234f

eed97aa0b2aa9486b6f6831ed8a85dc729ad6b9c

95434a8a2568a6481a1fbcf5808a75dd58e77348ed6d70b4f7aeda8842e8f0c7

HTTP Headers

                                        GET /js/jquery.validate.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:46:35 GMT
Content-Type: application/javascript
Content-Length: 38269
Last-Modified: Thu, 28 Apr 2022 10:40:27 GMT
Connection: keep-alive
ETag: "626a6f1b-957d"
Expires: Tue, 24 Jan 2023 21:51:35 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes

static.depositfiles.com/js/function.js

91.226.124.77

200 OK

34915

URL HTTP/1.1

static.depositfiles.com/js/function.js
IP

91.226.124.77:0
ASN

#35415 Webzilla B.V.

Magic

ASCII text, with very long lines (4240)

Size

34915
Hash

a5779d2f560cd50376dbba372b0fd15b

07b08e35b9254288c1372e37577db8b9e4da01b4

51d26403861d61a7842bc73f518d4a4351a7027c40c9f0347f61421226950b84

HTTP Headers

                                        GET /js/function.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:46:35 GMT
Content-Type: application/javascript
Content-Length: 34915
Last-Modified: Thu, 28 Apr 2022 10:40:27 GMT
Connection: keep-alive
ETag: "626a6f1b-8863"
Expires: Tue, 24 Jan 2023 21:51:35 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes

static.depositfiles.com/css/main.css

91.226.124.77

200 OK

46819

URL HTTP/1.1

static.depositfiles.com/css/main.css
IP

91.226.124.77:0
ASN

#35415 Webzilla B.V.

Magic

ASCII text, with very long lines (332)

Size

46819
Hash

cea03c07a2dcdd9444f5f6de6a3f6c64

89307ec85eb1fa31aa0b0d759e13f78970b0375b

5ecd5842291f787ca0d39182e73ab7992ed55dccce2aaeb7cfc4e10ba3917634

HTTP Headers

                                        GET /css/main.css HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:46:35 GMT
Content-Type: text/css
Last-Modified: Thu, 28 Apr 2022 10:40:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"626a6f19-2f719"
Expires: Tue, 24 Jan 2023 21:51:35 GMT
Cache-Control: max-age=300
Content-Encoding: gzip

static.depositfiles.com/js/base2.js

91.226.124.77

200 OK

398927

URL HTTP/1.1

static.depositfiles.com/js/base2.js
IP

91.226.124.77:0
ASN

#35415 Webzilla B.V.

Magic

Unicode text, UTF-8 text, with very long lines (65481)

Size

398927
Hash

2fcae8126c3fd9a626370a701f0bd887

f3496fb7bbe122a9774d7dcfcd68da03a24dc285

d29ab86f64b4fcfbc45b9ef806c147f1e42e37e37d44a559147232288063badc

HTTP Headers

                                        GET /js/base2.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:46:35 GMT
Content-Type: application/javascript
Content-Length: 398927
Last-Modified: Thu, 28 Apr 2022 10:40:27 GMT
Connection: keep-alive
ETag: "626a6f1b-6164f"
Expires: Tue, 24 Jan 2023 21:51:35 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329

URL HTTP/2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (329), with no line terminators

Size

329
Hash

0333b0655111aa68de771adfcc4db243

63f295a144ac87a7c8e23417626724eeca68a7eb

60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

                                        GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 24 Jan 2023 20:48:59 GMT
age: 3456
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

c398b6b39d11d25b8ae9bc5cd94a1c98

640aa8c399ced71d0c2a9f5a90fbaf091b01d642

a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17789
Expires: Wed, 25 Jan 2023 02:43:04 GMT
Date: Tue, 24 Jan 2023 21:46:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

698b6ba9ccaa05fe77921f60c658d465

4bf1c2824672d0545f2538e41d5d046028ba74c9

24c1e9f42f1c5d74cd0407d7706c865d2d2b01b01f62f3072a050602c15ce2a6

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "24C1E9F42F1C5D74CD0407D7706C865D2D2B01B01F62F3072A050602C15CE2A6"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4405
Expires: Tue, 24 Jan 2023 23:00:00 GMT
Date: Tue, 24 Jan 2023 21:46:35 GMT
Connection: keep-alive

push.services.mozilla.com/

54.148.70.121

101 Switching Protocols

URL HTTP/1.1

push.services.mozilla.com/
IP

54.148.70.121:0
ASN

#16509 AMAZON-02

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /M7BWdv0MW+cFo2k6Gy51g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: djncE71rHfBsZKvV/49DlvG6oOw=

pl16105218.highcpmrevenuenetwork.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js

192.243.59.13

200 OK

13433

URL HTTP/1.1

pl16105218.highcpmrevenuenetwork.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js
IP

192.243.59.13:0
ASN

#39572 DataWeb Global Group B.V.

Magic

ASCII text, with very long lines (37143), with no line terminators

Size

13433
Hash

36aa47354a9f943297879c3a4eff21a4

e149b77eb8c785fc0a05138c8af0f2b567103cc3

97f9ec0e9a663e76b5f7a3e4bf900f1e4318d784c5512dba7187b60acef6d757

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

                                        GET /22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js HTTP/1.1
Host: pl16105218.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 24 Jan 2023 21:46:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e4a53c8aab47a7dbca76ef9336e42054
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

static.depositfiles.com/images/no.png

91.226.124.77

200 OK

3146

URL HTTP/1.1

static.depositfiles.com/images/no.png
IP

91.226.124.77:0
ASN

#35415 Webzilla B.V.

Magic

PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data

Size

3146
Hash

1724ae7b4437c460dafe40dfe9f96d41

8dc80d5b802f180254a8ee1bf1edf0b843205f1e

9b95b8f24b2b0808d611f4fd9bf5f3c548b352ae6100ab7b298b99a86905db79

HTTP Headers

                                        GET /images/no.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:46:35 GMT
Content-Type: image/png
Content-Length: 3146
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-c4a"
Accept-Ranges: bytes

static.depositfiles.com/images/speed_small.gif

91.226.124.77

200 OK

23980

URL HTTP/1.1

static.depositfiles.com/images/speed_small.gif
IP

91.226.124.77:0
ASN

#35415 Webzilla B.V.

Magic

GIF image data, version 89a, 200 x 200\012- data

Size

23980
Hash

5cbc96bbb7230dd17ed38b5dd6e3271c

6ee1f0b9e29ac3e824cccd6e5135d51c8d3aaea1

01edcbb65e514def555b1e999d3a72f118f67e572f628293b91893b3758c6991

HTTP Headers

                                        GET /images/speed_small.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:46:35 GMT
Content-Type: image/gif
Content-Length: 23980
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-5dac"
Expires: Sun, 29 Jan 2023 21:46:35 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

static.depositfiles.com/images/yes.png

91.226.124.77

200 OK

3275

URL HTTP/1.1

static.depositfiles.com/images/yes.png
IP

91.226.124.77:0
ASN

#35415 Webzilla B.V.

Magic

PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data

Size

3275
Hash

3055b8489aeb385fb40b27f0bf0a5ae7

4cfbe45a0ba393ab8ad535cc04af30debef0a1ab

b325d6cb153b02050e59230e2abfb01e05f4bda708ad54bd8f6d9693fa9c2dac

HTTP Headers

                                        GET /images/yes.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:46:35 GMT
Content-Type: image/png
Content-Length: 3275
Last-Modified: Thu, 28 Apr 2022 10:40:27 GMT
Connection: keep-alive
ETag: "626a6f1b-ccb"
Accept-Ranges: bytes

static.depositfiles.com/images/speed_small_gold.gif

91.226.124.77

200 OK

14492

URL HTTP/1.1

static.depositfiles.com/images/speed_small_gold.gif
IP

91.226.124.77:0
ASN

#35415 Webzilla B.V.

Magic

GIF image data, version 89a, 200 x 200\012- data

Size

14492
Hash

c5f8f0e9ecd16637e267912376c24bed

324567a641d318ecfafe6374dfba86ccb2f90dd7

13678b229b6c4224bcb9578a2f29bc3686958f4bea73af7645eb39af4246e6a9

HTTP Headers

                                        GET /images/speed_small_gold.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:46:35 GMT
Content-Type: image/gif
Content-Length: 14492
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-389c"
Expires: Sun, 29 Jan 2023 21:46:35 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

static.depositfiles.com/images/logo.png

91.226.124.77

200 OK

3623

URL HTTP/1.1

static.depositfiles.com/images/logo.png
IP

91.226.124.77:0
ASN

#35415 Webzilla B.V.

Magic

PNG image data, 176 x 43, 8-bit/color RGBA, non-interlaced\012- data

Size

3623
Hash

c41fdd84b04e45a91cb17cfdeccb1b38

fec7fffe104c7e169aeb159032078c4b71ff2cdc

7f89eb8ab03684f4db282ca30eb231b1e254bca10c7b511950df5e0eab0a68a0

HTTP Headers

                                        GET /images/logo.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:46:35 GMT
Content-Type: image/png
Content-Length: 3623
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-e27"
Accept-Ranges: bytes

static.depositfiles.com/images/member_menu_bg.gif

91.226.124.77

200 OK

URL HTTP/1.1

static.depositfiles.com/images/member_menu_bg.gif
IP

91.226.124.77:0
ASN

#35415 Webzilla B.V.

Magic

GIF image data, version 89a, 1 x 48\012- data

Size

78
Hash

20a24b56dcedf6a71a71ebec771e1f7d

d7bed493d5d4eeaed5dbbf7d30d45107840790a0

6f57f29224d8e9e51ed0839e329055426fba7dcd97ef31e93ed495f93a6063df

HTTP Headers

                                        GET /images/member_menu_bg.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:46:35 GMT
Content-Type: image/gif
Content-Length: 78
Last-Modified: Thu, 28 Apr 2022 10:40:26 GMT
Connection: keep-alive
ETag: "626a6f1a-4e"
Expires: Sun, 29 Jan 2023 21:46:35 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

static.depositfiles.com/images/upload_btn_bg.gif

91.226.124.77

200 OK

9010

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (74)

#1 JS:Script (size: 240)

#2 JS:Script (size: 153217)

#3 JS:Script (size: 148)

#4 JS:Script (size: 256)

#5 JS:Script (size: 141)

#6 JS:Script (size: 325)

#7 JS:Script (size: 232577)

#8 JS:Script (size: 13383)

#9 JS:Script (size: 398927)

#10 JS:Script (size: 722)

#11 JS:Script (size: 124)

#12 JS:Script (size: 139)

#13 JS:Script (size: 85260)

#14 JS:Script (size: 2882)

#15 JS:Script (size: 240)

#16 JS:Script (size: 67)

#17 JS:Script (size: 410520)

#18 JS:Script (size: 38269)

#19 JS:Script (size: 475)

#20 JS:Script (size: 0)

#21 JS:Script (size: 85804)

#22 JS:Script (size: 2603)

#23 JS:Script (size: 659)

#24 JS:Script (size: 9887)

#25 JS:Script (size: 141)

#26 JS:Script (size: 270687)

#27 JS:Script (size: 99)

#28 JS:Script (size: 58734)

#29 JS:Script (size: 34915)

#30 JS:Script (size: 37143)

#31 JS:Script (size: 418)

#32 JS:Script (size: 145)

#33 JS:Script (size: 196)

#34 JS:Script (size: 27061)

#35 JS:Script (size: 11195)

#36 JS:Script (size: 955)

#37 JS:Script (size: 2651)

#38 JS:Script (size: 781)

#39 JS:Script (size: 850)

#40 JS:Script (size: 6403)

#41 JS:Script (size: 26)

#1 JS:Eval (size: 42)

#2 JS:Eval (size: 30)

#3 JS:Eval (size: 25)

#4 JS:Eval (size: 28)

#5 JS:Eval (size: 21)

#6 JS:Eval (size: 41)

#7 JS:Eval (size: 35)

#8 JS:Eval (size: 32)

#9 JS:Eval (size: 33)

#10 JS:Eval (size: 21)

#11 JS:Eval (size: 39)

#12 JS:Eval (size: 43)

#13 JS:Eval (size: 45)

#14 JS:Eval (size: 41)

#15 JS:Eval (size: 35)