Report - dfiles.eu/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64

Report Overview

Visited public
2024-09-14 20:32:30
Tags
Submit Tags
URL
dfiles.eu/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Finishing URL
dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
IP / ASN
91.226.124.104
#35415 Webzilla B.V.
Title
(1) New Message!

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
councernedasesi.com	unknown	unknown	No data	No data	983 B	1.4 kB	188.114.96.1
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2024-09-12 18:18:16	400 B	1.3 kB	142.250.74.132
cdn.show-creative1.com	unknown	2024-08-20	2024-08-27 20:37:00	2024-09-07 11:55:54	483 B	2.3 kB	172.67.208.42
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-09-13 18:12:22	2.6 kB	7.1 kB	23.36.76.226
e017807b72.5437c7c977.com	unknown	2024-08-15	2024-09-14 11:58:30	2024-09-14 12:52:11	817 B	343 B	45.133.44.52
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15 17:46:22	2024-09-14 15:49:20	2.0 kB	108 kB	104.21.70.253
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-09-14 00:50:48	416 B	8.8 kB	142.250.74.170
honourprecisionsuited.com	unknown	2024-08-09	2024-09-04 11:30:38	2024-09-14 13:22:12	7.7 kB	52 kB	192.243.61.227
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2024-09-14 14:37:17	470 B	218 kB	142.250.74.99
accounts.google.com	81	1997-09-15	2016-03-20 13:44:49	2024-09-13 18:12:35	3.6 kB	13 kB	64.233.161.84
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-09-14 18:25:40	1.1 kB	39 kB	142.250.74.99
discovernative.com	223598	2018-03-20	2018-04-22 17:32:18	2024-07-20 13:56:56	3.1 kB	5.8 kB	172.67.150.145
cdn.cookie-script.com	41338	2013-05-28	2020-07-25 17:45:32	2024-09-14 18:16:38	412 B	24 kB	146.185.171.17
js.wpadmngr.com	25762	2021-06-02	2021-06-02 16:43:46	2024-09-13 18:12:56	814 B	120 kB	45.133.44.53
adsbb.dfiles.com	unknown	unknown	No data	No data	8.4 kB	290 kB	91.226.124.104
st.zarebasdezaley.com	unknown	2023-06-26	2024-08-26 10:33:14	2024-08-31 22:14:15	412 B	1.5 kB	188.42.108.108
js.capndr.com	316718	2021-08-30	2021-08-30 14:51:01	2024-09-14 11:58:28	397 B	397 B	45.133.44.52
pubtrky.com	unknown	2023-11-21	2023-11-21 12:12:26	2024-09-14 14:06:32	464 B	560 B	172.67.188.110
js.wpshsdk.com	12130	2021-06-04	2021-06-04 15:50:00	2024-09-14 12:08:00	407 B	35 kB	45.133.44.53
acscdn.com	93608	2020-05-05	2020-05-06 10:07:13	2024-09-14 14:06:28	806 B	106 kB	188.114.96.1
d2uu46itxfd65q.cloudfront.net	unknown	2008-04-25	2024-08-18 11:44:58	2024-08-27 13:58:58	1.1 kB	56 kB	143.204.42.112
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2024-09-13 20:40:11	421 B	417 B	18.184.48.111
recordedthereby.com	unknown	2024-05-08	2024-05-14 07:24:53	2024-09-13 20:40:11	409 B	28 kB	188.114.97.1
fp.metricswpsh.com	unknown	2021-10-29	2022-04-22 13:20:32	2024-09-14 11:58:30	496 B	325 B	157.90.84.242
cdnativ.com	346852	2018-03-20	2018-04-17 12:25:22	2024-03-15 09:25:10	1.4 kB	64 kB	104.21.1.203
unseenreport.com	unknown	2022-03-30	2022-03-30 16:33:17	2024-09-13 20:40:18	1.5 kB	943 B	192.243.59.12
dfiles.eu	434493	unknown	2012-12-23 12:05:24	2023-12-18 10:36:46	519 B	17 kB	91.226.124.125
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-09-14 18:12:51	654 B	1.8 kB	23.36.76.226
subqueriesendedgrounds.com	unknown	2024-02-16	2024-02-16 22:24:30	2024-02-28 16:59:18	440 B	14 kB	172.240.108.84
consent.cookie-script.com	119016	2013-05-28	2018-05-24 20:22:11	2024-09-13 19:22:11	515 B	635 B	116.203.90.127
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2024-09-14 18:17:47	419 B	319 kB	142.250.74.168
dfiles.com	unknown	2010-04-02	2017-03-14 00:19:34	2023-05-20 11:12:16	518 B	111 kB	91.226.124.104
spinesoftsettle.com	unknown	2024-08-09	2024-09-04 11:55:15	2024-09-14 15:49:19	481 B	494 B	172.240.253.132
superonclick.com	179683	2015-04-27	2015-04-29 02:55:33	2024-07-20 13:56:56	1.2 kB	52 kB	172.67.189.120
ukankingwithea.com	unknown	2024-01-01	2024-09-07 02:18:13	2024-09-13 21:13:28	838 B	104 kB	188.114.97.1
hiidevelelastic.com	unknown	unknown	No data	No data	946 B	1.8 kB	108.157.214.81
na.nawpush.com	38563	2020-12-21	2020-12-23 09:18:12	2024-09-14 11:58:28	451 B	1.2 kB	45.133.44.25
storage.multstorage.com	unknown	2023-09-22	2023-09-22 14:56:00	2024-09-14 11:58:30	520 B	1.1 kB	172.67.174.51
static.depositfiles.com	unknown	2005-11-05	2012-05-24 17:07:52	2024-01-17 15:13:55	4.9 kB	760 kB	91.226.124.125

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-09-14	medium	zarebasdezaley.com	Sinkholed
2024-09-14	medium	5437c7c977.com	Sinkholed
2024-09-14	medium	unseenreport.com	Sinkholed
2024-09-14	medium	unseenreport.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (41)

	URL	From	Size	First Seen	Last Seen
	adsbb.dfiles.com/upload/2303/ad2775297311915a.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9	ScriptElement	0 B	0001-01-01	2025-07-16
Pretty URL adsbb.dfiles.com/upload/2303/ad2775297311915a.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9 IP 91.226.124.104 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-07-16 07:07 Times Seen5433695 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js	ScriptElement	1.6 kB	2023-05-06	2025-07-16
Pretty URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-06 01:21 Last Seen2025-07-16 06:49 Times Seen29792 Hash 2e9e391ad98fbe1b2de0b7b4fa9ca904 21d7771223e8286a06ad878af425094a40de32b5 1468d954f25ab75355f3c0f42cd9c84efd64a67922c47d3b69bdb6d0eb399e69 Loading...

	storage.multstorage.com/log/count.html	ScriptElement	718 B	2023-09-18	2025-03-01
Pretty URL storage.multstorage.com/log/count.html IP 172.67.174.51 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-18 17:19 Last Seen2025-03-01 23:33 Times Seen12563 Hash 1f697a0f2411e463adbc1211493fe5a6 93c154152bda427938543b8efbd8d3b594abbac7 08a5735f5232b651af89f552e8d0fb7b21d6605fba48f335318699d80d12703e Loading...

	dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe	ScriptElement	154 B	2023-03-13	2025-02-09
Pretty URL dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe IP 91.226.124.104 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 20:01 Last Seen2025-02-09 13:49 Times Seen736 Hash a5d30d6e8f7d127b22036f0cba694312 48b3fda0a81aeee349d1d58c1064e6028ad01500 3535afb4b7453318c16fd30caa8ed102f9e880596bd4391c7aff5be03295cdf0 Loading...

	dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe	ScriptElement	148 B	2023-03-07	2025-07-04
Pretty URL dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe IP 91.226.124.104 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:26 Last Seen2025-07-04 03:59 Times Seen801 Hash 39f8fffd2249f3bb9deb92a533243df9 ee75ba64aea887c758cd24407d003bc9494237f3 62cdfe74dd5ba57340776bc53ee95b20c286efbc7c467ece9594d27e24b48dcd Loading...

	unknown	ScriptElement	601 B	2023-03-07	2024-10-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26 Last Seen2024-10-11 08:58 Times Seen148 Hash d06d3ac0e19b88c449b951e14f241106 67bd1dff869fa33027f7a17d145156ffd8478fa7 17b621fa95aa5faba31bd1084de0c6dc4126072485e654eafe7f24a49a922cfd Loading...

	superonclick.com/script/native_render.js	ScriptElement	4.3 kB	2023-03-07	2025-07-16
Pretty URL superonclick.com/script/native_render.js IP 172.67.189.120 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27 Last Seen2025-07-16 01:17 Times Seen601 Hash 8b801d68c6f63f9ef8a9a7aa484b9c75 39c16d0e174c5632f1a54f2ff2c58b6365cf47c4 7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51 Loading...

	st.zarebasdezaley.com/rElOMp01Ir4mkXM/anJBO	ScriptElement	0 B	0001-01-01	2025-07-16
Pretty URL st.zarebasdezaley.com/rElOMp01Ir4mkXM/anJBO IP 188.42.108.108 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-07-16 07:07 Times Seen5433695 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	recordedthereby.com/sfp.js	ScriptElement	85 kB	2024-05-17	2025-01-21
Pretty URL recordedthereby.com/sfp.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-17 16:43 Last Seen2025-01-21 11:22 Times Seen13574 Hash 7e3e44049654b6e244c1777e68ffb8e7 8f2a8298666d607afd92a0baa362ef4dc9ccd039 4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b Loading...

	superonclick.com/script/style.js	ScriptElement	41 kB	2023-03-07	2025-07-16
Pretty URL superonclick.com/script/style.js IP 172.67.189.120 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03 Last Seen2025-07-16 01:17 Times Seen535 Hash f6f9c433637f7abffaf0eb918b83874c b2fe86ef85e729459425dcbfa683682188fca3ef 07e8d6ea069f651d48ad47731cce6d24417176b3a353554f40fe2d5f8b81afb1 Loading...

	dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe	ScriptElement	784 B	2024-09-04	2025-07-04
Pretty URL dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe IP 91.226.124.104 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-09-04 20:52 Last Seen2025-07-04 03:59 Times Seen237 Hash 8d7571c0e0cf3924eaebc018ce966d09 6e6902fbe618a16c768872058fef2047105d10fa f44fe5b37ce0135e8080d2282d1269e7d81bc121ecb4e5eb9ed3b3253883917b Loading...

	js.wpadmngr.com/static/adManager.m.js	ScriptElement	117 kB	2024-09-09	2024-09-28
Pretty URL js.wpadmngr.com/static/adManager.m.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-09 13:58 Last Seen2024-09-28 08:49 Times Seen202 Hash 5d98177f4376f838d125317f9f070073 f06e3d38908da33bcbe47849c005f91ea35e1685 2959555569dfce6c5ccf87ea9b0b33eaaee91c2bd1bb1e2f19d6d002f1926fed Loading...

	adsbb.dfiles.com/static/js/jquery-1.5.1.min.js	ScriptElement	85 kB	2023-03-07	2025-07-13
Pretty URL adsbb.dfiles.com/static/js/jquery-1.5.1.min.js IP 91.226.124.104 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 22:42 Times Seen1767 Hash b04a3bccd23ddeb7982143707a63ccf9 4a5dc1389aad050a44ee5e81408238a317ab3413 764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b Loading...

	js.wpshsdk.com/npc/sdk/push.m.js?v=1	ScriptElement	34 kB	2024-07-23	2024-10-04
Pretty URL js.wpshsdk.com/npc/sdk/push.m.js?v=1 IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-23 21:01 Last Seen2024-10-04 11:24 Times Seen676 Hash ad88062063be5bf189b3a9e45af77e7a 0b17f39ef23bf03e0a1fc95df405d87f58bb11ad 7e37ff193f8ff270be63999a72f18ee2dc05833e5dac26a6e7e925c476ea3296 Loading...

	static.depositfiles.com/js/jquery.validate.js	ScriptElement	38 kB	2023-04-05	2025-07-10
Pretty URL static.depositfiles.com/js/jquery.validate.js IP 91.226.124.125 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 16:56 Last Seen2025-07-10 01:14 Times Seen842 Hash f6d96c36018433b4c22c84fa072983df 3db792e82c157ffc093a3cea08e873343beb6452 df875197ee9dd42c13d717a36886997f9daa05e02641daa025c9039bb37b6126 Loading...

	dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe	ScriptElement	475 B	2023-03-07	2025-07-06
Pretty URL dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe IP 91.226.124.104 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:26 Last Seen2025-07-06 10:36 Times Seen801 Hash 7d5b8ae86ab79df757399336af6dc4e6 d80237486fe292a185a576578308234114e302ce bf66c6e0c4ea53d83f6c17058e513aee1ff1c1fd319fe8fca1970ccc2151fed7 Loading...

	honourprecisionsuited.com/c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js	ScriptElement	95 kB	2024-09-12	2024-09-19
Pretty URL honourprecisionsuited.com/c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-12 15:55 Last Seen2024-09-19 21:03 Times Seen2 Hash 20d2a7338d0a8bac7927c2031f20b8b0 585168ade58883f2c60c61a3a7e18aa9abc54fe4 f0e031d75ead6cf40a0b549f65e1f082b8bdba5650696043ae256a3c6430157c Loading...

	superonclick.com/script/native_server.js	ScriptElement	9.3 kB	2023-03-07	2025-07-16
Pretty URL superonclick.com/script/native_server.js IP 172.67.189.120 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27 Last Seen2025-07-16 01:17 Times Seen598 Hash 51d87e9ebd831fccab6a016079a60793 6b49820f3423d2414f0404523439159070564f40 e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd Loading...

	dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe	ScriptElement	140 B	2024-09-04	2025-07-06
Pretty URL dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe IP 91.226.124.104 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-09-04 20:52 Last Seen2025-07-06 10:36 Times Seen235 Hash f9117e6bfccd2aaff118b4ece1ba1ac7 ad45787fbc2cb1d039da2461bb11918b59d0e19d 38739507332bd5271e89ac0f20eaa4a9c9d455c2938abe2ba8137e61157afe94 Loading...

	acscdn.com/script/ut.js?cb=1726345923965	ScriptElement	63 kB	2024-07-24	2024-10-11
Pretty URL acscdn.com/script/ut.js?cb=1726345923965 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-24 18:59 Last Seen2024-10-11 09:16 Times Seen946 Hash e7bb8a3e002fb7cbc1b3ca32b73e6ac5 3620ea4939ad23830f716bfd94d4cb5e106cda89 0deb5082ddbcd905a8d9fff21cf5dfd1afdac4744f149a4db2801af971850390 Loading...

	www.google.com/recaptcha/api.js	ScriptElement	870 B	2024-09-06	2025-06-16
Pretty URL www.google.com/recaptcha/api.js IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-06 03:02 Last Seen2025-06-16 20:37 Times Seen1213 Hash db3f5a748364d84b2b5f75e3d4e851d0 17b34ff20d429abee726b4b74530e5af2819f7bc 343ed5ecd144d781de67aa8638b1ca4fce5772faedbb72720daacb250884f4e1 Loading...

	discovernative.com/script/native.php?nwpsv=1&r=8033562&cbrandom=0.5296151996385043&cbWidth=240&cbHeight=800&cbtitle=&cbref=https%3A%2F%2Fdfiles.com%2F&cbdescription=DepositFiles+provides+you+with+a+legitimate+technical+solution%2C+which++enables+you+to+upload%2C+store%2C+access+and+download+text%2C+software%2C++scripts%2C+images%2C+sounds%2C+videos%2C+animations+and+any+other+materials+in+form+of+one+or+several+electronic+files.&cbkeywords=&cbiframe=1&callback=jsonp496473&wthnfp=1&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits	ScriptElement	3.5 kB	2024-09-19	2024-09-19
Pretty URL discovernative.com/script/native.php?nwpsv=1&r=8033562&cbrandom=0.5296151996385043&cbWidth=240&cbHeight=800&cbtitle=&cbref=https%3A%2F%2Fdfiles.com%2F&cbdescription=DepositFiles+provides+you+with+a+legitimate+technical+solution%2C+which++enables+you+to+upload%2C+store%2C+access+and+download+text%2C+software%2C++scripts%2C+images%2C+sounds%2C+videos%2C+animations+and+any+other+materials+in+form+of+one+or+several+electronic+files.&cbkeywords=&cbiframe=1&callback=jsonp496473&wthnfp=1&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits IP 172.67.150.145 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-19 20:34 Last Seen2024-09-19 20:34 Times Seen1 Hash 33f043d58cc237fdffcc710243907462 37b4ac98762d8a4ad2430d1fb3a661e9b6eb05e0 e991e6d339fc0a83601aa22fc754874a330b2bad6a48967dad569fbf268046ad Loading...

	cdn.cookie-script.com/iabtcf/2.2/sdk_cmp.js	ScriptElement	95 kB	2024-06-18	2024-10-11
Pretty URL cdn.cookie-script.com/iabtcf/2.2/sdk_cmp.js IP 146.185.171.17 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-18 09:25 Last Seen2024-10-11 08:58 Times Seen164 Hash d25337f1b7516581bccf8f576539b2c7 4dcec87867e4010c08cf459ace716ad562f38d62 6d4d87335ff64dda49c994d86406cf54ce0bcfd161c5cb20f99a68cc498b2710 Loading...

	dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe	ScriptElement	366 B	2024-09-19	2024-09-19
Pretty URL dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe IP 91.226.124.104 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-09-19 20:34 Last Seen2024-09-19 20:34 Times Seen1 Hash e68f07ff8d9dd57f9471d3d9459e5e74 e8cfbcc5e9a642d94619365d75ac4b99b45fb710 c0dfc71b014693ad5ee8f5d9c7104b579a6d083d21428157aa086ff69c87054f Loading...

	dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe	ScriptElement	146 B	2024-09-05	2025-06-01
Pretty URL dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe IP 91.226.124.104 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-09-05 08:48 Last Seen2025-06-01 10:37 Times Seen50 Hash bd7c19806ec54cb8daaef3f9a3869778 e946fd9de3e1d6caa6d35ad4c809da7efa78caa6 e81b36284dc55f0a91d5b113bac279b702526a6d16cde82fe3e4dfbbf848160c Loading...

	www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__en.js	ScriptElement	551 kB	2024-09-05	2025-05-17
Pretty URL www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__en.js IP 142.250.74.99 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-05 17:46 Last Seen2025-05-17 12:03 Times Seen4597 Hash c7be68088b0a823f1a4c1f77c702d1b4 05d42d754afd21681c0e815799b88fbe1fbabf4e 4943e91f7f53318d481ca07297395abbc52541c2be55d7276ecda152cd7ad9c3 Loading...

	discovernative.com/script/native.php?nwpsv=1&r=8033562&cbrandom=0.5296151996385043&cbWidth=240&cbHeight=800&cbtitle=&cbref=https%3A%2F%2Fdfiles.com%2F&cbdescription=DepositFiles%20provides%20you%20with%20a%20legitimate%20technical%20solution%2C%20which%20%20enables%20you%20to%20upload%2C%20store%2C%20access%20and%20download%20text%2C%20software%2C%20%20scripts%2C%20images%2C%20sounds%2C%20videos%2C%20animations%20and%20any%20other%20materials%20in%20form%20of%20one%20or%20several%20electronic%20files.&cbkeywords=&cbiframe=1&&callback=jsonp496473	ScriptElement	1.4 kB	2024-09-19	2024-09-19
Pretty URL discovernative.com/script/native.php?nwpsv=1&r=8033562&cbrandom=0.5296151996385043&cbWidth=240&cbHeight=800&cbtitle=&cbref=https%3A%2F%2Fdfiles.com%2F&cbdescription=DepositFiles%20provides%20you%20with%20a%20legitimate%20technical%20solution%2C%20which%20%20enables%20you%20to%20upload%2C%20store%2C%20access%20and%20download%20text%2C%20software%2C%20%20scripts%2C%20images%2C%20sounds%2C%20videos%2C%20animations%20and%20any%20other%20materials%20in%20form%20of%20one%20or%20several%20electronic%20files.&cbkeywords=&cbiframe=1&&callback=jsonp496473 IP 172.67.150.145 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-19 20:34 Last Seen2024-09-19 20:34 Times Seen1 Hash cde4f7e9503fec2312057728f74de06e ef2576788dda5bd27ec8e30ffe3676749cbe40a7 a740935ecd32280819bcc285b2788d6370d0a423e1fee792c1b38e5e53178538 Loading...

	static.depositfiles.com/js/base2.js	ScriptElement	399 kB	2023-03-07	2025-07-06
Pretty URL static.depositfiles.com/js/base2.js IP 91.226.124.125 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02 Last Seen2025-07-06 10:36 Times Seen802 Hash 2fcae8126c3fd9a626370a701f0bd887 f3496fb7bbe122a9774d7dcfcd68da03a24dc285 d29ab86f64b4fcfbc45b9ef806c147f1e42e37e37d44a559147232288063badc Loading...

	acscdn.com/script/aclib.js	ScriptElement	127 kB	2024-08-28	2024-09-20
Pretty URL acscdn.com/script/aclib.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-28 12:51 Last Seen2024-09-20 20:16 Times Seen142 Hash 91182a3b4a3ee55049db24b492ec23fc 00479b17b078d21576e2de436a578e79729e0e06 085f727ed707e4cf3177cdd33747bf8ae71584d8cfd35cc92db0e4b16a4e34ff Loading...

	d2uu46itxfd65q.cloudfront.net/?tiuud=997276	ScriptElement	168 kB	2024-09-19	2024-09-19
Pretty URL d2uu46itxfd65q.cloudfront.net/?tiuud=997276 IP 143.204.42.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-19 20:34 Last Seen2024-09-19 20:34 Times Seen2 Hash e9f2cfcca4b91ea94596f4a6cb9766fd 5681fc27cb5afc57e652b817c3ebdd9b6d61dd71 c697c514815e8c84adce08bbb6f1f158838d774ff1374a62159322fa204ea06e Loading...

	dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe	ScriptElement	313 B	2023-03-07	2025-06-01
Pretty URL dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe IP 91.226.124.104 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29 Last Seen2025-06-01 10:37 Times Seen232 Hash 64eb5b1c65942cd9115f1f07e23ef1bf c41b603bb92b894b215c529117258bf431a8e9d4 65a32bd21267edccaf887e2ca0f3b8721770bbbe8446d228c544e2aa022cd7ab Loading...

	js.wpadmngr.com/static/adManager.js	ScriptElement	1.7 kB	2024-04-09	2025-07-16
Pretty URL js.wpadmngr.com/static/adManager.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-09 16:57 Last Seen2025-07-16 05:21 Times Seen3886 Hash 1e936cad37e18ba5bc2f07acd57447d6 f55969248208bb6871e28b9478761ffb25207c35 e98e6a93ea15df4d4fe1e38c890f29512d739f493428436defb914775df550f8 Loading...

	static.depositfiles.com/js/function.js	ScriptElement	35 kB	2023-03-07	2025-07-06
Pretty URL static.depositfiles.com/js/function.js IP 91.226.124.125 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26 Last Seen2025-07-06 10:36 Times Seen802 Hash a5779d2f560cd50376dbba372b0fd15b 07b08e35b9254288c1372e37577db8b9e4da01b4 51d26403861d61a7842bc73f518d4a4351a7027c40c9f0347f61421226950b84 Loading...

	dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe	ScriptElement	140 B	2024-09-05	2025-06-01
Pretty URL dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe IP 91.226.124.104 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-09-05 08:48 Last Seen2025-06-01 10:37 Times Seen50 Hash 4b1999220aa9678d7949290ea7708016 bcc35cf15b05d2b48eec9e96e1fc3c89ecda4402 ab44c0eb71bfac54007dcd0d332c6092e618492a34abca7d4e7e4e4815b37a29 Loading...

	dfiles.com/files/5zujuxxxt/sandbox%20eval%20code		128 B	2023-05-06	2025-07-16
Pretty URL dfiles.com/files/5zujuxxxt/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-06 01:21 Last Seen2025-07-16 06:49 Times Seen30051 Hash 23c336606ee3a6d444b305153fa0e2e2 473a2111970ae2a94b373e656d20c4bd4184d703 305375d5052f6a14434d2d338f852f0f4f04fb26495f88a5d62b6afde2e2cc60 Loading...

	subqueriesendedgrounds.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js	ScriptElement	32 kB	2024-09-19	2024-09-19
Pretty URL subqueriesendedgrounds.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js IP 172.240.108.84 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-19 20:34 Last Seen2024-09-19 20:34 Times Seen1 Hash 150df4a99d5c608b1f65fb349bffbccf 0c82c55f7b4e3caa1d9da09d960c5eb7050a57e7 a109cd8ce3d7fec0c222c1e6ae5d0b39399fd6f018407e0f7c1ad3cf96c5d17a Loading...

	dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe	ScriptElement	26 B	2023-03-07	2025-07-06
Pretty URL dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe IP 91.226.124.104 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:26 Last Seen2025-07-06 10:36 Times Seen800 Hash ed91f0c19cbcd50a62fe290680800145 b42572f05f14b93093f64b146245b32b3d0cbf9e c67d0cfcd4c4e9eb4c73c9ac4c4545d5628603946d522a5fca6f3106749df1e0 Loading...

	dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe	ScriptElement	107 B	2023-03-07	2025-06-27
Pretty URL dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe IP 91.226.124.104 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29 Last Seen2025-06-27 08:11 Times Seen256 Hash fa5cbfd2df4296e8149b3d8dc839e73b 9225470d8e39272fbe2966c3133cbc4b28c0b8fb d0e6b3ab7a4acedc68c7e282dd0f0a565f4bf832a3b0acba5b3855a44a12123d Loading...

	static.depositfiles.com/js/962e36ace9b4601f1f51f3e2010e41b9.js	ScriptElement	166 kB	2024-09-04	2025-03-07
Pretty URL static.depositfiles.com/js/962e36ace9b4601f1f51f3e2010e41b9.js IP 91.226.124.125 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-04 20:52 Last Seen2025-03-07 20:53 Times Seen193 Hash 2be5fcdf94b41708d74f41b7085d2ad2 f0dcfce29c979d9f8dc77fe7c50359dd24551166 f75c96c1b2f404495f796d87af8d205f3e79dfe6666a9a332d2903585fff8c5b Loading...

	www.googletagmanager.com/gtag/js?id=G-BL9163LYG1	ScriptElement	318 kB	2024-09-19	2024-09-19
Pretty URL www.googletagmanager.com/gtag/js?id=G-BL9163LYG1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-19 20:34 Last Seen2024-09-19 20:34 Times Seen1 Hash 8eaba0a7dd6b216fde919b6e412f834d a5b81d1c4f4dfbd59538c5e24bc5e9e6860d13e9 4a5bd8ebb7a5a55d48d79222c6b9092cc48defba2f43bdfa3f2a306645208343 Loading...

		Size	First Seen	Last Seen
	#1 Write - 3bc42f03b3f1761ea9f95a335ab2bbba	77 B	2023-03-07 01:26	2025-07-06 10:36
Pretty Observations First Seen2023-03-07 01:26 Last Seen2025-07-06 10:36 Times Seen786 Hash 3bc42f03b3f1761ea9f95a335ab2bbba 4ab15b6c153a542425f02baadcc1ed4867078b8d 1f8c7edef8c37d8821755ee623f481f29d6584195b327d15ac5abe6d243d8ec0 Loading...

HTTP Transactions (99)

URL IP Response Size

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
df2d88b80b39ed651ca6b7ee3465b1c4
1bd6e2288cd500728b6ea8a9ebe97c25aeedc550
604a907a35f947c7cf17c8f09efd5fbd8836864aedc55fbc49b66b8cc95bd089

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "604A907A35F947C7CF17C8F09EFD5FBD8836864AEDC55FBC49B66B8CC95BD089"
Last-Modified: Thu, 12 Sep 2024 14:37:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9481
Expires: Sat, 14 Sep 2024 23:10:03 GMT
Date: Sat, 14 Sep 2024 20:32:02 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c308b83848bd941aef071d961a8d73b1
c9e4724164f122b478b6cb4bdd389cb781cdb7f0
3144603a47d21cfdfaa18f9878ad9575fc770d5bb0e09650787ebfaa71021b03

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "3144603A47D21CFDFAA18F9878AD9575FC770D5BB0E09650787EBFAA71021B03"
Last-Modified: Fri, 13 Sep 2024 20:46:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10625
Expires: Sat, 14 Sep 2024 23:29:07 GMT
Date: Sat, 14 Sep 2024 20:32:02 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
a521992187a7753e7e9af22fa4d7a30d
6e95bb647f13ec6c3504bf4169855ebaaf41fcc7
d85a45604a79b1a8c7fd9770e318aeae0ce2123b6dc9fec308b727ccfcb63843

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "D85A45604A79B1A8C7FD9770E318AEAE0CE2123B6DC9FEC308B727CCFCB63843"
Last-Modified: Sat, 14 Sep 2024 04:28:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16414
Expires: Sun, 15 Sep 2024 01:05:36 GMT
Date: Sat, 14 Sep 2024 20:32:02 GMT
Connection: keep-alive

GET dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe

91.226.124.104

200 OK

111 kB

URL User Request GET HTTP/2
dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
IP
91.226.124.104:443
ASN
#35415 Webzilla B.V.

Certificate
IssuerLet's Encrypt
Subjectdfiles.com
Fingerprint4F:AA:3F:B0:44:48:F4:CA:17:7D:C7:60:4F:13:32:83:3F:7F:D2:B0
ValiditySat, 31 Aug 2024 12:43:59 GMT - Fri, 29 Nov 2024 12:43:58 GMT

File type
gzip compressed data, max speed, from Unix
Size
111 kB (110725 bytes)
Hash
a9ce52a736a7abc67e7dc00c54e62062
d196dc8924c377a6ecd5e34126047450f1cca49d
cc61ef314d1524df2e90550c514c8e3fcfaf9fa686c0a213bbf8155f05b41335

HTTP Headers

GET /files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe HTTP/1.1
Host: dfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: text/html; charset=UTF-8
date: Sat, 14 Sep 2024 20:32:02 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
set-cookie: PHPSESSID=d099f0446eb6817f3a78facef25269b6; path=/
last_file=5zujuxxxt; path=/; domain=.dfiles.com
lang_current=en; expires=Sun, 14-Sep-2025 20:32:02 GMT; Max-Age=31536000; path=/; domain=.dfiles.com; secure
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
45737e5faed5704f822bab647f3556c2
28c304842126deb26750939e3d1d54b8fc821e1d
70d4f98c345e9ca22d42e5a2460cb4bce325aa02e39bad9877d39f4ff9088b15

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "70D4F98C345E9CA22D42E5A2460CB4BCE325AA02E39BAD9877D39F4FF9088B15"
Last-Modified: Thu, 12 Sep 2024 14:57:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3451
Expires: Sat, 14 Sep 2024 21:29:34 GMT
Date: Sat, 14 Sep 2024 20:32:03 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
7298b8f8febf8e121f392aa4e395e533
acf93d1d6e7a2d2716c375c8356804a2aa8846d8
b72fb2bd4bebc870c7f58ae38178ee12b556f16b900bcb8617986caac516f18e

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "B72FB2BD4BEBC870C7F58AE38178EE12B556F16B900BCB8617986CAAC516F18E"
Last-Modified: Sat, 14 Sep 2024 15:21:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4899
Expires: Sat, 14 Sep 2024 21:53:42 GMT
Date: Sat, 14 Sep 2024 20:32:03 GMT
Connection: keep-alive

GET acscdn.com/script/aclib.js

188.114.96.1

200 OK

40 kB

URL GET HTTP/2
acscdn.com/script/aclib.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerGoogle Trust Services
Subjectacscdn.com
Fingerprint6A:82:7C:F8:F4:5D:E4:37:E5:69:54:AB:B9:28:D2:33:F8:22:0E:6B
ValidityFri, 23 Aug 2024 18:38:44 GMT - Thu, 21 Nov 2024 18:38:43 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65499), with no line terminators
Size
40 kB (40243 bytes)
Hash
91182a3b4a3ee55049db24b492ec23fc
00479b17b078d21576e2de436a578e79729e0e06
085f727ed707e4cf3177cdd33747bf8ae71584d8cfd35cc92db0e4b16a4e34ff

HTTP Headers

GET /script/aclib.js HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Sep 2024 20:32:03 GMT
content-type: text/javascript
expires: Sat, 14 Sep 2024 20:52:45 GMT
cache-control: public, max-age=3600
last-modified: Mon, 09 Sep 2024 13:14:04 GMT
etag: W/"91182a3b4a3ee55049db24b492ec23fc"
x-goog-generation: 1725887644499313
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 126653
x-goog-hash: crc32c=llEqmQ==, md5=kRgqO0o+5VBJ2yS0kuwj/A==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
x-guploader-uploadid: AD-8ljvcHXzt4lpFiAmdAe1cY_2RTRGykc43rdb-yvRQGPCueLqC3Vo8j733vFTowbxWuLZLC8o
cf-cache-status: HIT
age: 873
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yR8eNg7BxGCPmbM%2B736ffoSwUUKdPcXSXs%2B7tQIymLcqttObu2%2FoJzMqLnKM6O6NZfpPaUP9VMij%2B9g3txpV%2FvnBURbX4kFWxXoBgO6z4AKLSj0Uzkjw2flGHt0q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c3324e2cc18712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
7298b8f8febf8e121f392aa4e395e533
acf93d1d6e7a2d2716c375c8356804a2aa8846d8
b72fb2bd4bebc870c7f58ae38178ee12b556f16b900bcb8617986caac516f18e

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "B72FB2BD4BEBC870C7F58AE38178EE12B556F16B900BCB8617986CAAC516F18E"
Last-Modified: Sat, 14 Sep 2024 15:21:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4899
Expires: Sat, 14 Sep 2024 21:53:42 GMT
Date: Sat, 14 Sep 2024 20:32:03 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
7298b8f8febf8e121f392aa4e395e533
acf93d1d6e7a2d2716c375c8356804a2aa8846d8
b72fb2bd4bebc870c7f58ae38178ee12b556f16b900bcb8617986caac516f18e

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "B72FB2BD4BEBC870C7F58AE38178EE12B556F16B900BCB8617986CAAC516F18E"
Last-Modified: Sat, 14 Sep 2024 15:21:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4920
Expires: Sat, 14 Sep 2024 21:54:03 GMT
Date: Sat, 14 Sep 2024 20:32:03 GMT
Connection: keep-alive

GET st.zarebasdezaley.com/rElOMp01Ir4mkXM/anJBO

188.42.108.108

200 OK

20 B

URL GET HTTP/1.1
st.zarebasdezaley.com/rElOMp01Ir4mkXM/anJBO
IP
188.42.108.108:443
ASN
#7979 SERVERS-COM

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjectst.zarebasdezaley.com
Fingerprint9E:45:BA:3C:C0:9B:86:D1:A5:CA:AE:41:06:40:ED:EB:05:C2:44:EF
ValidityTue, 13 Aug 2024 22:08:27 GMT - Mon, 11 Nov 2024 22:08:26 GMT

File type
gzip compressed data, from Unix
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /rElOMp01Ir4mkXM/anJBO HTTP/1.1
Host: st.zarebasdezaley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 14 Sep 2024 20:32:03 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://dfiles.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Sun, 15-Sep-2024 20:32:03 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwNwz0OgjAYBuB%2B39BoJCZv5ACcAIHgwOjP4GBw4ASARBualrSAejN3L6ZP8gghOAzAakBQpHGRxHkWp7scdAeXV3BrIEvrnvUb5MBJBnYGi33fOf%2BYPKjF6vz9zKqP5s71IIX1QatXVFk9jcoaD%2F5fHutGd9tTdQENksCjlQz2t1CAZrn5ASyhICQ%3D; expires=Sun, 15-Sep-2024 20:32:03 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET d2uu46itxfd65q.cloudfront.net/?tiuud=997276

143.204.42.112

200 OK

54 kB

URL GET HTTP/2
d2uu46itxfd65q.cloudfront.net/?tiuud=997276
IP
143.204.42.112:443
ASN
#16509 AMAZON-02

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (15945)
Size
54 kB (54510 bytes)
Hash
e9f2cfcca4b91ea94596f4a6cb9766fd
5681fc27cb5afc57e652b817c3ebdd9b6d61dd71
c697c514815e8c84adce08bbb6f1f158838d774ff1374a62159322fa204ea06e

HTTP Headers

GET /?tiuud=997276 HTTP/1.1
Host: d2uu46itxfd65q.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 54510
date: Sat, 14 Sep 2024 20:32:03 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2GuFJd2oNg0gZeg7kW6pnpNYizjVcLS4VErn2RhPtgO6RG8fMWh3cw==
X-Firefox-Spdy: h2

GET static.depositfiles.com/js/962e36ace9b4601f1f51f3e2010e41b9.js

91.226.124.125

200 OK

166 kB

URL GET HTTP/2
static.depositfiles.com/js/962e36ace9b4601f1f51f3e2010e41b9.js
IP
91.226.124.125:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint97:53:4A:DF:7A:62:F0:68:7B:58:C9:2B:0E:FA:A4:E2:31:03:9A:90
ValiditySun, 01 Sep 2024 12:41:37 GMT - Sat, 30 Nov 2024 12:41:36 GMT

File type
JavaScript source, ASCII text, with very long lines (60311)
Size
166 kB (165645 bytes)
Hash
2be5fcdf94b41708d74f41b7085d2ad2
f0dcfce29c979d9f8dc77fe7c50359dd24551166
f75c96c1b2f404495f796d87af8d205f3e79dfe6666a9a332d2903585fff8c5b

HTTP Headers

GET /js/962e36ace9b4601f1f51f3e2010e41b9.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=300
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: application/javascript
date: Sat, 14 Sep 2024 20:32:03 GMT
etag: "66cf2384-2870d"
expires: Sat, 14 Sep 2024 20:37:03 GMT
last-modified: Wed, 28 Aug 2024 13:17:56 GMT
server: nginx
content-length: 165645
X-Firefox-Spdy: h2

GET static.depositfiles.com/js/base2.js

91.226.124.125

200 OK

399 kB

URL GET HTTP/2
static.depositfiles.com/js/base2.js
IP
91.226.124.125:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint97:53:4A:DF:7A:62:F0:68:7B:58:C9:2B:0E:FA:A4:E2:31:03:9A:90
ValiditySun, 01 Sep 2024 12:41:37 GMT - Sat, 30 Nov 2024 12:41:36 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65481)
Size
399 kB (398927 bytes)
Hash
2fcae8126c3fd9a626370a701f0bd887
f3496fb7bbe122a9774d7dcfcd68da03a24dc285
d29ab86f64b4fcfbc45b9ef806c147f1e42e37e37d44a559147232288063badc

HTTP Headers

GET /js/base2.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=300
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: application/javascript
date: Sat, 14 Sep 2024 20:32:03 GMT
etag: "651c240d-6164f"
expires: Sat, 14 Sep 2024 20:37:03 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 398927
X-Firefox-Spdy: h2

GET static.depositfiles.com/js/jquery.validate.js

91.226.124.125

200 OK

38 kB

URL GET HTTP/2
static.depositfiles.com/js/jquery.validate.js
IP
91.226.124.125:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint97:53:4A:DF:7A:62:F0:68:7B:58:C9:2B:0E:FA:A4:E2:31:03:9A:90
ValiditySun, 01 Sep 2024 12:41:37 GMT - Sat, 30 Nov 2024 12:41:36 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (1238)
Size
38 kB (38269 bytes)
Hash
d5231b6378847ebdb55f64c77d5a234f
eed97aa0b2aa9486b6f6831ed8a85dc729ad6b9c
95434a8a2568a6481a1fbcf5808a75dd58e77348ed6d70b4f7aeda8842e8f0c7

HTTP Headers

GET /js/jquery.validate.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=300
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: application/javascript
date: Sat, 14 Sep 2024 20:32:03 GMT
etag: "651c240d-957d"
expires: Sat, 14 Sep 2024 20:37:03 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 38269
X-Firefox-Spdy: h2

GET static.depositfiles.com/js/function.js

91.226.124.125

200 OK

35 kB

URL GET HTTP/2
static.depositfiles.com/js/function.js
IP
91.226.124.125:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint97:53:4A:DF:7A:62:F0:68:7B:58:C9:2B:0E:FA:A4:E2:31:03:9A:90
ValiditySun, 01 Sep 2024 12:41:37 GMT - Sat, 30 Nov 2024 12:41:36 GMT

File type
JavaScript source, ASCII text, with very long lines (4240)
Size
35 kB (34915 bytes)
Hash
a5779d2f560cd50376dbba372b0fd15b
07b08e35b9254288c1372e37577db8b9e4da01b4
51d26403861d61a7842bc73f518d4a4351a7027c40c9f0347f61421226950b84

HTTP Headers

GET /js/function.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=300
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: application/javascript
date: Sat, 14 Sep 2024 20:32:03 GMT
etag: "651c240d-8863"
expires: Sat, 14 Sep 2024 20:37:03 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 34915
X-Firefox-Spdy: h2

GET subqueriesendedgrounds.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js

172.240.108.84

200 OK

13 kB

URL GET HTTP/1.1
subqueriesendedgrounds.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjectsubqueriesendedgrounds.com
Fingerprint80:89:EA:DA:41:EE:32:28:D6:9B:AE:44:40:D1:17:23:E1:6E:85:20
ValidityThu, 15 Aug 2024 18:38:07 GMT - Wed, 13 Nov 2024 18:38:06 GMT

File type
JavaScript source, ASCII text, with very long lines (31788), with no line terminators
Size
13 kB (13362 bytes)
Hash
150df4a99d5c608b1f65fb349bffbccf
0c82c55f7b4e3caa1d9da09d960c5eb7050a57e7
a109cd8ce3d7fec0c222c1e6ae5d0b39399fd6f018407e0f7c1ad3cf96c5d17a

HTTP Headers

GET /22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js HTTP/1.1
Host: subqueriesendedgrounds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Sep 2024 20:32:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-3278_general=1; expires=Sat, 14 Sep 2024 20:32:03 GMT; secure; SameSite=None
Host: subqueriesendedgrounds.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: bfa0281b50cace19f3a92099ebd895d3
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET static.depositfiles.com/images/logo.png

91.226.124.125

200 OK

3.6 kB

URL GET HTTP/2
static.depositfiles.com/images/logo.png
IP
91.226.124.125:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint97:53:4A:DF:7A:62:F0:68:7B:58:C9:2B:0E:FA:A4:E2:31:03:9A:90
ValiditySun, 01 Sep 2024 12:41:37 GMT - Sat, 30 Nov 2024 12:41:36 GMT

File type
PNG image data, 176 x 43, 8-bit/color RGBA, non-interlaced
Size
3.6 kB (3623 bytes)
Hash
c41fdd84b04e45a91cb17cfdeccb1b38
fec7fffe104c7e169aeb159032078c4b71ff2cdc
7f89eb8ab03684f4db282ca30eb231b1e254bca10c7b511950df5e0eab0a68a0

HTTP Headers

GET /images/logo.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/png
date: Sat, 14 Sep 2024 20:32:03 GMT
etag: "651c240d-e27"
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 3623
X-Firefox-Spdy: h2

GET static.depositfiles.com/images/sprite.png

91.226.124.125

200 OK

37 kB

URL GET HTTP/2
static.depositfiles.com/images/sprite.png
IP
91.226.124.125:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint97:53:4A:DF:7A:62:F0:68:7B:58:C9:2B:0E:FA:A4:E2:31:03:9A:90
ValiditySun, 01 Sep 2024 12:41:37 GMT - Sat, 30 Nov 2024 12:41:36 GMT

File type
PNG image data, 102 x 630, 8-bit/color RGBA, non-interlaced
Size
37 kB (36802 bytes)
Hash
2333675d7e431d5313c6dbb5230a14cd
93c4032e5b8b85793a9cda7167804445d950dd96
b287134a60667ce8e2c3fa1603e3a8f2ffa59c64e746d026d1a13ef19f3f38a0

HTTP Headers

GET /images/sprite.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/png
date: Sat, 14 Sep 2024 20:32:03 GMT
etag: "651c240d-8fc2"
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 36802
X-Firefox-Spdy: h2

GET static.depositfiles.com/images/member_menu_bg.gif

91.226.124.125

200 OK

78 B

URL GET HTTP/2
static.depositfiles.com/images/member_menu_bg.gif
IP
91.226.124.125:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint97:53:4A:DF:7A:62:F0:68:7B:58:C9:2B:0E:FA:A4:E2:31:03:9A:90
ValiditySun, 01 Sep 2024 12:41:37 GMT - Sat, 30 Nov 2024 12:41:36 GMT

File type
GIF image data, version 89a, 1 x 48
Size
78 B (78 bytes)
Hash
20a24b56dcedf6a71a71ebec771e1f7d
d7bed493d5d4eeaed5dbbf7d30d45107840790a0
6f57f29224d8e9e51ed0839e329055426fba7dcd97ef31e93ed495f93a6063df

HTTP Headers

GET /images/member_menu_bg.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=432000
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/gif
date: Sat, 14 Sep 2024 20:32:03 GMT
etag: "651c240d-4e"
expires: Thu, 19 Sep 2024 20:32:03 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 78
X-Firefox-Spdy: h2

GET static.depositfiles.com/images/timer.gif

91.226.124.125

200 OK

12 kB

URL GET HTTP/2
static.depositfiles.com/images/timer.gif
IP
91.226.124.125:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint97:53:4A:DF:7A:62:F0:68:7B:58:C9:2B:0E:FA:A4:E2:31:03:9A:90
ValiditySun, 01 Sep 2024 12:41:37 GMT - Sat, 30 Nov 2024 12:41:36 GMT

File type
GIF image data, version 89a, 70 x 70
Size
12 kB (11607 bytes)
Hash
fb170c2ce20d8088b7cee465689c3637
9759429c7de6921580fac900c4c6026c758bb94c
6b5c53dd4d2d07c854e019e55458ff9652a4d9b7bf1fe8848ad00ca16032e294

HTTP Headers

GET /images/timer.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=432000
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/gif
date: Sat, 14 Sep 2024 20:32:03 GMT
etag: "651c240d-2d57"
expires: Thu, 19 Sep 2024 20:32:03 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 11607
X-Firefox-Spdy: h2

GET static.depositfiles.com/css/main.css

91.226.124.125

200 OK

56 kB

URL GET HTTP/2
static.depositfiles.com/css/main.css
IP
91.226.124.125:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint97:53:4A:DF:7A:62:F0:68:7B:58:C9:2B:0E:FA:A4:E2:31:03:9A:90
ValiditySun, 01 Sep 2024 12:41:37 GMT - Sat, 30 Nov 2024 12:41:36 GMT

File type
gzip compressed data, max speed, from Unix
Size
56 kB (56021 bytes)
Hash
c742eb76af5e64159a9bd4b2c26b2424
5c1c914d06ca2783dd8dad60a46e542f0fcc0f17
7aae0e89d52e0b77a57ae69801029ab3ce872480a0e3b8bf4195f7b2440a03c2

HTTP Headers

GET /css/main.css HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=300
content-encoding: gzip
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: text/css
date: Sat, 14 Sep 2024 20:32:03 GMT
etag: W/"6545effd-2f784"
expires: Sat, 14 Sep 2024 20:37:03 GMT
last-modified: Sat, 04 Nov 2023 07:17:17 GMT
server: nginx
X-Firefox-Spdy: h2

GET councernedasesi.com/popunder.gif

188.114.96.1

58 B

URL GET
councernedasesi.com/popunder.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerGoogle Trust Services
Subjectcouncernedasesi.com
Fingerprint1E:3A:94:9F:15:D9:D7:E3:C1:83:D4:87:C1:3C:92:A8:B6:4D:F4:58
ValidityFri, 06 Sep 2024 05:25:50 GMT - Thu, 05 Dec 2024 05:25:49 GMT

File type
GIF image data, version 89a, 1 x 1
Size
58 B (58 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: councernedasesi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Sep 2024 20:32:03 GMT
content-type: image/gif
content-length: 58
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
content-encoding: gzip
cf-cache-status: HIT
age: 17880
last-modified: Sat, 14 Sep 2024 15:34:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1gNAhefDXAHojvqhWRbo7SOnMKpJQ%2F5muyRgNAwu2JQaQ2mnKkNENkuJiKeFfmDj6XMBankArwbQnvx5eaOR%2FdiOD78TangjbiE3nHkLtQfgudeZg5%2BHDBJGlULOWs3k97SiESRP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c3324e769551c16-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET proftrafficcounter.com/stats

18.184.48.111

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.184.48.111:443
ASN
#16509 AMAZON-02

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
94573b4e9d11a5b3e790c16a6c5bbd71
027039ab946905a2b13c5424c1f1be4f91e63f7b
be5204f8aaf6691b84dd9addb450a64e5334aca5fd6f804ee346795fb2653a69

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.com
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Sep 2024 20:32:03 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dfiles.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=a1eefd0b-1c8d-47b7-9342-9e3825aee9b5:3:1; expires=Tue, 12 Sep 2034 20:32:03 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

GET councernedasesi.com/WE1KUjB3cikhDQsYDyp9DTlvYHI7Ki0WVWshMxNxEnQvYVsfDAIfFiwkLm8JYXp4ZQZ+PSM2DWlrOSZRLDg5bwF+JCQ0X2VrPG8Bdn5+fANuY350RWV8bCZAOSp3YxYoOT4+DWl6eGQDbHhzYANueXg

188.114.96.1

204 No Content

0 B

URL GET HTTP/2
councernedasesi.com/WE1KUjB3cikhDQsYDyp9DTlvYHI7Ki0WVWshMxNxEnQvYVsfDAIfFiwkLm8JYXp4ZQZ+PSM2DWlrOSZRLDg5bwF+JCQ0X2VrPG8Bdn5+fANuY350RWV8bCZAOSp3YxYoOT4+DWl6eGQDbHhzYANueXg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerGoogle Trust Services
Subjectcouncernedasesi.com
Fingerprint1E:3A:94:9F:15:D9:D7:E3:C1:83:D4:87:C1:3C:92:A8:B6:4D:F4:58
ValidityFri, 06 Sep 2024 05:25:50 GMT - Thu, 05 Dec 2024 05:25:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WE1KUjB3cikhDQsYDyp9DTlvYHI7Ki0WVWshMxNxEnQvYVsfDAIfFiwkLm8JYXp4ZQZ+PSM2DWlrOSZRLDg5bwF+JCQ0X2VrPG8Bdn5+fANuY350RWV8bCZAOSp3YxYoOT4+DWl6eGQDbHhzYANueXg HTTP/1.1
Host: councernedasesi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 14 Sep 2024 20:32:03 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0jYWeEwAZ%2FPobmzfaZaOatmMUeuYikLBJyfTnMhjVdiWHFQwCXI9E2R%2F25klwvYbAdqvUizmFn3Cb3ukBX6H%2BXCTEUFZtjAaLLhJnHr9BoX55yPLTHywu6igknymYGhVfEEuZB%2FM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c3324e759491c16-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
7271d32aa4cdf9afd85b3ff8649d7128
a18ca56c389bbd01539fa96e32a116441aaf18ab
ed5422f57701e6e364ca958cd1c6d7a7dab531f1296b09e487240da161234916

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "ED5422F57701E6E364CA958CD1C6D7A7DAB531F1296B09E487240DA161234916"
Last-Modified: Thu, 12 Sep 2024 15:11:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=554
Expires: Sat, 14 Sep 2024 20:41:17 GMT
Date: Sat, 14 Sep 2024 20:32:03 GMT
Connection: keep-alive

GET hiidevelelastic.com/R1RNalkmNi4HZiZpL0wsNThwT2sBcX8sPXUhOF5vLiA1DD1xYTxEOis7OA4/NTsjHncpMTlPawEfFAdhdBkgOxsGEiE/Dj8NCj8ufjAaWz4BFhsgHA9kGzIYK2wBPw80HQ8SLh0BHBkJFAJ8KBowIyspNR45CVtsBgIqBREAExg/HAUzASk+DRcJDWwdAhsGHAQ4ITgOERoHPDUeExVbKhUGJTsXBRU9LBwGFQI7MhISCSsxDxIPLx0SOD0OESAnCT1oCRYYKTIEHAs4ER8FLgsRARooLz4COR9baQ8MKloUAD91Mg8rHRUuLhZjGywqFBUeMBEfBWAOGAI/KQk9ICAePh9/MQtbAxQXCyALAyN8IRsfBho/NXMcDAYPFAwlIxgRFRwtCxE3Di4LJAcMKRMlAx8BGhY8KTkbIHInGTYpJHAOGyplOg43IiMf

108.157.214.81

200 OK

1.2 kB

URL GET HTTP/2
hiidevelelastic.com/R1RNalkmNi4HZiZpL0wsNThwT2sBcX8sPXUhOF5vLiA1DD1xYTxEOis7OA4/NTsjHncpMTlPawEfFAdhdBkgOxsGEiE/Dj8NCj8ufjAaWz4BFhsgHA9kGzIYK2wBPw80HQ8SLh0BHBkJFAJ8KBowIyspNR45CVtsBgIqBREAExg/HAUzASk+DRcJDWwdAhsGHAQ4ITgOERoHPDUeExVbKhUGJTsXBRU9LBwGFQI7MhISCSsxDxIPLx0SOD0OESAnCT1oCRYYKTIEHAs4ER8FLgsRARooLz4COR9baQ8MKloUAD91Mg8rHRUuLhZjGywqFBUeMBEfBWAOGAI/KQk9ICAePh9/MQtbAxQXCyALAyN8IRsfBho/NXMcDAYPFAwlIxgRFRwtCxE3Di4LJAcMKRMlAx8BGhY8KTkbIHInGTYpJHAOGyplOg43IiMf
IP
108.157.214.81:443
ASN
#16509 AMAZON-02

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerAmazon
Subjecthiidevelelastic.com
Fingerprint7F:F1:B7:EC:9A:ED:5B:98:84:D5:25:FB:A0:8F:FC:8C:D5:C5:72:7E
ValidityMon, 19 Aug 2024 00:00:00 GMT - Wed, 17 Sep 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3035), with no line terminators
Size
1.2 kB (1186 bytes)
Hash
e1a9cc43c26ecb2038f1fc12e77249e3
27084dede85702ba40de35924e68f65de66a44b8
56e05c7f580ab7695a7b1e5d3a8693b0c07638900185b00fe7f943eb30b41781

HTTP Headers

GET /R1RNalkmNi4HZiZpL0wsNThwT2sBcX8sPXUhOF5vLiA1DD1xYTxEOis7OA4/NTsjHncpMTlPawEfFAdhdBkgOxsGEiE/Dj8NCj8ufjAaWz4BFhsgHA9kGzIYK2wBPw80HQ8SLh0BHBkJFAJ8KBowIyspNR45CVtsBgIqBREAExg/HAUzASk+DRcJDWwdAhsGHAQ4ITgOERoHPDUeExVbKhUGJTsXBRU9LBwGFQI7MhISCSsxDxIPLx0SOD0OESAnCT1oCRYYKTIEHAs4ER8FLgsRARooLz4COR9baQ8MKloUAD91Mg8rHRUuLhZjGywqFBUeMBEfBWAOGAI/KQk9ICAePh9/MQtbAxQXCyALAyN8IRsfBho/NXMcDAYPFAwlIxgRFRwtCxE3Di4LJAcMKRMlAx8BGhY8KTkbIHInGTYpJHAOGyplOg43IiMf HTTP/1.1
Host: hiidevelelastic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1186
date: Sat, 14 Sep 2024 20:32:03 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 419f3eb3d74bedebbef6fc91b3f54a36.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: j9j8k46mqorGSHhoXsW6l6t9k0oJ4KKRFgOscCrYK5cFY75QOYEkZw==
X-Firefox-Spdy: h2

GET na.nawpush.com/tags/46445?version_name=a&domain=dfiles.com

45.133.44.25

200 OK

907 B

URL GET HTTP/2
na.nawpush.com/tags/46445?version_name=a&domain=dfiles.com
IP
45.133.44.25:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjectna.nawpush.com
FingerprintE2:BB:4F:78:5C:43:44:94:73:F1:61:7B:79:9C:4F:C6:00:14:79:EC
ValidityFri, 26 Jul 2024 03:01:09 GMT - Thu, 24 Oct 2024 03:01:08 GMT

File type
JSON text data
Size
907 B (907 bytes)
Hash
73206faa6df738fa5a6a8c41e0747788
e041c74f8d9921b9c6d23ebf414012ecef3d6132
4d97ad25c6966dfdde4d1e3e441c53eadf6acf5d4036ac2f57847d30ee900dc4

HTTP Headers

GET /tags/46445?version_name=a&domain=dfiles.com HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.com
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Sep 2024 20:32:03 GMT
content-type: application/json
content-length: 907
server: nginx/1.24.0
cache-control: max-age=300, public
x-proxy-cache: HIT
x-cdn-host-id: ds5058
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET js.capndr.com/advertising.js

45.133.44.52

200 OK

0 B

URL GET HTTP/2
js.capndr.com/advertising.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjectjs.capndr.com
FingerprintA0:3C:B8:F2:B0:74:40:26:0C:8B:97:F4:AE:8A:17:21:9E:B9:63:3B
ValidityMon, 19 Aug 2024 02:02:32 GMT - Sun, 17 Nov 2024 02:02:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Sep 2024 20:32:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Sat, 14 Sep 2024 20:37:03 GMT
cache-control: max-age=300
x-proxy-cache: HIT
x-cdn-host-id: ds9225
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

GET honourprecisionsuited.com/c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js

192.243.61.227

200 OK

34 kB

URL GET HTTP/1.1
honourprecisionsuited.com/c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjecthonourprecisionsuited.com
Fingerprint8B:36:A0:64:CE:3F:D1:E0:17:8F:FD:58:5E:8B:51:25:D2:7F:79:C4
ValidityFri, 09 Aug 2024 05:43:18 GMT - Thu, 07 Nov 2024 05:43:17 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
34 kB (33652 bytes)
Hash
20d2a7338d0a8bac7927c2031f20b8b0
585168ade58883f2c60c61a3a7e18aa9abc54fe4
f0e031d75ead6cf40a0b549f65e1f082b8bdba5650696043ae256a3c6430157c

HTTP Headers

GET /c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js HTTP/1.1
Host: honourprecisionsuited.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Sep 2024 20:32:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 8e49f07d43a43435890854f19898e358
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET www.google.com/recaptcha/api.js

142.250.74.132

200 OK

611 B

URL GET HTTP/2
www.google.com/recaptcha/api.js
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerGoogle Trust Services
Subjectwww.google.com
Fingerprint8C:22:1C:CB:12:29:80:FE:65:17:C7:64:C1:F6:8E:07:EB:34:A8:42
ValidityMon, 12 Aug 2024 07:19:41 GMT - Mon, 04 Nov 2024 07:19:40 GMT

File type
gzip compressed data, max compression
Size
611 B (611 bytes)
Hash
24f261f6c61867641f711f00e27130ca
8c213fbd6aae590fc2c17b1539d05842062ee6a4
26f59264ace23f81f907858da3a7ef375afab53f04a77585531178f81039dfc9

HTTP Headers

GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Sat, 14 Sep 2024 20:32:03 GMT
date: Sat, 14 Sep 2024 20:32:03 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET adsbb.dfiles.com/static/js/jquery-1.5.1.min.js

91.226.124.104

200 OK

85 kB

URL GET HTTP/2
adsbb.dfiles.com/static/js/jquery-1.5.1.min.js
IP
91.226.124.104:443
ASN
#35415 Webzilla B.V.

Requested by
https://adsbb.dfiles.com/upload/2401/ad27972995eacd9f.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9
Certificate
IssuerLet's Encrypt
Subjectdfiles.com
Fingerprint4F:AA:3F:B0:44:48:F4:CA:17:7D:C7:60:4F:13:32:83:3F:7F:D2:B0
ValiditySat, 31 Aug 2024 12:43:59 GMT - Fri, 29 Nov 2024 12:43:58 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65168)
Size
85 kB (85260 bytes)
Hash
b04a3bccd23ddeb7982143707a63ccf9
4a5dc1389aad050a44ee5e81408238a317ab3413
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b

HTTP Headers

GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.com/upload/2203/ad27612964f48cd2.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9
Cookie: last_file=5zujuxxxt; _nf7=1; _nf56=1; _nf60=1; _nf58=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: no-cache, private, no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: application/javascript
date: Sat, 14 Sep 2024 20:32:04 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
pragma: no-cache
server: nginx
content-length: 85260
X-Firefox-Spdy: h2

d2uu46itxfd65q.cloudfront.net/KYm83MmQBAFlUWxYGUw9dW1gFBVJEH0VXAl8LUVsIBxwZUQsPSV1BCwwfClYmD15AVgoHGGUUEBgLCgJCDg5ZVVlECllRWVNJVlYGX1sRRhQNBApFEAAOQkUFDAhHFBEDUlpdHgsDW1NBUCkCHFRHXQcaHFNeEgEmR10HXg0MGk8XVlIXDwQ7VFsSASZHXQ-dAEkdcdgtSTF8eF1ZSCFJRDw1KBXRWUl4HAlVSXhIAVAQGRVcCDRcSACJbWRkCQhdSBg

143.204.42.112

520 B

URL
d2uu46itxfd65q.cloudfront.net/KYm83MmQBAFlUWxYGUw9dW1gFBVJEH0VXAl8LUVsIBxwZUQsPSV1BCwwfClYmD15AVgoHGGUUEBgLCgJCDg5ZVVlECllRWVNJVlYGX1sRRhQNBApFEAAOQkUFDAhHFBEDUlpdHgsDW1NBUCkCHFRHXQcaHFNeEgEmR10HXg0MGk8XVlIXDwQ7VFsSASZHXQ-dAEkdcdgtSTF8eF1ZSCFJRDw1KBXRWUl4HAlVSXhIAVAQGRVcCDRcSACJbWRkCQhdSBg
IP
143.204.42.112:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

File type
ASCII text, with very long lines (742), with no line terminators
Size
520 B (520 bytes)
Hash
46e23c503073e3bdcbe92d3377fe665c
3746cf164f9136122edd67f4651f87a78175a973
ea06638847f82e125e8618cd8f740ce216edd6f1727afd84bd8e0e506973a552

HTTP Headers

GET /KYm83MmQBAFlUWxYGUw9dW1gFBVJEH0VXAl8LUVsIBxwZUQsPSV1BCwwfClYmD15AVgoHGGUUEBgLCgJCDg5ZVVlECllRWVNJVlYGX1sRRhQNBApFEAAOQkUFDAhHFBEDUlpdHgsDW1NBUCkCHFRHXQcaHFNeEgEmR10HXg0MGk8XVlIXDwQ7VFsSASZHXQ-dAEkdcdgtSTF8eF1ZSCFJRDw1KBXRWUl4HAlVSXhIAVAQGRVcCDRcSACJbWRkCQhdSBg HTTP/1.1
Host: d2uu46itxfd65q.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hiidevelelastic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 520
date: Sat, 14 Sep 2024 20:32:04 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sqLNkqeh9fGnHmuFjpq1a9_G6dHPVJJNQ5mDbQdACUM1_J4bwzGYBQ==
X-Firefox-Spdy: h2

GET adsbb.dfiles.com/static/js/jquery-1.5.1.min.js

91.226.124.104

200 OK

85 kB

URL GET HTTP/2
adsbb.dfiles.com/static/js/jquery-1.5.1.min.js
IP
91.226.124.104:443
ASN
#35415 Webzilla B.V.

Requested by
https://adsbb.dfiles.com/upload/2401/ad27972995eacd9f.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9
Certificate
IssuerLet's Encrypt
Subjectdfiles.com
Fingerprint4F:AA:3F:B0:44:48:F4:CA:17:7D:C7:60:4F:13:32:83:3F:7F:D2:B0
ValiditySat, 31 Aug 2024 12:43:59 GMT - Fri, 29 Nov 2024 12:43:58 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65168)
Size
85 kB (85260 bytes)
Hash
b04a3bccd23ddeb7982143707a63ccf9
4a5dc1389aad050a44ee5e81408238a317ab3413
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b

HTTP Headers

GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.com/upload/2401/ad27972995eacd9f.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9
Cookie: last_file=5zujuxxxt; _nf7=1; _nf56=1; _nf60=1; _nf58=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: no-cache, private, no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: application/javascript
date: Sat, 14 Sep 2024 20:32:04 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
pragma: no-cache
server: nginx
content-length: 85260
X-Firefox-Spdy: h2

GET adsbb.dfiles.com/static/js/jquery-1.5.1.min.js

91.226.124.104

200 OK

85 kB

URL GET HTTP/2
adsbb.dfiles.com/static/js/jquery-1.5.1.min.js
IP
91.226.124.104:443
ASN
#35415 Webzilla B.V.

Requested by
https://adsbb.dfiles.com/upload/2401/ad27972995eacd9f.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9
Certificate
IssuerLet's Encrypt
Subjectdfiles.com
Fingerprint4F:AA:3F:B0:44:48:F4:CA:17:7D:C7:60:4F:13:32:83:3F:7F:D2:B0
ValiditySat, 31 Aug 2024 12:43:59 GMT - Fri, 29 Nov 2024 12:43:58 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65168)
Size
85 kB (85260 bytes)
Hash
b04a3bccd23ddeb7982143707a63ccf9
4a5dc1389aad050a44ee5e81408238a317ab3413
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b

HTTP Headers

GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.com/upload/2303/ad2775297311915a.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9
Cookie: last_file=5zujuxxxt; _nf7=1; _nf56=1; _nf60=1; _nf58=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: no-cache, private, no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: application/javascript
date: Sat, 14 Sep 2024 20:32:04 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
pragma: no-cache
server: nginx
content-length: 85260
X-Firefox-Spdy: h2

POST pubtrky.com/ut/hb.php?cb=0.8177802304502806&v=1

172.67.188.110

204 No Content

0 B

URL POST HTTP/2
pubtrky.com/ut/hb.php?cb=0.8177802304502806&v=1
IP
172.67.188.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerGoogle Trust Services
Subjectpubtrky.com
Fingerprint1C:AA:FC:FF:38:D8:EF:73:88:D2:C1:25:B4:81:1C:94:2A:06:07:C3
ValidityWed, 11 Sep 2024 07:35:33 GMT - Tue, 10 Dec 2024 07:35:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /ut/hb.php?cb=0.8177802304502806&v=1 HTTP/1.1
Host: pubtrky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 1196
Origin: https://dfiles.com
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Sat, 14 Sep 2024 20:32:04 GMT
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=19%2BXNoFTzCYYsXvfTClwb2mE7e8%2BXAl98MwyUV3REV9PO8zk1wrMwLu3BXuV6GI03ZyxRNHukjOLTxZy78sP4dztqM4FDRWcXuzTvBVodXmQUPoOEx5nA%2FWmcTK%2BQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c3324ea9ca7b515-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET adsbb.dfiles.com/view.gif?c=2964&z=60&b=2761&u=66e5f2497f3554018804512379547

91.226.124.104

200 OK

43 B

URL GET HTTP/2
adsbb.dfiles.com/view.gif?c=2964&z=60&b=2761&u=66e5f2497f3554018804512379547
IP
91.226.124.104:443
ASN
#35415 Webzilla B.V.

Requested by
https://adsbb.dfiles.com/upload/2203/ad27612964f48cd2.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9
Certificate
IssuerLet's Encrypt
Subjectdfiles.com
Fingerprint4F:AA:3F:B0:44:48:F4:CA:17:7D:C7:60:4F:13:32:83:3F:7F:D2:B0
ValiditySat, 31 Aug 2024 12:43:59 GMT - Fri, 29 Nov 2024 12:43:58 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

HTTP Headers

GET /view.gif?c=2964&z=60&b=2761&u=66e5f2497f3554018804512379547 HTTP/1.1
Host: adsbb.dfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.com/upload/2203/ad27612964f48cd2.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9
Cookie: last_file=5zujuxxxt; _nf7=1; _nf56=1; _nf60=1; _nf58=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: no-cache, private, no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/gif
date: Sat, 14 Sep 2024 20:32:04 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
pragma: no-cache
server: nginx
content-length: 43
X-Firefox-Spdy: h2

GET adsbb.dfiles.com/upload/2303/ad2775297311915a.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9

91.226.124.104

200 OK

8.8 kB

URL GET HTTP/2
adsbb.dfiles.com/upload/2303/ad2775297311915a.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9
IP
91.226.124.104:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjectdfiles.com
Fingerprint4F:AA:3F:B0:44:48:F4:CA:17:7D:C7:60:4F:13:32:83:3F:7F:D2:B0
ValiditySat, 31 Aug 2024 12:43:59 GMT - Fri, 29 Nov 2024 12:43:58 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (12813), with CRLF, LF line terminators
Size
8.8 kB (8827 bytes)
Hash
c315f515887d6a457fcededa1d971964
d8acd3a59168d75562196650c35cfceec6f1f95a
03f06e2d227d32e251c8ecae84cde1c0f66ba565c4757f5dd26a84bc3f2474fc

HTTP Headers

GET /upload/2303/ad2775297311915a.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9 HTTP/1.1
Host: adsbb.dfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.com/
DNT: 1
Connection: keep-alive
Cookie: last_file=5zujuxxxt; _nf7=1; _nf56=1; _nf60=1; _nf58=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com, frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: text/html
date: Sat, 14 Sep 2024 20:32:04 GMT
last-modified: Sat, 14 Sep 2024 20:30:01 GMT
server: nginx
X-Firefox-Spdy: h2

GET adsbb.dfiles.com/view.gif?c=2973&z=58&b=2775&u=66e5f24980c4f4478759877441323

91.226.124.104

200 OK

43 B

URL GET HTTP/2
adsbb.dfiles.com/view.gif?c=2973&z=58&b=2775&u=66e5f24980c4f4478759877441323
IP
91.226.124.104:443
ASN
#35415 Webzilla B.V.

Requested by
https://adsbb.dfiles.com/upload/2303/ad2775297311915a.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9
Certificate
IssuerLet's Encrypt
Subjectdfiles.com
Fingerprint4F:AA:3F:B0:44:48:F4:CA:17:7D:C7:60:4F:13:32:83:3F:7F:D2:B0
ValiditySat, 31 Aug 2024 12:43:59 GMT - Fri, 29 Nov 2024 12:43:58 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

HTTP Headers

GET /view.gif?c=2973&z=58&b=2775&u=66e5f24980c4f4478759877441323 HTTP/1.1
Host: adsbb.dfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.com/upload/2303/ad2775297311915a.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9
Cookie: last_file=5zujuxxxt; _nf7=1; _nf56=1; _nf60=1; _nf58=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: no-cache, private, no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/gif
date: Sat, 14 Sep 2024 20:32:04 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
pragma: no-cache
server: nginx
content-length: 43
X-Firefox-Spdy: h2

GET adsbb.dfiles.com/view.gif?c=2995&z=56&b=2797&u=66e5f249819da32226583607394965

91.226.124.104

200 OK

43 B

URL GET HTTP/2
adsbb.dfiles.com/view.gif?c=2995&z=56&b=2797&u=66e5f249819da32226583607394965
IP
91.226.124.104:443
ASN
#35415 Webzilla B.V.

Requested by
https://adsbb.dfiles.com/upload/2401/ad27972995eacd9f.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9
Certificate
IssuerLet's Encrypt
Subjectdfiles.com
Fingerprint4F:AA:3F:B0:44:48:F4:CA:17:7D:C7:60:4F:13:32:83:3F:7F:D2:B0
ValiditySat, 31 Aug 2024 12:43:59 GMT - Fri, 29 Nov 2024 12:43:58 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

HTTP Headers

GET /view.gif?c=2995&z=56&b=2797&u=66e5f249819da32226583607394965 HTTP/1.1
Host: adsbb.dfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.com/upload/2401/ad27972995eacd9f.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9
Cookie: last_file=5zujuxxxt; _nf7=1; _nf56=1; _nf60=1; _nf58=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: no-cache, private, no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/gif
date: Sat, 14 Sep 2024 20:32:04 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
pragma: no-cache
server: nginx
content-length: 43
X-Firefox-Spdy: h2

GET static.depositfiles.com/images/favicon.ico

91.226.124.125

200 OK

318 B

URL GET HTTP/2
static.depositfiles.com/images/favicon.ico
IP
91.226.124.125:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint97:53:4A:DF:7A:62:F0:68:7B:58:C9:2B:0E:FA:A4:E2:31:03:9A:90
ValiditySun, 01 Sep 2024 12:41:37 GMT - Sat, 30 Nov 2024 12:41:36 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel
Size
318 B (318 bytes)
Hash
0f0b975ee529197ec75780ebc2de5907
59688c6aafca5606e388ba9a44fc9dc25fc32cd3
28a0b52229f05b66354ca38b6b813d2281af3efb7e8b0a424ef8b4c68b9e583c

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/x-icon
date: Sat, 14 Sep 2024 20:32:04 GMT
etag: "651c240d-13e"
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 318
X-Firefox-Spdy: h2

GET spinesoftsettle.com/pixel/purst?dl=0&th=0&sc=0&rs=1932&rd=1932&fd=602&bv=24.8.8180&tmpl=136

172.240.253.132

200 OK

0 B

URL GET HTTP/1.1
spinesoftsettle.com/pixel/purst?dl=0&th=0&sc=0&rs=1932&rd=1932&fd=602&bv=24.8.8180&tmpl=136
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjectspinesoftsettle.com
Fingerprint25:C5:00:5E:34:91:F5:06:AF:BA:FF:26:73:BE:A1:DA:43:7D:1C:FF
ValidityFri, 09 Aug 2024 05:32:07 GMT - Thu, 07 Nov 2024 05:32:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1932&rd=1932&fd=602&bv=24.8.8180&tmpl=136 HTTP/1.1
Host: spinesoftsettle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Sep 2024 20:32:04 GMT
Content-Length: 0
Connection: keep-alive
Host: spinesoftsettle.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET recordedthereby.com/sfp.js

188.114.97.1

200 OK

28 kB

URL GET HTTP/2
recordedthereby.com/sfp.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerGoogle Trust Services
Subjectrecordedthereby.com
Fingerprint76:BA:7B:D2:DF:8D:D1:44:66:52:F9:0D:A1:78:12:89:6C:3F:0F:03
ValidityTue, 03 Sep 2024 16:10:32 GMT - Mon, 02 Dec 2024 16:10:31 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
28 kB (27486 bytes)
Hash
7e3e44049654b6e244c1777e68ffb8e7
8f2a8298666d607afd92a0baa362ef4dc9ccd039
4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 14 Sep 2024 20:32:04 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache, max-age=0, private, no-cache
x-request-id: 4157d3253f0b724cca24a6bdbbdcbc7b
pragma: no-cache
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jXynfJ0qC3ZuWA6LI5k5lPDdp5BJjLt%2Fbsoy3q3agZON7FPK2XDtKjwAMTqEr73Nf2XVMsHXwTCTlwD%2BQyQ0%2FOY8Sbuv1Dpziu%2BDYy1un%2Bk0%2BrTB3qOCy%2Bj4XCApVi83PgqSyvK6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c3324eae91b56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__en.js

142.250.74.99

200 OK

217 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__en.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintA8:8E:91:B3:04:E9:C9:F3:CD:3D:27:83:B0:53:22:C0:21:23:9A:92
ValidityMon, 12 Aug 2024 07:17:58 GMT - Mon, 04 Nov 2024 07:17:57 GMT

File type
data
Size
217 kB (217247 bytes)
Hash
c7be68088b0a823f1a4c1f77c702d1b4
05d42d754afd21681c0e815799b88fbe1fbabf4e
4943e91f7f53318d481ca07297395abbc52541c2be55d7276ecda152cd7ad9c3

HTTP Headers

GET /recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.com
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 217247
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 14 Sep 2024 18:06:21 GMT
expires: Sun, 14 Sep 2025 18:06:21 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Sep 2024 02:00:38 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 8743
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

64.233.161.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
64.233.161.84:443
ASN
#15169 GOOGLE

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintFF:C5:DA:5A:24:6E:9C:B7:EB:4E:04:0B:B3:01:2E:05:BA:5B:53:53
ValidityMon, 12 Aug 2024 07:19:44 GMT - Mon, 04 Nov 2024 07:19:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:kAdUWCFMK9WkXAg1hSpIa6wx1FNrKg:NASv-M6YbrfqBMr5; Expires=Mon, 14-Sep-2026 20:32:04 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 14 Sep 2024 20:32:04 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARpgrqfh6NGgFjwv-1zTDLytptLQr2zwHUwuqVtT8GlQfOMINXu5hdJ3nRQVFrVjHLUuBr-V9z0MgQ
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-zOxlkE_Qo6DWYA8aiHVNfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
6fe25d277ff1f77f9fa6a63b06be15e5
6680315d6bcd89fde1f6d7c7515fbfd6c0c9554c
8c93b53d79607cae8484c21a1194c20cbd47f48287c7cd3177ef3238f461fc4b

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "8C93B53D79607CAE8484C21A1194C20CBD47F48287C7CD3177EF3238F461FC4B"
Last-Modified: Thu, 12 Sep 2024 15:05:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7169
Expires: Sat, 14 Sep 2024 22:31:33 GMT
Date: Sat, 14 Sep 2024 20:32:04 GMT
Connection: keep-alive

GET honourprecisionsuited.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRitzgYvK8LqggcV%2Bqiis909k57EPYi7MRoSd9ddRT2F6qrqSTnVXW1V%2F0zmFAzIHodF8Np5k2xwd5Hdi3hxkUnAw4KQ8ZSDuXn1oOJZZgyOftD9vfe9r%2BDxqr7YLU5JEwU9WX5P96VS9NJCw3Nf%2Ftj3L7vrMi16bm8x3Ahbl11TvrEUNrxX3HcE6%2BpLged7nu%2F57oo0Ita9SxMRMnuw5DeWvEYraPgLLfTM%2F7ktHFjqgJen5FlIPp4%2Fci5CshHS5OGysN1cZ6%2B9nRSK5tqg5Acfpt1UVymSGYyNgzg9ONuGtscrj6HT%2Fald6PLfxUiOifPjY0TpwZlJROXe1GekIFJE%2FDyqcgShRpB0BKZ3IPkxARjHtetIk7vXtKno1j8qnahjMv%2FXH5DVmMz%2FchFp8s0VJXvuLa2KXOrUohfXkL0RZGeErDhE3p%2BDrA7B8s8h%2BU%2FEe%2F480uT%2Bu4fflbLrlsJ0IXk9jUDKEWQ8ghIDUOugmHzSQRE7KDIHCT9xme%2F7bY8z6i0uMdbkbRGF3PNpO%2Fap74WLKNjE5QB5NgBTAzCzjcxsoysHMMUPsJs1LHdg8zFx3t9GyWtUgqCyBBUlqCRBlRNUZb3PlQ1sfZcrW0T%2BWQ%2FOerMe6ryzS%2Fd13hEpATUDGF7vyewzuwOWnxv2Y7s21LHlu9kpuTCN7s9QoytO3CBoUd6ifitqRf4C89tBGMdtb0GwsB0IGsLKR1dXXm8G7cWNjkiFoWrDh7Rz01z68vi5DJk8fvpFRPQQVh2CyQugxUugVQ26WaOfPuQi01bmsVTCNphOwHWNLJ9HvuXsqlPywtTS2lf3INgTclZgpkZmanwqjwg66vbwpq7I3k1dWfLoepbLRPbp5KZv5TQXT91bE1uVNnx12Q6%2BfotNhAl88IGw%2BTpNuUw7lty%2FIjkXZkUbJsj3q%2FYjEd0o7OaVwqRFtn7j6spqkhlhrdTpCFQef3IHTI7JM9%2BuT5%2Fwq%2B5vkGYEU9RIiplTqUdg2TZsNptZTWDUjEeZg6qohyaIZkMlCZSYcRrVsP%2Fh0QwPDZ2cprLetbfRMXOg%2BQ7SpEZpapSqBlUD2OLcMM%2FMkzd%2Fbk4LkZobRsrM7UXKqDvTkCe%2FL2HlidtuNj0aLi347TYV7agVLMahzykNWmEQhrSJ3I7jX38%2F%2BjsAAP%2F%2Fw9UCjpwEAAA%3D

192.243.61.227

200 OK

7 B

URL GET HTTP/1.1
honourprecisionsuited.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRitzgYvK8LqggcV%2Bqiis909k57EPYi7MRoSd9ddRT2F6qrqSTnVXW1V%2F0zmFAzIHodF8Np5k2xwd5Hdi3hxkUnAw4KQ8ZSDuXn1oOJZZgyOftD9vfe9r%2BDxqr7YLU5JEwU9WX5P96VS9NJCw3Nf%2Ftj3L7vrMi16bm8x3Ahbl11TvrEUNrxX3HcE6%2BpLged7nu%2F57oo0Ita9SxMRMnuw5DeWvEYraPgLLfTM%2F7ktHFjqgJen5FlIPp4%2Fci5CshHS5OGysN1cZ6%2B9nRSK5tqg5Acfpt1UVymSGYyNgzg9ONuGtscrj6HT%2Fald6PLfxUiOifPjY0TpwZlJROXe1GekIFJE%2FDyqcgShRpB0BKZ3IPkxARjHtetIk7vXtKno1j8qnahjMv%2FXH5DVmMz%2FchFp8s0VJXvuLa2KXOrUohfXkL0RZGeErDhE3p%2BDrA7B8s8h%2BU%2FEe%2F480uT%2Bu4fflbLrlsJ0IXk9jUDKEWQ8ghIDUOugmHzSQRE7KDIHCT9xme%2F7bY8z6i0uMdbkbRGF3PNpO%2Fap74WLKNjE5QB5NgBTAzCzjcxsoysHMMUPsJs1LHdg8zFx3t9GyWtUgqCyBBUlqCRBlRNUZb3PlQ1sfZcrW0T%2BWQ%2FOerMe6ryzS%2Fd13hEpATUDGF7vyewzuwOWnxv2Y7s21LHlu9kpuTCN7s9QoytO3CBoUd6ifitqRf4C89tBGMdtb0GwsB0IGsLKR1dXXm8G7cWNjkiFoWrDh7Rz01z68vi5DJk8fvpFRPQQVh2CyQugxUugVQ26WaOfPuQi01bmsVTCNphOwHWNLJ9HvuXsqlPywtTS2lf3INgTclZgpkZmanwqjwg66vbwpq7I3k1dWfLoepbLRPbp5KZv5TQXT91bE1uVNnx12Q6%2BfotNhAl88IGw%2BTpNuUw7lty%2FIjkXZkUbJsj3q%2FYjEd0o7OaVwqRFtn7j6spqkhlhrdTpCFQef3IHTI7JM9%2BuT5%2Fwq%2B5vkGYEU9RIiplTqUdg2TZsNptZTWDUjEeZg6qohyaIZkMlCZSYcRrVsP%2Fh0QwPDZ2cprLetbfRMXOg%2BQ7SpEZpapSqBlUD2OLcMM%2FMkzd%2Fbk4LkZobRsrM7UXKqDvTkCe%2FL2HlidtuNj0aLi347TYV7agVLMahzykNWmEQhrSJ3I7jX38%2F%2BjsAAP%2F%2Fw9UCjpwEAAA%3D
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjecthonourprecisionsuited.com
Fingerprint8B:36:A0:64:CE:3F:D1:E0:17:8F:FD:58:5E:8B:51:25:D2:7F:79:C4
ValidityFri, 09 Aug 2024 05:43:18 GMT - Thu, 07 Nov 2024 05:43:17 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRitzgYvK8LqggcV%2Bqiis909k57EPYi7MRoSd9ddRT2F6qrqSTnVXW1V%2F0zmFAzIHodF8Np5k2xwd5Hdi3hxkUnAw4KQ8ZSDuXn1oOJZZgyOftD9vfe9r%2BDxqr7YLU5JEwU9WX5P96VS9NJCw3Nf%2Ftj3L7vrMi16bm8x3Ahbl11TvrEUNrxX3HcE6%2BpLged7nu%2F57oo0Ita9SxMRMnuw5DeWvEYraPgLLfTM%2F7ktHFjqgJen5FlIPp4%2Fci5CshHS5OGysN1cZ6%2B9nRSK5tqg5Acfpt1UVymSGYyNgzg9ONuGtscrj6HT%2Fald6PLfxUiOifPjY0TpwZlJROXe1GekIFJE%2FDyqcgShRpB0BKZ3IPkxARjHtetIk7vXtKno1j8qnahjMv%2FXH5DVmMz%2FchFp8s0VJXvuLa2KXOrUohfXkL0RZGeErDhE3p%2BDrA7B8s8h%2BU%2FEe%2F480uT%2Bu4fflbLrlsJ0IXk9jUDKEWQ8ghIDUOugmHzSQRE7KDIHCT9xme%2F7bY8z6i0uMdbkbRGF3PNpO%2Fap74WLKNjE5QB5NgBTAzCzjcxsoysHMMUPsJs1LHdg8zFx3t9GyWtUgqCyBBUlqCRBlRNUZb3PlQ1sfZcrW0T%2BWQ%2FOerMe6ryzS%2Fd13hEpATUDGF7vyewzuwOWnxv2Y7s21LHlu9kpuTCN7s9QoytO3CBoUd6ifitqRf4C89tBGMdtb0GwsB0IGsLKR1dXXm8G7cWNjkiFoWrDh7Rz01z68vi5DJk8fvpFRPQQVh2CyQugxUugVQ26WaOfPuQi01bmsVTCNphOwHWNLJ9HvuXsqlPywtTS2lf3INgTclZgpkZmanwqjwg66vbwpq7I3k1dWfLoepbLRPbp5KZv5TQXT91bE1uVNnx12Q6%2BfotNhAl88IGw%2BTpNuUw7lty%2FIjkXZkUbJsj3q%2FYjEd0o7OaVwqRFtn7j6spqkhlhrdTpCFQef3IHTI7JM9%2BuT5%2Fwq%2B5vkGYEU9RIiplTqUdg2TZsNptZTWDUjEeZg6qohyaIZkMlCZSYcRrVsP%2Fh0QwPDZ2cprLetbfRMXOg%2BQ7SpEZpapSqBlUD2OLcMM%2FMkzd%2Fbk4LkZobRsrM7UXKqDvTkCe%2FL2HlidtuNj0aLi347TYV7agVLMahzykNWmEQhrSJ3I7jX38%2F%2BjsAAP%2F%2Fw9UCjpwEAAA%3D HTTP/1.1
Host: honourprecisionsuited.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Sep 2024 20:32:04 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 3f8b9b5062fe987118490a6a208378ef
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
01d9a731bc6b2a107199732c4dcdf29e
700784286c65150dc48c583ff032ec7e8a6d5a5b
ca4047a12ad233b40f44467a506e19ed4312ffd13b5b3de2594aeabb37bdcdb5

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "CA4047A12AD233B40F44467A506E19ED4312FFD13B5B3DE2594AEABB37BDCDB5"
Last-Modified: Fri, 13 Sep 2024 15:59:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6012
Expires: Sat, 14 Sep 2024 22:12:16 GMT
Date: Sat, 14 Sep 2024 20:32:04 GMT
Connection: keep-alive

GET superonclick.com/script/native_server.js

172.67.189.120

200 OK

3.0 kB

URL GET HTTP/2
superonclick.com/script/native_server.js
IP
172.67.189.120:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adsbb.dfiles.com/upload/2401/ad27972995eacd9f.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9
Certificate
IssuerGoogle Trust Services
Subjectsuperonclick.com
Fingerprint79:7C:A6:1E:76:ED:27:B4:79:28:63:F3:5D:2E:A5:68:B5:64:C3:AD
ValidityFri, 26 Jul 2024 23:14:02 GMT - Thu, 24 Oct 2024 23:14:01 GMT

File type
JavaScript source, ASCII text, with very long lines (9260), with no line terminators
Size
3.0 kB (3017 bytes)
Hash
51d87e9ebd831fccab6a016079a60793
6b49820f3423d2414f0404523439159070564f40
e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd

HTTP Headers

GET /script/native_server.js HTTP/1.1
Host: superonclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Sep 2024 20:32:04 GMT
content-type: application/javascript
x-goog-generation: 1550052952705094
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9260
x-goog-hash: crc32c=RAjq/g==, md5=Udh+nr2DH8yragFgeaYHkw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
x-guploader-uploadid: ABPtcPowG7mWJBXWL8dWT4Efq5Hw2glETkiZ_NuV5Mj2b2gk6nL1IVgg5dvZ-WEtUmLJp8MOfHmR4te5PQ
expires: Sat, 14 Sep 2024 19:52:40 GMT
cache-control: public, max-age=14400
age: 2921
last-modified: Wed, 13 Feb 2019 10:15:52 GMT
etag: W/"51d87e9ebd831fccab6a016079a60793"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7FtLql6j3SvhnSLKPMrLhKb%2BuqMbOyIxCIJA5MiSQWAc7iMd2NlHVQK5yQCldfyjarYT9K%2Fk8CwyruW7SDw06XDh7aKytCbg5wbiCpAtp1naXm0Ggx5k%2Bd6YrH%2F8G42NvM9w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c3324ed0b18569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET e017807b72.5437c7c977.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI1NDY1MTEwMDc1ODA5OTI3MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTI3LjUiLCJ0YWdfaWQiOjQ2NDQ1LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuODIsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MH0=

45.133.44.52

200 OK

0 B

URL GET HTTP/2
e017807b72.5437c7c977.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI1NDY1MTEwMDc1ODA5OTI3MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTI3LjUiLCJ0YWdfaWQiOjQ2NDQ1LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuODIsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MH0=
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjecte017807b72.5437c7c977.com
FingerprintEE:A7:93:07:36:4D:24:41:34:FE:AC:A2:A9:B8:6E:A1:B3:06:A7:3B
ValidityWed, 11 Sep 2024 02:52:52 GMT - Tue, 10 Dec 2024 02:52:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI1NDY1MTEwMDc1ODA5OTI3MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTI3LjUiLCJ0YWdfaWQiOjQ2NDQ1LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuODIsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MH0= HTTP/1.1
Host: e017807b72.5437c7c977.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.com
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Sep 2024 20:32:05 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
x-cdn-host-id: ds9225
X-Firefox-Spdy: h2

OPTIONS fp.metricswpsh.com/fp?tag_id=46445

157.90.84.242

204 No Content

36 B

URL OPTIONS HTTP/1.1
fp.metricswpsh.com/fp?tag_id=46445
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint45:52:8C:9D:57:BA:65:CC:D6:E3:BA:47:79:D3:57:FC:CA:CB:04:0B
ValiditySun, 18 Aug 2024 04:34:54 GMT - Sat, 16 Nov 2024 04:34:53 GMT

File type
JSON text data
Size
36 B (36 bytes)
Hash
0849660b654e3a313882a44c0e7dc08a
b1493d6ce204eb99837d9b33849d1458093a6e6d
6e73b83ae8fcdaf81421a4236c9f817a9e4ea0fa931bf696f72872b266bd83e6

HTTP Headers

POST /fp?tag_id=46445 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1882
Origin: https://dfiles.com
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 500 Internal Server Error
Server: nginx/1.20.1
Date: Sat, 14 Sep 2024 20:32:05 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 36
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://dfiles.com
Vary: Origin

GET accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ARpgrqdU3vkKJQJ7C46jEBDk2X9kfUY-a-MV-1Um6RtgnT9QKPwYLylXWuGtjazRBPkHDrhzfeGjJA

64.233.161.84

302 Found

419 B

URL GET HTTP/3
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ARpgrqdU3vkKJQJ7C46jEBDk2X9kfUY-a-MV-1Um6RtgnT9QKPwYLylXWuGtjazRBPkHDrhzfeGjJA
IP
64.233.161.84:443
ASN
#15169 GOOGLE

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint97:72:B0:50:D3:11:5A:F7:A4:3E:14:43:9B:9B:DA:05:44:40:58:1C
ValidityMon, 12 Aug 2024 06:33:49 GMT - Mon, 04 Nov 2024 06:33:48 GMT

File type
HTML document, ASCII text, with very long lines (388)
Size
419 B (419 bytes)
Hash
e16feb98c2d4d3bea679cf73af76dd42
7c34542421819c43e23bf9121be732840ffb16dd
b235099f01bb8fd190fc8800d48d8b188372bd8373c4a5a0405b50cd60364ce5

HTTP Headers

GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ARpgrqdU3vkKJQJ7C46jEBDk2X9kfUY-a-MV-1Um6RtgnT9QKPwYLylXWuGtjazRBPkHDrhzfeGjJA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:4kOPvWDKthZbirwSMPRys85OeFhNrQ:W8aIGnvcWNsJpUXS;Path=/;Expires=Mon, 14-Sep-2026 20:32:05 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 14 Sep 2024 20:32:05 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARpgrqfOUwEwzRlZ87v3IatTabVAL_W4keL68KaQlolPeCkSUSSYnZUvG6w33NVQmVTTnx1Qf3Zz&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-333496797%3A1726345925244727&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-dHL2SDiQWPP6mhIotZLfNw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 419
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARpgrqfh6NGgFjwv-1zTDLytptLQr2zwHUwuqVtT8GlQfOMINXu5hdJ3nRQVFrVjHLUuBr-V9z0MgQ

64.233.161.84

302 Found

417 B

URL GET HTTP/3
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARpgrqfh6NGgFjwv-1zTDLytptLQr2zwHUwuqVtT8GlQfOMINXu5hdJ3nRQVFrVjHLUuBr-V9z0MgQ
IP
64.233.161.84:443
ASN
#15169 GOOGLE

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint97:72:B0:50:D3:11:5A:F7:A4:3E:14:43:9B:9B:DA:05:44:40:58:1C
ValidityMon, 12 Aug 2024 06:33:49 GMT - Mon, 04 Nov 2024 06:33:48 GMT

File type
HTML document, ASCII text, with very long lines (391)
Size
417 B (417 bytes)
Hash
fab8225a4c19de214b42971036bb6bc5
fef71456adfdfc7a4cfa750188a657e0c2832637
bd3a657beffe385e5b6ad13d49c8edf0a17e4d583c77ea9516e8019dabe7c827

HTTP Headers

GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARpgrqfh6NGgFjwv-1zTDLytptLQr2zwHUwuqVtT8GlQfOMINXu5hdJ3nRQVFrVjHLUuBr-V9z0MgQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:exSEUt5mB9zG710lEqOeDKP7x7d1aw:KK3r1wle7wOgZ-Mx;Path=/;Expires=Mon, 14-Sep-2026 20:32:05 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 14 Sep 2024 20:32:05 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARpgrqetL6bF2sgSmUXsto5DEmROasO4tIjeyGpjCOOLjfrQhjsNnF75hgqfYxe1Fv78MGEXfPsa&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S806485037%3A1726345925246142&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-v2miU9o8JMhqprqVSFkGTw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 417
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/img/1.jpg

104.21.70.253

200 OK

22 kB

URL GET HTTP/2
cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/img/1.jpg
IP
104.21.70.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerGoogle Trust Services
Subjectcreative-bars1.com
FingerprintEB:E3:F6:A0:02:C0:06:0B:03:19:9C:E4:96:53:32:2F:22:2E:29:46
ValiditySun, 11 Aug 2024 15:14:55 GMT - Sat, 09 Nov 2024 15:14:54 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x320, components 3
Size
22 kB (21597 bytes)
Hash
7bcc800a4957dac955e91ce1ee3b73cd
b1fae2cacecc790a22f91e2320077f89707473b1
760783cbcd04b3b7ef5f6b10a24878869d061709e4511ccada113b532833243d

HTTP Headers

GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/img/1.jpg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 14 Sep 2024 20:32:05 GMT
content-type: image/jpeg
content-length: 21597
last-modified: Thu, 01 Feb 2024 14:55:47 GMT
etag: "65bbb0f3-545d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 457666
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h4%2BJJosCGOsp9G6s%2BGxXdo8fRdJvYUkfP%2FT%2F7%2FoP8UhlJVusuaB%2B9uU0D9%2BX%2FHdKsEU3bdms5PdNXfywsw8TD9C0s3E8dVIvEsJoKjKUGf2CoomLjo1i9ENvdiAGhAWM%2BuZjlZNNZoNQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c3324f17f0d712b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET honourprecisionsuited.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-creative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fab%2F1%2Findex.html&l=1571&fd=356

192.243.61.227

200 OK

0 B

URL GET HTTP/1.1
honourprecisionsuited.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-creative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fab%2F1%2Findex.html&l=1571&fd=356
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjecthonourprecisionsuited.com
Fingerprint8B:36:A0:64:CE:3F:D1:E0:17:8F:FD:58:5E:8B:51:25:D2:7F:79:C4
ValidityFri, 09 Aug 2024 05:43:18 GMT - Thu, 07 Nov 2024 05:43:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-creative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fab%2F1%2Findex.html&l=1571&fd=356 HTTP/1.1
Host: honourprecisionsuited.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Sep 2024 20:32:05 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET honourprecisionsuited.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fcss%2Fanimate.css&l=79245&fd=131

192.243.61.227

200 OK

0 B

URL GET HTTP/1.1
honourprecisionsuited.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fcss%2Fanimate.css&l=79245&fd=131
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjecthonourprecisionsuited.com
Fingerprint8B:36:A0:64:CE:3F:D1:E0:17:8F:FD:58:5E:8B:51:25:D2:7F:79:C4
ValidityFri, 09 Aug 2024 05:43:18 GMT - Thu, 07 Nov 2024 05:43:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fcss%2Fanimate.css&l=79245&fd=131 HTTP/1.1
Host: honourprecisionsuited.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Sep 2024 20:32:05 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.99

200 OK

18 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintA8:8E:91:B3:04:E9:C9:F3:CD:3D:27:83:B0:53:22:C0:21:23:9A:92
ValidityMon, 12 Aug 2024 07:17:58 GMT - Mon, 04 Nov 2024 07:17:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18536, version 1.0
Size
18 kB (18536 bytes)
Hash
8eff0b8045fd1959e117f85654ae7770
227fee13ceb7c410b5c0bb8000258b6643cb6255
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

HTTP Headers

GET /s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dfiles.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18536
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Sep 2024 15:44:29 GMT
expires: Fri, 12 Sep 2025 15:44:29 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
age: 190056
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.99

200 OK

19 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintA8:8E:91:B3:04:E9:C9:F3:CD:3D:27:83:B0:53:22:C0:21:23:9A:92
ValidityMon, 12 Aug 2024 07:17:58 GMT - Mon, 04 Nov 2024 07:17:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18596, version 1.0
Size
19 kB (18596 bytes)
Hash
c83e4437a53d7f849f9d32df3d6b68f3
fabea5ad92ed3e2431659b02e7624df30d0c6bbc
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

HTTP Headers

GET /s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dfiles.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18596
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Sep 2024 15:23:32 GMT
expires: Fri, 12 Sep 2025 15:23:32 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
age: 191313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

192.243.61.227

200 OK

0 B

URL GET HTTP/1.1
honourprecisionsuited.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fcss%2Fstyle.css&l=3630&fd=137
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjecthonourprecisionsuited.com
Fingerprint8B:36:A0:64:CE:3F:D1:E0:17:8F:FD:58:5E:8B:51:25:D2:7F:79:C4
ValidityFri, 09 Aug 2024 05:43:18 GMT - Thu, 07 Nov 2024 05:43:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fcss%2Fstyle.css&l=3630&fd=137 HTTP/1.1
Host: honourprecisionsuited.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Sep 2024 20:32:05 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET honourprecisionsuited.com/pixel/sbs?c=1

192.243.61.227

200 OK

0 B

URL GET HTTP/1.1
honourprecisionsuited.com/pixel/sbs?c=1
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjecthonourprecisionsuited.com
Fingerprint8B:36:A0:64:CE:3F:D1:E0:17:8F:FD:58:5E:8B:51:25:D2:7F:79:C4
ValidityFri, 09 Aug 2024 05:43:18 GMT - Thu, 07 Nov 2024 05:43:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: honourprecisionsuited.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Sep 2024 20:32:05 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

192.243.61.227

200 OK

0 B

URL GET HTTP/1.1
honourprecisionsuited.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fjs%2Fscript.js&l=386&fd=129
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjecthonourprecisionsuited.com
Fingerprint8B:36:A0:64:CE:3F:D1:E0:17:8F:FD:58:5E:8B:51:25:D2:7F:79:C4
ValidityFri, 09 Aug 2024 05:43:18 GMT - Thu, 07 Nov 2024 05:43:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fjs%2Fscript.js&l=386&fd=129 HTTP/1.1
Host: honourprecisionsuited.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Sep 2024 20:32:05 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET discovernative.com/script/native.php?nwpsv=1&r=8033562&cbrandom=0.5296151996385043&cbWidth=240&cbHeight=800&cbtitle=&cbref=https%3A%2F%2Fdfiles.com%2F&cbdescription=DepositFiles+provides+you+with+a+legitimate+technical+solution%2C+which++enables+you+to+upload%2C+store%2C+access+and+download+text%2C+software%2C++scripts%2C+images%2C+sounds%2C+videos%2C+animations+and+any+other+materials+in+form+of+one+or+several+electronic+files.&cbkeywords=&cbiframe=1&callback=jsonp496473&wthnfp=1&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits

172.67.150.145

2.2 kB

URL GET
discovernative.com/script/native.php?nwpsv=1&r=8033562&cbrandom=0.5296151996385043&cbWidth=240&cbHeight=800&cbtitle=&cbref=https%3A%2F%2Fdfiles.com%2F&cbdescription=DepositFiles+provides+you+with+a+legitimate+technical+solution%2C+which++enables+you+to+upload%2C+store%2C+access+and+download+text%2C+software%2C++scripts%2C+images%2C+sounds%2C+videos%2C+animations+and+any+other+materials+in+form+of+one+or+several+electronic+files.&cbkeywords=&cbiframe=1&callback=jsonp496473&wthnfp=1&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits
IP
172.67.150.145:0
ASN
#13335 CLOUDFLARENET

Requested by
https://adsbb.dfiles.com/upload/2401/ad27972995eacd9f.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9
Certificate
IssuerGoogle Trust Services
Subjectdiscovernative.com
FingerprintBD:21:96:6A:E2:39:75:A0:93:60:DE:70:92:3E:4E:10:DB:DF:5C:3D
ValidityMon, 26 Aug 2024 18:13:02 GMT - Sun, 24 Nov 2024 18:13:01 GMT

File type
gzip compressed data, max compression, from Unix
Size
2.2 kB (2220 bytes)
Hash
a037fa698e82dd7302a1d57ab159dfcd
eaea5be3a8b7c904a0738889ee5a73fb6596f917
a1a86ca8daa0f84a4f5cfc24db6c64d90055c43b4880689df0df1567ecd369ae

HTTP Headers

GET /script/native.php?nwpsv=1&r=8033562&cbrandom=0.5296151996385043&cbWidth=240&cbHeight=800&cbtitle=&cbref=https%3A%2F%2Fdfiles.com%2F&cbdescription=DepositFiles+provides+you+with+a+legitimate+technical+solution%2C+which++enables+you+to+upload%2C+store%2C+access+and+download+text%2C+software%2C++scripts%2C+images%2C+sounds%2C+videos%2C+animations+and+any+other+materials+in+form+of+one+or+several+electronic+files.&cbkeywords=&cbiframe=1&callback=jsonp496473&wthnfp=1&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits HTTP/1.1
Host: discovernative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 14 Sep 2024 20:32:05 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Content-Type
link: <//discovernative.com>; rel=dns-prefetch,<//discovernative.com>; rel=preconnect,<//cdnativ.com>; rel=dns-prefetch,<//cdnativ.com>; rel=preconnect
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SZ9luBLwzV533zRfi7l731sMcS3N5Ds92F97eudT%2BJWSHjmaIpkL0D%2BH%2FWu3YsDn3vnhOj694nVFwiunEZYHCegMsXWgYOyFszSrLEJguxlUhzk0HzboA4wRG%2BlYTAdiq52ykn8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c3324f2bd59569b-OSL
alt-svc: h3=":443"; ma=86400

GET cdnativ.com/extban/280033020/creatives/23427468/a6c50d87607b3c8d881ec5f07e82296e_5239.jpg

104.21.1.203

62 kB

URL GET
cdnativ.com/extban/280033020/creatives/23427468/a6c50d87607b3c8d881ec5f07e82296e_5239.jpg
IP
104.21.1.203:0
ASN
#13335 CLOUDFLARENET

Requested by
https://adsbb.dfiles.com/upload/2401/ad27972995eacd9f.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9
Certificate
IssuerGoogle Trust Services
Subjectcdnativ.com
Fingerprint5B:DC:F8:73:52:9B:7E:F7:70:69:10:D1:1C:EF:87:A9:17:C3:C3:3E
ValidityTue, 20 Aug 2024 12:03:02 GMT - Mon, 18 Nov 2024 12:03:01 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 500x500, components 3
Size
62 kB (62085 bytes)
Hash
a6c50d87607b3c8d881ec5f07e82296e
5b5b6ff9c3707f1937bd04ad1d2bf106770a4292
cdd39a076c9b5fe061e5a51a06af8a5146da67fc930cc9c061cffd2aff2e6fa2

HTTP Headers

GET /extban/280033020/creatives/23427468/a6c50d87607b3c8d881ec5f07e82296e_5239.jpg HTTP/1.1
Host: cdnativ.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 14 Sep 2024 20:32:06 GMT
content-type: image/jpeg
last-modified: Sun, 06 Mar 2022 12:19:36 GMT
etag: W/"6224a6d8-f3d5"
content-encoding: gzip
via: 1.1 google
cache-control: max-age=14400
cf-cache-status: HIT
age: 6386
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fcZnIRSqPTv9wlL6Acf%2F4i4jazFj7IyiAbI4JfAgWcnqMco0i0NVqHXPHqjMN%2FGAk2iRwVXfoWihObtKEcxrLXu6xhRSIvkAVoBv44a1BrSfUx8FS%2FPoAc%2BRFtv38A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c3324f65fbf5691-OSL
alt-svc: h3=":443"; ma=86400

GET cdn.cookie-script.com/iabtcf/2.2/sdk_cmp.js

146.185.171.17

200 OK

24 kB

URL GET HTTP/2
cdn.cookie-script.com/iabtcf/2.2/sdk_cmp.js
IP
146.185.171.17:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerSectigo Limited
Subject*.cookie-script.com
Fingerprint00:77:B0:22:0D:F2:5B:E8:6B:7D:64:F2:7E:BE:3C:99:3F:24:6A:18
ValidityWed, 17 Jul 2024 00:00:00 GMT - Sun, 17 Aug 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (46333)
Size
24 kB (23965 bytes)
Hash
d25337f1b7516581bccf8f576539b2c7
4dcec87867e4010c08cf459ace716ad562f38d62
6d4d87335ff64dda49c994d86406cf54ce0bcfd161c5cb20f99a68cc498b2710

HTTP Headers

GET /iabtcf/2.2/sdk_cmp.js HTTP/1.1
Host: cdn.cookie-script.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 14 Sep 2024 20:32:06 GMT
content-type: text/javascript
content-length: 23965
last-modified: Tue, 18 Jun 2024 05:56:13 GMT
etag: "17170-61b23bd4c40d2-gzip"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
x-cache-status: HIT
x-server: n3
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET consent.cookie-script.com/analytics?action=firstshown&time=1726345926613&script=962e36ace9b4601f1f51f3e2010e41b9&category=

116.203.90.127

200 OK

47 B

URL GET HTTP/2
consent.cookie-script.com/analytics?action=firstshown&time=1726345926613&script=962e36ace9b4601f1f51f3e2010e41b9&category=
IP
116.203.90.127:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerSectigo Limited
Subject*.cookie-script.com
Fingerprint00:77:B0:22:0D:F2:5B:E8:6B:7D:64:F2:7E:BE:3C:99:3F:24:6A:18
ValidityWed, 17 Jul 2024 00:00:00 GMT - Sun, 17 Aug 2025 23:59:59 GMT

File type
JSON text data
Size
47 B (47 bytes)
Hash
fe5f72f0b49ef233e87c58a2143a6999
27ed0767d9277bf2ed2dd64d50015ace7207adf9
2af93a578694f48fca610c2ca59544280037797aabc58692675601e2f38151f7

HTTP Headers

GET /analytics?action=firstshown&time=1726345926613&script=962e36ace9b4601f1f51f3e2010e41b9&category= HTTP/1.1
Host: consent.cookie-script.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.com
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 14 Sep 2024 20:32:07 GMT
content-type: application/json
content-length: 47
x-amzn-trace-id: Root=1-66e5f2c6-4e2ce524059a1c5360471ddb;Parent=792be97051f11e3a;Sampled=0;lineage=1:a8669a4e:0
x-amzn-requestid: f132e48a-8932-4f61-be67-32f1671053ba
access-control-allow-origin: *
x-amz-apigw-id: eHLfGGhKjoEENhw=
x-cache: Miss from cloudfront
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: -9wS8frjcSImVpGiFP0Vzf0aW7C929Ow5T3zpur62XArqCTg-L40eQ==
X-Firefox-Spdy: h2

GET storage.multstorage.com/log/count.html

172.67.174.51

200 OK

391 B

URL GET HTTP/2
storage.multstorage.com/log/count.html
IP
172.67.174.51:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerGoogle Trust Services
Subjectmultstorage.com
FingerprintEC:97:20:D2:72:15:19:01:A7:06:81:2C:AE:88:84:94:6B:32:72:AD
ValidityTue, 10 Sep 2024 06:26:54 GMT - Mon, 09 Dec 2024 06:26:53 GMT

File type
HTML document, ASCII text, with very long lines (700)
Size
391 B (391 bytes)
Hash
b728ca9cd183d1b7c3f72116b19b22a3
c1fd73f6b02cf00b8bc60b09cc99495e8494b739
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2

HTTP Headers

GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Sep 2024 20:32:04 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: 4c096b45a96cf7eefdcb96c678103376
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f2ZAZf1gHiQyh8zk6HISPRPrLQqY3A8G1OQUPsHdWuvMbQivDT6wLLklbiLrgQbQ%2BelClkwUJX8nja06GzV%2BOhv%2FSrRTdv5H4ANpRuhRYoOLH6n1If4nfbQoyP7lqwxfhR1zONp6r5te1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c3324edfca3568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET unseenreport.com/pxf.gif?uuid=a1eefd0b-1c8d-47b7-9342-9e3825aee9b5&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20

192.243.59.12

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=a1eefd0b-1c8d-47b7-9342-9e3825aee9b5&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintD9:3D:28:C1:14:1B:2B:53:0E:E4:3E:FC:88:7A:FF:9C:45:4B:63:C7
ValiditySat, 20 Jul 2024 14:59:20 GMT - Fri, 18 Oct 2024 14:59:19 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=a1eefd0b-1c8d-47b7-9342-9e3825aee9b5&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Sep 2024 20:32:07 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 63c13a9b41823af27d235083c836033d
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.170

200 OK

8.1 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint9F:01:79:20:AD:58:33:6E:BF:F2:BF:DA:69:ED:BD:8D:19:F9:2D:D9
ValidityMon, 12 Aug 2024 07:18:03 GMT - Mon, 04 Nov 2024 07:18:02 GMT

File type
gzip compressed data, max compression
Size
8.1 kB (8139 bytes)
Hash
6e41e71b5b6bacb40e47f03ebcd94dea
51def0972c17db0bc3c8c2fac70c7d7656c7ad0c
033663fb5fc3d3dbc846d90876a307661cebd70a779a53aeb2783a3399a01836

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 14 Sep 2024 20:32:05 GMT
date: Sat, 14 Sep 2024 20:32:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET ukankingwithea.com/

188.114.97.1

200 OK

27 B

URL GET HTTP/2
ukankingwithea.com/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint1E:50:56:01:B8:4D:0D:64:A3:5D:F9:E4:4A:5D:AE:8D:5E:FC:FB:FC
ValidityThu, 05 Sep 2024 11:45:15 GMT - Wed, 04 Dec 2024 11:45:14 GMT

File type
ASCII text, with no line terminators
Size
27 B (27 bytes)
Hash
a7dac2a6100951fd3c67ab22d94301a9
049ae9f567483e1596cee18b8239de6e659aab6e
bdd0773427f0fc6461fbeb83c5795ae99173802714a25d3472a7894a0140dbdb

HTTP Headers

GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.com/
Origin: https://dfiles.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Sep 2024 20:32:04 GMT
content-type: text/plain
set-cookie: csu=2070530194864787@1@1726345924; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://dfiles.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LYOb%2BGBPW7RjXI%2Bu2nNvU3iMC0aNpopU3xAPgw48sxy%2B1YifVaGnYT%2BUpr9M3F6LYqi6wFykT1%2FoCW3FtTGj4xdbg4d9wy7ZOkp31qZ6bZkS%2F1%2BdY8lqLQeuVBkkx0TpjAal5j8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c3324ed7fb4b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET superonclick.com/script/style.js

172.67.189.120

200 OK

41 kB

URL GET HTTP/3
superonclick.com/script/style.js
IP
172.67.189.120:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adsbb.dfiles.com/upload/2401/ad27972995eacd9f.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9
Certificate
IssuerGoogle Trust Services
Subjectsuperonclick.com
Fingerprint79:7C:A6:1E:76:ED:27:B4:79:28:63:F3:5D:2E:A5:68:B5:64:C3:AD
ValidityFri, 26 Jul 2024 23:14:02 GMT - Thu, 24 Oct 2024 23:14:01 GMT

File type
JavaScript source, ASCII text, with very long lines (41251)
Size
41 kB (41280 bytes)
Hash
f6f9c433637f7abffaf0eb918b83874c
b2fe86ef85e729459425dcbfa683682188fca3ef
07e8d6ea069f651d48ad47731cce6d24417176b3a353554f40fe2d5f8b81afb1

HTTP Headers

GET /script/style.js HTTP/1.1
Host: superonclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 14 Sep 2024 20:32:05 GMT
content-type: text/javascript
x-goog-generation: 1570691734888336
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 41280
x-goog-hash: crc32c=r+9kWg==, md5=9vnEM2N/er/68OuRi4OHTA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
x-guploader-uploadid: ACJd0NpSd90xIA3ESiIzA1aDuR5XjIcZy_n5QzlJRabctkJ_ZlYT2lIeNvAS7j1oYdLQypwCYuB862MS0g
expires: Sat, 14 Sep 2024 20:48:26 GMT
cache-control: public, max-age=14400
last-modified: Thu, 10 Oct 2019 07:15:34 GMT
etag: W/"f6f9c433637f7abffaf0eb918b83874c"
age: 2619
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KbtL01D3AJXFVEAOkN5LzhR5s4lkOiFzimvOImlkhiFB%2F3fppe48heZNBCMSzSfxs96163OG%2BPR%2BC02SdvNNg%2F74MEjhMW2qeE8oQhXZ7rVfP12lCCABKQ5Mhq73IMW4100B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c3324f48e24b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET cdn.show-creative1.com/sb/notifications/utility/default/us/blog/ecorious/ab/1/index.html

172.67.208.42

200 OK

1.6 kB

URL GET HTTP/2
cdn.show-creative1.com/sb/notifications/utility/default/us/blog/ecorious/ab/1/index.html
IP
172.67.208.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerGoogle Trust Services
Subjectshow-creative1.com
Fingerprint2C:84:C0:DA:8F:5C:A7:50:3A:76:B0:36:FB:1E:3C:92:78:B8:5B:03
ValidityTue, 20 Aug 2024 17:20:56 GMT - Mon, 18 Nov 2024 17:20:55 GMT

File type
HTML document, ASCII text, with very long lines (1660), with no line terminators
Size
1.6 kB (1571 bytes)
Hash
0029b7cb4d5550c5233f931c816165ea
31298b092158bb9ce60a8e9bf497c5bd1f562a11
26ba2ea9cf182d890d03039af9052b75e71a92a6f3a9a386e955428677907062

HTTP Headers

GET /sb/notifications/utility/default/us/blog/ecorious/ab/1/index.html HTTP/1.1
Host: cdn.show-creative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.com
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Sep 2024 20:32:05 GMT
content-type: text/html
last-modified: Mon, 02 Sep 2024 18:05:40 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U5VLB97cfzKnWTGsA72%2BiZ37d3Gn3PM%2FlxzLuWAG7arJrv9bExO3KojRzxflMn05h4jLGhU6cqrSD4MVvUtlnfUBpiK9ku43MBfTPlT5fF%2BY6O58RJ0yIuTa%2FK96wdGwLInUo6LtzVOT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c3324ef0b9556c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdnativ.com/extban/247895220/creatives/23426602/f635ee5b57730d49c680d3e693f8da44_6506.jpg

0.0.0.0

0 B

URL GET
cdnativ.com/extban/247895220/creatives/23426602/f635ee5b57730d49c680d3e693f8da44_6506.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://adsbb.dfiles.com/upload/2401/ad27972995eacd9f.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9
Certificate
IssuerGoogle Trust Services
Subjectcdnativ.com
Fingerprint5B:DC:F8:73:52:9B:7E:F7:70:69:10:D1:1C:EF:87:A9:17:C3:C3:3E
ValidityTue, 20 Aug 2024 12:03:02 GMT - Mon, 18 Nov 2024 12:03:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /extban/247895220/creatives/23426602/f635ee5b57730d49c680d3e693f8da44_6506.jpg HTTP/1.1
Host: cdnativ.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 14 Sep 2024 20:32:06 GMT
content-type: image/jpeg
last-modified: Thu, 03 Mar 2022 17:09:04 GMT
etag: W/"6220f630-ee12"
content-encoding: gzip
via: 1.1 google
cache-control: max-age=14400
cf-cache-status: HIT
age: 6386
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PIgGbs3t6D2vYJRe1bV21EB6ADQKtRHwpRzCZzX8ZgGfkEsgxhNTHgfQuvs1KiS2HiJ%2FwTrsfstROQJTxb7uH66ZiODzV6FZUxg2VMQH49IDgauFOSxlX9KX%2FsqL%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c3324f65fc15691-OSL
alt-svc: h3=":443"; ma=86400

GET js.wpadmngr.com/static/adManager.js

45.133.44.53

200 OK

1.7 kB

URL GET HTTP/2
js.wpadmngr.com/static/adManager.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjectjs.wpadmngr.com
Fingerprint4E:77:11:99:F1:53:10:53:7E:1F:48:55:72:9D:BA:AE:17:31:82:4C
ValiditySat, 07 Sep 2024 03:03:54 GMT - Fri, 06 Dec 2024 03:03:53 GMT

File type
JavaScript source, ASCII text, with very long lines (1887), with no line terminators
Size
1.7 kB (1735 bytes)
Hash
8263610639624a65707a41479379709a
1653610e4e9b3814c8e68eb96814378d71be9776
8e6ca46c563e6ef9d3245fe116672ac9ff7b807033852fa0452493b5fb2d8a0c

HTTP Headers

GET /static/adManager.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Sep 2024 20:32:03 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Mon, 09 Sep 2024 09:57:18 GMT
etag: W/"66dec67e-6c7"
content-encoding: gzip
expires: Sat, 14 Sep 2024 20:37:03 GMT
cache-control: max-age=300
x-proxy-cache: HIT
x-cdn-host-id: ds9225
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET adsbb.dfiles.com//ad.php?z=7&c=NO&g=no_file&u=66e5f2c2a2d03-15706964

91.226.124.104

303 See Other

387 B

URL GET HTTP/2
adsbb.dfiles.com//ad.php?z=7&c=NO&g=no_file&u=66e5f2c2a2d03-15706964
IP
91.226.124.104:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjectdfiles.com
Fingerprint4F:AA:3F:B0:44:48:F4:CA:17:7D:C7:60:4F:13:32:83:3F:7F:D2:B0
ValiditySat, 31 Aug 2024 12:43:59 GMT - Fri, 29 Nov 2024 12:43:58 GMT

File type

Size
387 B (387 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET //ad.php?z=7&c=NO&g=no_file&u=66e5f2c2a2d03-15706964 HTTP/1.1
Host: adsbb.dfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Cookie: last_file=5zujuxxxt
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 303 See Other
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com, frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: text/html; charset=UTF-8
date: Sat, 14 Sep 2024 20:32:03 GMT
location: /upload/blank.htm
server: nginx
set-cookie: _nf7=1; expires=Sun, 15-Sep-2024 20:32:03 GMT; Max-Age=86400
x-powered-by: PHP/5.6.40
X-Firefox-Spdy: h2

GET superonclick.com/script/native_render.js

172.67.189.120

200 OK

4.3 kB

URL GET HTTP/2
superonclick.com/script/native_render.js
IP
172.67.189.120:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adsbb.dfiles.com/upload/2401/ad27972995eacd9f.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9
Certificate
IssuerGoogle Trust Services
Subjectsuperonclick.com
Fingerprint79:7C:A6:1E:76:ED:27:B4:79:28:63:F3:5D:2E:A5:68:B5:64:C3:AD
ValidityFri, 26 Jul 2024 23:14:02 GMT - Thu, 24 Oct 2024 23:14:01 GMT

File type
JavaScript source, ASCII text, with very long lines (4302), with no line terminators
Size
4.3 kB (4285 bytes)
Hash
e6a0e9d7c59dd6177052c848b8e5ee22
a5899a8b6ca1c9f1b4f307b305d417ef473038db
f63b4728b0cbf0880a12c2426864acc70702afd82a48c85b8b68120d88059ad4

HTTP Headers

GET /script/native_render.js HTTP/1.1
Host: superonclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Sep 2024 20:32:04 GMT
content-type: application/javascript
x-goog-generation: 1550052950916101
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4285
x-goog-hash: crc32c=rXethw==, md5=i4AdaMb2P574qaeqSEucdQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
x-guploader-uploadid: ACJd0NrtvzrAmn802j-Q-bSH_JYspF4YDmzFQ1yxnAKtNUkr_IjPccC2VBme4jdmbK16NHmuV78kg0GudQ
expires: Sat, 14 Sep 2024 19:52:40 GMT
cache-control: public, max-age=14400
age: 2921
last-modified: Wed, 13 Feb 2019 10:15:50 GMT
etag: W/"8b801d68c6f63f9ef8a9a7aa484b9c75"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NG05I5XLysV6ThTYl1HGrUKRbPH43KApSlwSpkNeiSeG5%2BrCIe1FxLqNIOtYj3r57Nheq0KFLaMmcWzSYVVrPAypch2a7cyPN9jiuhzjv9YoSYIGJBT816tvalPzJr6bam8v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c3324ecfb10569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET honourprecisionsuited.com/sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6&psid=CF-3278_general_1

192.243.61.227

200 OK

13 kB

URL GET HTTP/1.1
honourprecisionsuited.com/sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6&psid=CF-3278_general_1
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjecthonourprecisionsuited.com
Fingerprint8B:36:A0:64:CE:3F:D1:E0:17:8F:FD:58:5E:8B:51:25:D2:7F:79:C4
ValidityFri, 09 Aug 2024 05:43:18 GMT - Thu, 07 Nov 2024 05:43:17 GMT

File type

Size
13 kB (12808 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6&psid=CF-3278_general_1 HTTP/1.1
Host: honourprecisionsuited.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.com
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Sep 2024 20:32:04 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://dfiles.com
Access-Control-Allow-Origin: https://dfiles.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16004719; expires=Sun, 15 Sep 2024 20:32:04 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Sun, 15 Sep 2024 20:32:04 GMT; path=/; secure; SameSite=None
uncs=1; expires=Sun, 15 Sep 2024 20:32:04 GMT; path=/; secure; SameSite=None
pdhtkv29=true; expires=Sun, 15 Sep 2024 20:32:04 GMT; path=/; secure; SameSite=None
uncs29=1; expires=Sun, 15 Sep 2024 20:32:04 GMT; path=/; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 1b02c6167ad4f7541a8f3e2cb9369a6a
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET honourprecisionsuited.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRit3ixeIkI04EGFPqropHv%2B1xzEJK6GrElMFPUU6q9ny6nuaqv6Z3ZOiwuS4xAEr71vdrOYBEku4sUgswseAsKOpz24N68eVDzLjIujH3R%2F733vK3i8qi%2B282PSQE6PLr1nhkpreq5VC%2FyXPw7D8%2F6aSvKBP%2Bi2b7Wb531bvLHSrgWv%2BO9I3jfn6kEYBGEQ%2BqvKysgMzs1EqPTBSlhbCWrNei1sNTGw%2F%2Bcu9%2BCoB1Eck2ehxHT5wDsLxSdI4oeXpOtnJn3t7TjXNDMWhdj7MOknpkwQL2BkPUTJ3sk2jDtcfQyT7M7twhT%2FLjI1Jd6Pj8GSvROTYMXO3CfTkAmYOI2ymEDqCRSdgJstKHFIAC5w9RqS%2BO5VY0u68Y9KZ%2BqULP%2F1B1Q5Jcu%2FnEUSf3NBq4F%2F0%2Bg8UyZxGEQV1GAC1ZsgzfeRDZegyn3w7HMo8RMJnj%2BNJL7%2F7v53her7hbR9KFHNI1BqAhVNoOUI1HnIZ5%2FykEce8tRDLI58HoZhJxCcBt0VzhuiI1lbBCHtRCENg3YXOZ%2B5HCFLR%2BB6BG43kdpN9NUINv8Bbr2CEx5cNiXe%2B5soRIVSEpSOoKQEpSIoM4KyqHaFdnVX3RXa5Sw86fWT3qjGJutt012T9WRCQO0IVlQ7Kv3MbYFnp8bDyF0Zm8iJ7fSYnJlH92fboC%2BP%2FHq9SUWThk3WZGGLh516O4o6QUvydqcuaRtOPbq4%2Bnqj3une6slEWqpvhVBuaZ7LUB0%2BlyJVh0%2B%2FCEb34fQ%2BuDoDmr8EWlag6xWGyUMhU%2BNUFiktXY2bGMJUSLNlZBvetj4mL8wtXfnqHiR%2FQk4K3FZIbYVP1QFBT98e3zAl2blhSkceXUszFashnd30zYxm8ql7V%2BRGaay4fMmNvn6Lz4QZfPCBdNkaTYRKeo7cv6CEkHbVWC7J95fdR5Jdz936hdwmebp2%2FeLq5Ti10jllkgmoOvzkDriakme%2BXZs%2F4Vf936DsBDavEOcLp8pMwNNNuHQxc4bA6gVnqYcyr8a2zhZDrQi0XHDKKrj%2FcLbAY0tnp6mqtt1t9OwSaLaFJK5Q2AqFrkD1CC4%2FNc5S%2B%2BTNnxvzAtNLY6bt0g7TVt%2BZhzz7fQmnjvxGIDpMRrLDZLPVjCQXrNViAY84a4hulyNz0%2BjX3w%2F%2BDgAA%2F%2F9DAddmnAQAAA%3D%3D

192.243.61.227

200 OK

0 B

URL GET HTTP/1.1
honourprecisionsuited.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRit3ixeIkI04EGFPqropHv%2B1xzEJK6GrElMFPUU6q9ny6nuaqv6Z3ZOiwuS4xAEr71vdrOYBEku4sUgswseAsKOpz24N68eVDzLjIujH3R%2F733vK3i8qi%2B282PSQE6PLr1nhkpreq5VC%2FyXPw7D8%2F6aSvKBP%2Bi2b7Wb531bvLHSrgWv%2BO9I3jfn6kEYBGEQ%2BqvKysgMzs1EqPTBSlhbCWrNei1sNTGw%2F%2Bcu9%2BCoB1Eck2ehxHT5wDsLxSdI4oeXpOtnJn3t7TjXNDMWhdj7MOknpkwQL2BkPUTJ3sk2jDtcfQyT7M7twhT%2FLjI1Jd6Pj8GSvROTYMXO3CfTkAmYOI2ymEDqCRSdgJstKHFIAC5w9RqS%2BO5VY0u68Y9KZ%2BqULP%2F1B1Q5Jcu%2FnEUSf3NBq4F%2F0%2Bg8UyZxGEQV1GAC1ZsgzfeRDZegyn3w7HMo8RMJnj%2BNJL7%2F7v53her7hbR9KFHNI1BqAhVNoOUI1HnIZ5%2FykEce8tRDLI58HoZhJxCcBt0VzhuiI1lbBCHtRCENg3YXOZ%2B5HCFLR%2BB6BG43kdpN9NUINv8Bbr2CEx5cNiXe%2B5soRIVSEpSOoKQEpSIoM4KyqHaFdnVX3RXa5Sw86fWT3qjGJutt012T9WRCQO0IVlQ7Kv3MbYFnp8bDyF0Zm8iJ7fSYnJlH92fboC%2BP%2FHq9SUWThk3WZGGLh516O4o6QUvydqcuaRtOPbq4%2Bnqj3une6slEWqpvhVBuaZ7LUB0%2BlyJVh0%2B%2FCEb34fQ%2BuDoDmr8EWlag6xWGyUMhU%2BNUFiktXY2bGMJUSLNlZBvetj4mL8wtXfnqHiR%2FQk4K3FZIbYVP1QFBT98e3zAl2blhSkceXUszFashnd30zYxm8ql7V%2BRGaay4fMmNvn6Lz4QZfPCBdNkaTYRKeo7cv6CEkHbVWC7J95fdR5Jdz936hdwmebp2%2FeLq5Ti10jllkgmoOvzkDriakme%2BXZs%2F4Vf936DsBDavEOcLp8pMwNNNuHQxc4bA6gVnqYcyr8a2zhZDrQi0XHDKKrj%2FcLbAY0tnp6mqtt1t9OwSaLaFJK5Q2AqFrkD1CC4%2FNc5S%2B%2BTNnxvzAtNLY6bt0g7TVt%2BZhzz7fQmnjvxGIDpMRrLDZLPVjCQXrNViAY84a4hulyNz0%2BjX3w%2F%2BDgAA%2F%2F9DAddmnAQAAA%3D%3D
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjecthonourprecisionsuited.com
Fingerprint8B:36:A0:64:CE:3F:D1:E0:17:8F:FD:58:5E:8B:51:25:D2:7F:79:C4
ValidityFri, 09 Aug 2024 05:43:18 GMT - Thu, 07 Nov 2024 05:43:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRit3ixeIkI04EGFPqropHv%2B1xzEJK6GrElMFPUU6q9ny6nuaqv6Z3ZOiwuS4xAEr71vdrOYBEku4sUgswseAsKOpz24N68eVDzLjIujH3R%2F733vK3i8qi%2B282PSQE6PLr1nhkpreq5VC%2FyXPw7D8%2F6aSvKBP%2Bi2b7Wb531bvLHSrgWv%2BO9I3jfn6kEYBGEQ%2BqvKysgMzs1EqPTBSlhbCWrNei1sNTGw%2F%2Bcu9%2BCoB1Eck2ehxHT5wDsLxSdI4oeXpOtnJn3t7TjXNDMWhdj7MOknpkwQL2BkPUTJ3sk2jDtcfQyT7M7twhT%2FLjI1Jd6Pj8GSvROTYMXO3CfTkAmYOI2ymEDqCRSdgJstKHFIAC5w9RqS%2BO5VY0u68Y9KZ%2BqULP%2F1B1Q5Jcu%2FnEUSf3NBq4F%2F0%2Bg8UyZxGEQV1GAC1ZsgzfeRDZegyn3w7HMo8RMJnj%2BNJL7%2F7v53her7hbR9KFHNI1BqAhVNoOUI1HnIZ5%2FykEce8tRDLI58HoZhJxCcBt0VzhuiI1lbBCHtRCENg3YXOZ%2B5HCFLR%2BB6BG43kdpN9NUINv8Bbr2CEx5cNiXe%2B5soRIVSEpSOoKQEpSIoM4KyqHaFdnVX3RXa5Sw86fWT3qjGJutt012T9WRCQO0IVlQ7Kv3MbYFnp8bDyF0Zm8iJ7fSYnJlH92fboC%2BP%2FHq9SUWThk3WZGGLh516O4o6QUvydqcuaRtOPbq4%2Bnqj3une6slEWqpvhVBuaZ7LUB0%2BlyJVh0%2B%2FCEb34fQ%2BuDoDmr8EWlag6xWGyUMhU%2BNUFiktXY2bGMJUSLNlZBvetj4mL8wtXfnqHiR%2FQk4K3FZIbYVP1QFBT98e3zAl2blhSkceXUszFashnd30zYxm8ql7V%2BRGaay4fMmNvn6Lz4QZfPCBdNkaTYRKeo7cv6CEkHbVWC7J95fdR5Jdz936hdwmebp2%2FeLq5Ti10jllkgmoOvzkDriakme%2BXZs%2F4Vf936DsBDavEOcLp8pMwNNNuHQxc4bA6gVnqYcyr8a2zhZDrQi0XHDKKrj%2FcLbAY0tnp6mqtt1t9OwSaLaFJK5Q2AqFrkD1CC4%2FNc5S%2B%2BTNnxvzAtNLY6bt0g7TVt%2BZhzz7fQmnjvxGIDpMRrLDZLPVjCQXrNViAY84a4hulyNz0%2BjX3w%2F%2BDgAA%2F%2F9DAddmnAQAAA%3D%3D HTTP/1.1
Host: honourprecisionsuited.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Sep 2024 20:32:06 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: c1354a8d4baa36155526233ef00523ea
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET adsbb.dfiles.com/upload/2401/ad27972995eacd9f.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9

91.226.124.104

200 OK

6.6 kB

URL GET HTTP/2
adsbb.dfiles.com/upload/2401/ad27972995eacd9f.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9
IP
91.226.124.104:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjectdfiles.com
Fingerprint4F:AA:3F:B0:44:48:F4:CA:17:7D:C7:60:4F:13:32:83:3F:7F:D2:B0
ValiditySat, 31 Aug 2024 12:43:59 GMT - Fri, 29 Nov 2024 12:43:58 GMT

File type
HTML document, ASCII text, with very long lines (6837), with no line terminators
Size
6.6 kB (6601 bytes)
Hash
b68a098fd078dc0fb694d23ef5302aca
a9e23b2879ed3fa52829fd1800502894558eb295
243e52f25574be74f56ac21142f8668d90e7ad66db96c937d9ffb3312f7c9613

HTTP Headers

GET /upload/2401/ad27972995eacd9f.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9 HTTP/1.1
Host: adsbb.dfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.com/
DNT: 1
Connection: keep-alive
Cookie: last_file=5zujuxxxt; _nf7=1; _nf56=1; _nf60=1; _nf58=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com, frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: text/html
date: Sat, 14 Sep 2024 20:32:04 GMT
last-modified: Sat, 14 Sep 2024 20:30:01 GMT
server: nginx
X-Firefox-Spdy: h2

GET adsbb.dfiles.com//ad.php?z=58&c=NO&g=no_file

91.226.124.104

303 See Other

1.5 kB

URL GET HTTP/2
adsbb.dfiles.com//ad.php?z=58&c=NO&g=no_file
IP
91.226.124.104:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjectdfiles.com
Fingerprint4F:AA:3F:B0:44:48:F4:CA:17:7D:C7:60:4F:13:32:83:3F:7F:D2:B0
ValiditySat, 31 Aug 2024 12:43:59 GMT - Fri, 29 Nov 2024 12:43:58 GMT

File type

Size
1.5 kB (1471 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET //ad.php?z=58&c=NO&g=no_file HTTP/1.1
Host: adsbb.dfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Cookie: last_file=5zujuxxxt
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 303 See Other
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com, frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: text/html; charset=UTF-8
date: Sat, 14 Sep 2024 20:32:03 GMT
location: /upload/2303/ad2775297311915a.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9
server: nginx
set-cookie: _nf58=1; expires=Sun, 15-Sep-2024 20:32:03 GMT; Max-Age=86400
x-powered-by: PHP/5.6.40
X-Firefox-Spdy: h2

GET discovernative.com/script/native.php?nwpsv=1&r=8033562&cbrandom=0.5296151996385043&cbWidth=240&cbHeight=800&cbtitle=&cbref=https%3A%2F%2Fdfiles.com%2F&cbdescription=DepositFiles%20provides%20you%20with%20a%20legitimate%20technical%20solution%2C%20which%20%20enables%20you%20to%20upload%2C%20store%2C%20access%20and%20download%20text%2C%20software%2C%20%20scripts%2C%20images%2C%20sounds%2C%20videos%2C%20animations%20and%20any%20other%20materials%20in%20form%20of%20one%20or%20several%20electronic%20files.&cbkeywords=&cbiframe=1&&callback=jsonp496473

172.67.150.145

200 OK

1.4 kB

URL GET HTTP/2
discovernative.com/script/native.php?nwpsv=1&r=8033562&cbrandom=0.5296151996385043&cbWidth=240&cbHeight=800&cbtitle=&cbref=https%3A%2F%2Fdfiles.com%2F&cbdescription=DepositFiles%20provides%20you%20with%20a%20legitimate%20technical%20solution%2C%20which%20%20enables%20you%20to%20upload%2C%20store%2C%20access%20and%20download%20text%2C%20software%2C%20%20scripts%2C%20images%2C%20sounds%2C%20videos%2C%20animations%20and%20any%20other%20materials%20in%20form%20of%20one%20or%20several%20electronic%20files.&cbkeywords=&cbiframe=1&&callback=jsonp496473
IP
172.67.150.145:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adsbb.dfiles.com/upload/2401/ad27972995eacd9f.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9
Certificate
IssuerGoogle Trust Services
Subjectdiscovernative.com
FingerprintBD:21:96:6A:E2:39:75:A0:93:60:DE:70:92:3E:4E:10:DB:DF:5C:3D
ValidityMon, 26 Aug 2024 18:13:02 GMT - Sun, 24 Nov 2024 18:13:01 GMT

File type
JavaScript source, ASCII text, with very long lines (1472), with no line terminators
Size
1.4 kB (1448 bytes)
Hash
af3c573dc53e948c312e635dc6e7c427
c0810d0b3030beaa462aa1a2214b604dbc692f79
ad9d833da055b69b2c7973d78c4b09384d40a9dd7cde2c3157d602b8a160bdd1

HTTP Headers

GET /script/native.php?nwpsv=1&r=8033562&cbrandom=0.5296151996385043&cbWidth=240&cbHeight=800&cbtitle=&cbref=https%3A%2F%2Fdfiles.com%2F&cbdescription=DepositFiles%20provides%20you%20with%20a%20legitimate%20technical%20solution%2C%20which%20%20enables%20you%20to%20upload%2C%20store%2C%20access%20and%20download%20text%2C%20software%2C%20%20scripts%2C%20images%2C%20sounds%2C%20videos%2C%20animations%20and%20any%20other%20materials%20in%20form%20of%20one%20or%20several%20electronic%20files.&cbkeywords=&cbiframe=1&&callback=jsonp496473 HTTP/1.1
Host: discovernative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Sep 2024 20:32:05 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=okA9hYgg18VEd5Xyw%2FLiGVxM32in6fqr1UlnjQfuwsKzBBalfie5rpDlob%2BsU5FIAYd5AMqtvON48j0jG%2BFydl456bQuti8zBtgoUXMwGWCECXcy3giMcDXch034%2Bb3Xc6NUQ3Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c3324f0d9f156c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET dfiles.eu/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe

91.226.124.125

302 Found

16 kB

URL User Request GET HTTP/2
dfiles.eu/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
IP
91.226.124.125:443
ASN
#35415 Webzilla B.V.

Certificate
IssuerLet's Encrypt
Subjectdfiles.eu
FingerprintDD:D3:2E:5A:03:0A:A7:88:00:D5:D7:44:2C:FD:8B:09:3A:23:0B:B3
ValiditySat, 31 Aug 2024 12:41:38 GMT - Fri, 29 Nov 2024 12:41:37 GMT

File type

Size
16 kB (16445 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe HTTP/1.1
Host: dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: text/html; charset=UTF-8
date: Sat, 14 Sep 2024 20:32:02 GMT
location: //dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
server: nginx
X-Firefox-Spdy: h2

GET cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/css/animate.css

104.21.70.253

200 OK

79 kB

URL GET HTTP/2
cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/css/animate.css
IP
104.21.70.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerGoogle Trust Services
Subjectcreative-bars1.com
FingerprintEB:E3:F6:A0:02:C0:06:0B:03:19:9C:E4:96:53:32:2F:22:2E:29:46
ValiditySun, 11 Aug 2024 15:14:55 GMT - Sat, 09 Nov 2024 15:14:54 GMT

File type
ASCII text
Size
79 kB (79245 bytes)
Hash
80047eaa13ebd50c50e8a9753621e430
9c503e07d130572a0eaf51f7c02cbd4cf6213fe3
3f831a59615f8d5d40b4340b2836f91438c876f8dbce75f78e38360d6fe0f429

HTTP Headers

GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.com
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Sep 2024 20:32:05 GMT
content-type: text/css
last-modified: Thu, 01 Feb 2024 14:55:44 GMT
etag: W/"65bbb0f0-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: HIT
age: 296266
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3lYjwbN%2BMJ%2FwYpOtpPHa%2F2%2BVQqT7byXXMv4fcbK4NvCdIc2YDFPKTS7UBZdiEdbzuKhLbb6MZ705U0ssOeYqq%2FO0E%2F4nO0Q76lvHhsLdplKHNAWQxnoAOYF1x%2BGLuaFYMhKSMEfQIxog"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c3324f16eff712b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET adsbb.dfiles.com/upload/2203/ad27612964f48cd2.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9

91.226.124.104

200 OK

1.5 kB

URL GET HTTP/2
adsbb.dfiles.com/upload/2203/ad27612964f48cd2.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9
IP
91.226.124.104:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjectdfiles.com
Fingerprint4F:AA:3F:B0:44:48:F4:CA:17:7D:C7:60:4F:13:32:83:3F:7F:D2:B0
ValiditySat, 31 Aug 2024 12:43:59 GMT - Fri, 29 Nov 2024 12:43:58 GMT

File type
HTML document, ASCII text, with very long lines (1537), with no line terminators
Size
1.5 kB (1465 bytes)
Hash
f67e8636e08dd40f232f87fcfd7c209e
64d39a960de1821c359ae88e61ad0053ef257772
bbcf2e9e07cbef4a08ce4ad5cf7abda2bce3004ae50d4cd68bbbb7411d64f326

HTTP Headers

GET /upload/2203/ad27612964f48cd2.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9 HTTP/1.1
Host: adsbb.dfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.com/
DNT: 1
Connection: keep-alive
Cookie: last_file=5zujuxxxt; _nf7=1; _nf56=1; _nf60=1; _nf58=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com, frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: text/html
date: Sat, 14 Sep 2024 20:32:04 GMT
last-modified: Sat, 14 Sep 2024 20:30:01 GMT
server: nginx
X-Firefox-Spdy: h2

GET js.wpshsdk.com/npc/sdk/push.m.js?v=1

45.133.44.53

200 OK

34 kB

URL GET HTTP/2
js.wpshsdk.com/npc/sdk/push.m.js?v=1
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjectjs.wpshsdk.com
FingerprintF0:1A:1B:11:8A:D8:17:A2:0F:ED:24:FD:ED:21:6A:A1:43:08:73:86
ValidityThu, 18 Jul 2024 14:01:01 GMT - Wed, 16 Oct 2024 14:01:00 GMT

File type

Size
34 kB (34291 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /npc/sdk/push.m.js?v=1 HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Sep 2024 20:32:04 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 27 Aug 2024 13:05:30 GMT
etag: W/"66cdcf1a-85f3"
content-encoding: gzip
expires: Sat, 14 Sep 2024 20:37:04 GMT
cache-control: max-age=300
x-proxy-cache: HIT
x-cdn-host-id: ds9225
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET unseenreport.com/pxf.gif?uuid=a1eefd0b-1c8d-47b7-9342-9e3825aee9b5&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=a1eefd0b-1c8d-47b7-9342-9e3825aee9b5&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintD9:3D:28:C1:14:1B:2B:53:0E:E4:3E:FC:88:7A:FF:9C:45:4B:63:C7
ValiditySat, 20 Jul 2024 14:59:20 GMT - Fri, 18 Oct 2024 14:59:19 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=a1eefd0b-1c8d-47b7-9342-9e3825aee9b5&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Sep 2024 20:32:07 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: aeb67354d3e36a0b4bbf98ec40960141
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET adsbb.dfiles.com//ad.php?z=56&c=NO

91.226.124.104

303 See Other

6.6 kB

URL GET HTTP/2
adsbb.dfiles.com//ad.php?z=56&c=NO
IP
91.226.124.104:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjectdfiles.com
Fingerprint4F:AA:3F:B0:44:48:F4:CA:17:7D:C7:60:4F:13:32:83:3F:7F:D2:B0
ValiditySat, 31 Aug 2024 12:43:59 GMT - Fri, 29 Nov 2024 12:43:58 GMT

File type

Size
6.6 kB (6601 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET //ad.php?z=56&c=NO HTTP/1.1
Host: adsbb.dfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Cookie: last_file=5zujuxxxt
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 303 See Other
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com, frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: text/html; charset=UTF-8
date: Sat, 14 Sep 2024 20:32:03 GMT
location: /upload/2401/ad27972995eacd9f.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9
server: nginx
set-cookie: _nf56=1; expires=Sun, 15-Sep-2024 20:32:03 GMT; Max-Age=86400
x-powered-by: PHP/5.6.40
X-Firefox-Spdy: h2

GET ukankingwithea.com/asd100.bin

188.114.97.1

200 OK

102 kB

URL GET HTTP/2
ukankingwithea.com/asd100.bin
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint1E:50:56:01:B8:4D:0D:64:A3:5D:F9:E4:4A:5D:AE:8D:5E:FC:FB:FC
ValidityThu, 05 Sep 2024 11:45:15 GMT - Wed, 04 Dec 2024 11:45:14 GMT

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.com/
Origin: https://dfiles.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Sep 2024 20:32:04 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://dfiles.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Sat, 14 Sep 2024 20:32:04 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xtAdBC8K7hr%2BI%2B0dR4ZWNvLGoj8TTQLwKC4NZnbWvsimCRPIcoBzoMRtJZ1wcySZ%2FTjwp0RsN9gIcPxp6l6rZUoTXfbViB6ClsLurQK%2BZk91w9OB%2BpSQB5oZh0qOpjzhOSH76Yo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c3324ed7fa4b4ee-OSL
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=G-BL9163LYG1

142.250.74.168

200 OK

318 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-BL9163LYG1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE1:54:98:CD:9D:7A:BD:80:E1:F7:F7:9E:4A:C0:BA:A2:F1:F0:5D:C0
ValidityMon, 12 Aug 2024 06:33:44 GMT - Mon, 04 Nov 2024 06:33:43 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
318 kB (318305 bytes)
Hash
8eaba0a7dd6b216fde919b6e412f834d
a5b81d1c4f4dfbd59538c5e24bc5e9e6860d13e9
4a5bd8ebb7a5a55d48d79222c6b9092cc48defba2f43bdfa3f2a306645208343

HTTP Headers

GET /gtag/js?id=G-BL9163LYG1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 14 Sep 2024 20:32:02 GMT
expires: Sat, 14 Sep 2024 20:32:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 105445
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET acscdn.com/script/ut.js?cb=1726345923965

188.114.96.1

200 OK

63 kB

URL GET HTTP/3
acscdn.com/script/ut.js?cb=1726345923965
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerGoogle Trust Services
Subjectacscdn.com
Fingerprint6A:82:7C:F8:F4:5D:E4:37:E5:69:54:AB:B9:28:D2:33:F8:22:0E:6B
ValidityFri, 23 Aug 2024 18:38:44 GMT - Thu, 21 Nov 2024 18:38:43 GMT

File type

Size
63 kB (63280 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /script/ut.js?cb=1726345923965 HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 14 Sep 2024 20:32:03 GMT
content-type: text/javascript
x-goog-generation: 1721821314858390
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 63280
x-goog-hash: crc32c=IaaDjg==, md5=57uKPgAvt8vBs8oytz5qxQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
x-guploader-uploadid: AHxI1nMaEQpR1JTWGL7y3AJZi3Wvek2bdZisDwQ02yfiVLGMsvu7td42F17RCoSFEKcTf1JGVRk
expires: Sat, 14 Sep 2024 21:03:26 GMT
cache-control: public, max-age=3600
last-modified: Wed, 24 Jul 2024 11:41:54 GMT
etag: W/"e7bb8a3e002fb7cbc1b3ca32b73e6ac5"
age: 1044
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4rmsz88vFasOQZNu6ZCvz6%2B%2FIqoB8v849Q3Effa2PvdwswBpOYOkFmxLAfmRfdXqPhTXXjQKkoVbZXahqtXD2zdj6lc4B61Jgw%2B1rMeVJVFdvLedga3jQxS%2Fw4g3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c3324e8ddd556ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET cdnativ.com/extban/247895220/creatives/23426602/f635ee5b57730d49c680d3e693f8da44_6506.jpg

0.0.0.0

0 B

URL GET
cdnativ.com/extban/247895220/creatives/23426602/f635ee5b57730d49c680d3e693f8da44_6506.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://adsbb.dfiles.com/upload/2401/ad27972995eacd9f.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9
Certificate
IssuerGoogle Trust Services
Subjectcdnativ.com
Fingerprint5B:DC:F8:73:52:9B:7E:F7:70:69:10:D1:1C:EF:87:A9:17:C3:C3:3E
ValidityTue, 20 Aug 2024 12:03:02 GMT - Mon, 18 Nov 2024 12:03:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /extban/247895220/creatives/23426602/f635ee5b57730d49c680d3e693f8da44_6506.jpg HTTP/1.1
Host: cdnativ.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Sep 2024 20:32:05 GMT
content-type: image/jpeg
last-modified: Thu, 03 Mar 2022 17:09:04 GMT
etag: W/"6220f630-ee12"
content-encoding: gzip
via: 1.1 google
cache-control: max-age=14400
cf-cache-status: HIT
age: 6385
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6f4k7j1r60bm2ZgiNuQDVCJhlf%2BDofb4swFW53SEltDjVdegrxtWS%2Bmmucp68ut%2BiC5xMu6qKZvmprEJOU9ExYsYwxRXNAmf3hXcFyUFT7LSdZmPfYz9s124TXJSUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c3324f50b185687-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET discovernative.com/script/i.php?t=1&c=23427468&stamat=m%257C%252C%252CAjEq9jLmoGU3Bv_GH0dEdHP3xP.e1a%252CwJirJ8vTNbK6qq-JzBGxtxSQUUaAldZz9PPBPTQQJfC0trCAlBR4YvGw9y8IG_cu_P20Y2lrwnjdcQT2ZA4pCouxBqLS1mxzD4L6wqThTVo_lSPrJB1Tet9Xf3GBGPR8bDCZL4xU2H4EVQHuJiQTsAUrvRoFnniESJ311CfQwo-YyxZWNx41SXbbNYK1-hKOAP6mKa5a6p1ntQe9QPN9d5KBqZGraYI9jXHHEgtUh2bTXTXDmqFeYbXoGrm1IPLmOImZrT1f5vRLTGR73baP7lpZlvOE9bvi6ctDSS0yVJh1poVar-eDaDWPNQhT2yy0WkHKWRnt17jUgF6YJGyrAYarwkjjhnS2GBDXWITWS91d-bg7aLRe7P8QiIhrRogze6UAgdDuQT7HP_hkII44r83IkjNjkZLhYHytohxyaKeXXsvg07Z81DV2WRvlt9_XiFBsWHWxdXVzpcpP98rvu6FTISsI7shKdVWX5EhsUkYzXTE5BcPTStWS7hgUQ3f3iZxPoaSNCzkQi9ghZtFc4MW7Cj3EjL1XRJqGg1Z6kO8uQn4OwgGDCDSeNQ6wvuRvk1otcwuZUQ58LtYGWgJSPLHypGvKT3f_xcmMiVqLrEcGuIirLasaPPGMmuDYkZk_n_-jacDp4hEvetyvVeueo_hxQLuuCMpZ_bUmeePbhih2_bL4HGuNebeyl7tj3rqIjrv5PKQgfmDqndHPLQmBlzVSMfCRuDA6tUK4sM6GGWYbqLc6nVdKsbq47h36v7yx&track=0,1

172.67.150.145

204 No Content

0 B

URL GET HTTP/3
discovernative.com/script/i.php?t=1&c=23427468&stamat=m%257C%252C%252CAjEq9jLmoGU3Bv_GH0dEdHP3xP.e1a%252CwJirJ8vTNbK6qq-JzBGxtxSQUUaAldZz9PPBPTQQJfC0trCAlBR4YvGw9y8IG_cu_P20Y2lrwnjdcQT2ZA4pCouxBqLS1mxzD4L6wqThTVo_lSPrJB1Tet9Xf3GBGPR8bDCZL4xU2H4EVQHuJiQTsAUrvRoFnniESJ311CfQwo-YyxZWNx41SXbbNYK1-hKOAP6mKa5a6p1ntQe9QPN9d5KBqZGraYI9jXHHEgtUh2bTXTXDmqFeYbXoGrm1IPLmOImZrT1f5vRLTGR73baP7lpZlvOE9bvi6ctDSS0yVJh1poVar-eDaDWPNQhT2yy0WkHKWRnt17jUgF6YJGyrAYarwkjjhnS2GBDXWITWS91d-bg7aLRe7P8QiIhrRogze6UAgdDuQT7HP_hkII44r83IkjNjkZLhYHytohxyaKeXXsvg07Z81DV2WRvlt9_XiFBsWHWxdXVzpcpP98rvu6FTISsI7shKdVWX5EhsUkYzXTE5BcPTStWS7hgUQ3f3iZxPoaSNCzkQi9ghZtFc4MW7Cj3EjL1XRJqGg1Z6kO8uQn4OwgGDCDSeNQ6wvuRvk1otcwuZUQ58LtYGWgJSPLHypGvKT3f_xcmMiVqLrEcGuIirLasaPPGMmuDYkZk_n_-jacDp4hEvetyvVeueo_hxQLuuCMpZ_bUmeePbhih2_bL4HGuNebeyl7tj3rqIjrv5PKQgfmDqndHPLQmBlzVSMfCRuDA6tUK4sM6GGWYbqLc6nVdKsbq47h36v7yx&track=0,1
IP
172.67.150.145:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adsbb.dfiles.com/upload/2401/ad27972995eacd9f.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9
Certificate
IssuerGoogle Trust Services
Subjectdiscovernative.com
FingerprintBD:21:96:6A:E2:39:75:A0:93:60:DE:70:92:3E:4E:10:DB:DF:5C:3D
ValidityMon, 26 Aug 2024 18:13:02 GMT - Sun, 24 Nov 2024 18:13:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /script/i.php?t=1&c=23427468&stamat=m%257C%252C%252CAjEq9jLmoGU3Bv_GH0dEdHP3xP.e1a%252CwJirJ8vTNbK6qq-JzBGxtxSQUUaAldZz9PPBPTQQJfC0trCAlBR4YvGw9y8IG_cu_P20Y2lrwnjdcQT2ZA4pCouxBqLS1mxzD4L6wqThTVo_lSPrJB1Tet9Xf3GBGPR8bDCZL4xU2H4EVQHuJiQTsAUrvRoFnniESJ311CfQwo-YyxZWNx41SXbbNYK1-hKOAP6mKa5a6p1ntQe9QPN9d5KBqZGraYI9jXHHEgtUh2bTXTXDmqFeYbXoGrm1IPLmOImZrT1f5vRLTGR73baP7lpZlvOE9bvi6ctDSS0yVJh1poVar-eDaDWPNQhT2yy0WkHKWRnt17jUgF6YJGyrAYarwkjjhnS2GBDXWITWS91d-bg7aLRe7P8QiIhrRogze6UAgdDuQT7HP_hkII44r83IkjNjkZLhYHytohxyaKeXXsvg07Z81DV2WRvlt9_XiFBsWHWxdXVzpcpP98rvu6FTISsI7shKdVWX5EhsUkYzXTE5BcPTStWS7hgUQ3f3iZxPoaSNCzkQi9ghZtFc4MW7Cj3EjL1XRJqGg1Z6kO8uQn4OwgGDCDSeNQ6wvuRvk1otcwuZUQ58LtYGWgJSPLHypGvKT3f_xcmMiVqLrEcGuIirLasaPPGMmuDYkZk_n_-jacDp4hEvetyvVeueo_hxQLuuCMpZ_bUmeePbhih2_bL4HGuNebeyl7tj3rqIjrv5PKQgfmDqndHPLQmBlzVSMfCRuDA6tUK4sM6GGWYbqLc6nVdKsbq47h36v7yx&track=0,1 HTTP/1.1
Host: discovernative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 204 No Content
date: Sat, 14 Sep 2024 20:32:06 GMT
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Sno6fjOLYEewL5%2BoVSP7gzoCq3%2Fc7cFyIXrtzD%2BuyZ7XE8F2tI73jarETXyQatcfIoMiw%2FHULRa4BEd1MC%2F4loqt%2B2SbCjIuBb3Q4V0MyUUldhsuIA%2BhtNBiEOM9bAh2fGapkk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c3324f90e73569b-OSL
alt-svc: h3=":443"; ma=86400

GET adsbb.dfiles.com//ad.php?z=60&c=NO

91.226.124.104

303 See Other

1.5 kB

URL GET HTTP/2
adsbb.dfiles.com//ad.php?z=60&c=NO
IP
91.226.124.104:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjectdfiles.com
Fingerprint4F:AA:3F:B0:44:48:F4:CA:17:7D:C7:60:4F:13:32:83:3F:7F:D2:B0
ValiditySat, 31 Aug 2024 12:43:59 GMT - Fri, 29 Nov 2024 12:43:58 GMT

File type

Size
1.5 kB (1465 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET //ad.php?z=60&c=NO HTTP/1.1
Host: adsbb.dfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Cookie: last_file=5zujuxxxt
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 303 See Other
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com, frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: text/html; charset=UTF-8
date: Sat, 14 Sep 2024 20:32:03 GMT
location: /upload/2203/ad27612964f48cd2.htm?canp=adv_64c8039324e932ac815d3d122bf63ef9
server: nginx
set-cookie: _nf60=1; expires=Sun, 15-Sep-2024 20:32:03 GMT; Max-Age=86400
x-powered-by: PHP/5.6.40
X-Firefox-Spdy: h2

GET static.depositfiles.com/images/flags/lang24.png

91.226.124.125

200 OK

9.2 kB

URL GET HTTP/2
static.depositfiles.com/images/flags/lang24.png
IP
91.226.124.125:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjectdepositfiles.com
Fingerprint97:53:4A:DF:7A:62:F0:68:7B:58:C9:2B:0E:FA:A4:E2:31:03:9A:90
ValiditySun, 01 Sep 2024 12:41:37 GMT - Sat, 30 Nov 2024 12:41:36 GMT

File type
PNG image data, 24 x 552, 8-bit/color RGBA, non-interlaced
Size
9.2 kB (9172 bytes)
Hash
efdcd1ca23d564ddd811f41152a2b83c
0b5aa064e7f8f241363c55fa17eb448f42a5f8df
ce23be242e34c5b420f8ba0390aef20fa50ffc69f700091029616eff524e8f9b

HTTP Headers

GET /images/flags/lang24.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: image/png
date: Sat, 14 Sep 2024 20:32:03 GMT
etag: "651c240d-23d4"
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 9172
X-Firefox-Spdy: h2

GET adsbb.dfiles.com/upload/blank.htm

91.226.124.104

200 OK

387 B

URL GET HTTP/2
adsbb.dfiles.com/upload/blank.htm
IP
91.226.124.104:443
ASN
#35415 Webzilla B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjectdfiles.com
Fingerprint4F:AA:3F:B0:44:48:F4:CA:17:7D:C7:60:4F:13:32:83:3F:7F:D2:B0
ValiditySat, 31 Aug 2024 12:43:59 GMT - Fri, 29 Nov 2024 12:43:58 GMT

File type
HTML document, ASCII text, with very long lines (425), with no line terminators
Size
387 B (387 bytes)
Hash
d91c0cb44500d613d5d1c609d61e609d
9fbbda167004d5a1b7769aaf255d33b324d03d23
4849fb0b7cd69d8b1fe3a782569b7023f2001588f2a7a1060ac67c641eda6b73

HTTP Headers

GET /upload/blank.htm HTTP/1.1
Host: adsbb.dfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.com/
DNT: 1
Connection: keep-alive
Cookie: last_file=5zujuxxxt; _nf7=1; _nf56=1; _nf60=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
content-security-policy: frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com, frame-ancestors depositfiles.com *.depositfiles.com depositfiles.org *.depositfiles.org dfiles.eu *.dfiles.eu dfiles.com *.dfiles.com
content-type: text/html
date: Sat, 14 Sep 2024 20:32:04 GMT
last-modified: Wed, 29 Nov 2023 10:47:03 GMT
server: nginx
X-Firefox-Spdy: h2

GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARpgrqetL6bF2sgSmUXsto5DEmROasO4tIjeyGpjCOOLjfrQhjsNnF75hgqfYxe1Fv78MGEXfPsa&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S806485037%3A1726345925246142&ddm=0

64.233.161.84

403 Forbidden

0 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARpgrqetL6bF2sgSmUXsto5DEmROasO4tIjeyGpjCOOLjfrQhjsNnF75hgqfYxe1Fv78MGEXfPsa&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S806485037%3A1726345925246142&ddm=0
IP
64.233.161.84:443
ASN
#15169 GOOGLE

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint97:72:B0:50:D3:11:5A:F7:A4:3E:14:43:9B:9B:DA:05:44:40:58:1C
ValidityMon, 12 Aug 2024 06:33:49 GMT - Mon, 04 Nov 2024 06:33:48 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARpgrqetL6bF2sgSmUXsto5DEmROasO4tIjeyGpjCOOLjfrQhjsNnF75hgqfYxe1Fv78MGEXfPsa&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S806485037%3A1726345925246142&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 14 Sep 2024 20:32:06 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-FJWw4OyhfWAnmRQ32ShIvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.6cUd-ouEgD4.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/js/script.js

104.21.70.253

200 OK

386 B

URL GET HTTP/2
cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/js/script.js
IP
104.21.70.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerGoogle Trust Services
Subjectcreative-bars1.com
FingerprintEB:E3:F6:A0:02:C0:06:0B:03:19:9C:E4:96:53:32:2F:22:2E:29:46
ValiditySun, 11 Aug 2024 15:14:55 GMT - Sat, 09 Nov 2024 15:14:54 GMT

File type
ASCII text, with very long lines (399), with no line terminators
Size
386 B (386 bytes)
Hash
022602a468da44628060800173771da2
9be813fbfebbcb2aa46d8c6b8abec68b3d16c89c
6742c376e658c34d09b2dc5772bd798e3cd52bb265758bac5bce184f8ee7b5cc

HTTP Headers

GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.com
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Sep 2024 20:32:05 GMT
content-type: application/javascript
last-modified: Thu, 01 Feb 2024 14:55:49 GMT
etag: W/"65bbb0f5-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 296266
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5SZW3snfQnt%2B3UWBBFAjh00I9Y5eikSDuJM2GgqyB92K6m%2FDVDql72qk1Qt8DEuR8YlSvsmi2aCIq5eGMkx63AIcq9OZ3JMS66jq17XaNurvOUigimo%2BJgXOctEnM7siLciVOpximV04"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c3324f17f10712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARpgrqfOUwEwzRlZ87v3IatTabVAL_W4keL68KaQlolPeCkSUSSYnZUvG6w33NVQmVTTnx1Qf3Zz&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-333496797%3A1726345925244727&ddm=0

64.233.161.84

403 Forbidden

0 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARpgrqfOUwEwzRlZ87v3IatTabVAL_W4keL68KaQlolPeCkSUSSYnZUvG6w33NVQmVTTnx1Qf3Zz&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-333496797%3A1726345925244727&ddm=0
IP
64.233.161.84:443
ASN
#15169 GOOGLE

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint97:72:B0:50:D3:11:5A:F7:A4:3E:14:43:9B:9B:DA:05:44:40:58:1C
ValidityMon, 12 Aug 2024 06:33:49 GMT - Mon, 04 Nov 2024 06:33:48 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARpgrqfOUwEwzRlZ87v3IatTabVAL_W4keL68KaQlolPeCkSUSSYnZUvG6w33NVQmVTTnx1Qf3Zz&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-333496797%3A1726345925244727&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 14 Sep 2024 20:32:06 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-Xh2tCxzxmATdWyvI4O9A4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.6cUd-ouEgD4.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET js.wpadmngr.com/static/adManager.m.js

45.133.44.53

200 OK

117 kB

URL GET HTTP/2
js.wpadmngr.com/static/adManager.m.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerLet's Encrypt
Subjectjs.wpadmngr.com
Fingerprint4E:77:11:99:F1:53:10:53:7E:1F:48:55:72:9D:BA:AE:17:31:82:4C
ValiditySat, 07 Sep 2024 03:03:54 GMT - Fri, 06 Dec 2024 03:03:53 GMT

File type

Size
117 kB (117307 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Sep 2024 20:32:03 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Mon, 09 Sep 2024 09:57:22 GMT
etag: W/"66dec682-1ca3b"
content-encoding: gzip
expires: Sat, 14 Sep 2024 20:37:03 GMT
cache-control: max-age=300
x-proxy-cache: HIT
x-cdn-host-id: ds9225
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

64.233.161.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
64.233.161.84:443
ASN
#15169 GOOGLE

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintFF:C5:DA:5A:24:6E:9C:B7:EB:4E:04:0B:B3:01:2E:05:BA:5B:53:53
ValidityMon, 12 Aug 2024 07:19:44 GMT - Mon, 04 Nov 2024 07:19:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:quYyXSo8EC4QWkw71-IeCgb8lDik_w:K2eKvxPWq6CeAJ7f; Expires=Mon, 14-Sep-2026 20:32:04 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 14 Sep 2024 20:32:04 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ARpgrqdU3vkKJQJ7C46jEBDk2X9kfUY-a-MV-1Um6RtgnT9QKPwYLylXWuGtjazRBPkHDrhzfeGjJA
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-XItXYRQ3ST7s48WQ6Lk-zA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/css/style.css

104.21.70.253

200 OK

3.6 kB

URL GET HTTP/2
cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/css/style.css
IP
104.21.70.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dfiles.com/files/5zujuxxxt/Stranded-Deep-v_0.02.H1_32-64_Bit.exe
Certificate
IssuerGoogle Trust Services
Subjectcreative-bars1.com
FingerprintEB:E3:F6:A0:02:C0:06:0B:03:19:9C:E4:96:53:32:2F:22:2E:29:46
ValiditySun, 11 Aug 2024 15:14:55 GMT - Sat, 09 Nov 2024 15:14:54 GMT

File type
ASCII text, with very long lines (3854), with no line terminators
Size
3.6 kB (3630 bytes)
Hash
1ef6c40dc9237f64e46f930e4b26d112
7e94a725845a7101b17bfc0ff488e27c12060c1d
e23167c1f14d771e6eb40f86085c2f04f52010a5e934cff3f9e214aab984f4b4

HTTP Headers

GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.com
DNT: 1
Connection: keep-alive
Referer: https://dfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Sep 2024 20:32:05 GMT
content-type: text/css
last-modified: Thu, 01 Feb 2024 14:55:46 GMT
etag: W/"65bbb0f2-e2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: HIT
age: 296266
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OxiJZYlQlFH5q5BuOCkpxTuOqggDeOn5rE%2FDtt%2FzHSo5xejThblzQVZ8zTSIs9nLDdMfa1ux04O3sp3%2B%2FfPx%2FDSjBXwRM9UvG05rjpY%2FZYBUYS3e7dtyq5Nvq7Qt8ro4TIp8JG0HXB1e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c3324f16f07712b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (41)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash