| datanodes.to/don4u3c05itx/BG3_--_fitgirl-repacks.site_--_.part056.rar | 31.43.191.18 | 302 Found | 0 B |
URL User Request GET HTTP/1.1datanodes.to/don4u3c05itx/BG3_--_fitgirl-repacks.site_--_.part056.rar IP31.43.191.18:443 ASN#210848 Telkom Internet LTD
CertificateIssuerLet's Encrypt Subjectdatanodes.to FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /don4u3c05itx/BG3_--_fitgirl-repacks.site_--_.part056.rar HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.14.1
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: file_code=don4u3c05itx; domain=.datanodes.to; path=/; expires=Wed, 24-Apr-2024 03:02:57 GMT
lang=english; domain=.datanodes.to; path=/
file_name=BG3_--_fitgirl-repacks.site_--_.part056.rar; domain=.datanodes.to; path=/; expires=Wed, 24-Apr-2024 03:02:57 GMT
Date: Wed, 24 Apr 2024 02:02:57 GMT
Location: https://datanodes.to/download
|
|
| | 31.43.191.18 | 200 OK | 16 kB |
URL User Request GET HTTP/1.1IP31.43.191.18:443 ASN#210848 Telkom Internet LTD
CertificateIssuerLet's Encrypt Subjectdatanodes.to FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (3625) Hash08f5f2acc059a2020fbe526aeb6ed2d6 4c7ce4aa04b1ee99347b44c9fc37ea0dd0aca257 34d0b7cbde26859af0db1e5502cec3ed05e8a53ddadeebab5fac88acdf9d4b0f
GET /download HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: file_code=don4u3c05itx; lang=english; file_name=BG3_--_fitgirl-repacks.site_--_.part056.rar
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.1
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Set-Cookie: affiliate=oWG75aIxlQ4J2fSUcUnMp9wPcB9Fv%2Fgho%2FcNoOF80yc%2FxESMui7uMAdrzoFKqVKAJbAqoLzAVvGzWANSvdCb4SXMba8ZgGw%3D; domain=.datanodes.to; path=/; expires=Wed, 08-May-2024 02:02:57 GMT
Expires: Tue, 23 Apr 2024 02:02:57 GMT
Date: Wed, 24 Apr 2024 02:02:57 GMT
|
|
| datanodes.to/theme_2023/dist/assets/app-29263ee8.css | 31.43.191.18 | 200 OK | 58 kB |
URL GET HTTP/1.1datanodes.to/theme_2023/dist/assets/app-29263ee8.css IP31.43.191.18:443 ASN#210848 Telkom Internet LTD
Requested byhttps://datanodes.to/download CertificateIssuerLet's Encrypt Subjectdatanodes.to FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT
File typeUnicode text, UTF-8 text, with very long lines (57897) Hash804746b8bc72d761a892dd04f22900a7 3b8d93b691c09c49537b5423ec5759536e9e722c 29263ee89a9cf511555f2d76a264813aa239f76988cb5f6a1b495ebceaba5df5
GET /theme_2023/dist/assets/app-29263ee8.css HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: file_code=don4u3c05itx; lang=english; file_name=BG3_--_fitgirl-repacks.site_--_.part056.rar; affiliate=oWG75aIxlQ4J2fSUcUnMp9wPcB9Fv%2Fgho%2FcNoOF80yc%2FxESMui7uMAdrzoFKqVKAJbAqoLzAVvGzWANSvdCb4SXMba8ZgGw%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Wed, 24 Apr 2024 02:02:57 GMT
Content-Type: text/css
Content-Length: 57906
Last-Modified: Tue, 12 Mar 2024 01:03:57 GMT
Connection: keep-alive
ETag: "65efa9fd-e232"
Accept-Ranges: bytes
|
|
| www.googletagmanager.com/gtag/js?id=G-7DP7NV2LKF | 142.250.74.136 | 200 OK | 101 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-7DP7NV2LKF IP142.250.74.136:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (5945) Size101 kB (100668 bytes) Hashbafa2c148fee8a491a5f02b4f64ef013 3b8938fe00d217ba020995106cb3f62faa65a741 3d6233e9e3edf8682d1d003ae7113334bcbf60986690eac9990afd80b447ab92
GET /gtag/js?id=G-7DP7NV2LKF HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 02:02:57 GMT
expires: Wed, 24 Apr 2024 02:02:57 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100668
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| datanodes.to/theme_2023/src/assets/images/virus-scan.png | 31.43.191.18 | 200 OK | 34 kB |
URL GET HTTP/1.1datanodes.to/theme_2023/src/assets/images/virus-scan.png IP31.43.191.18:443 ASN#210848 Telkom Internet LTD
Requested byhttps://datanodes.to/download CertificateIssuerLet's Encrypt Subjectdatanodes.to FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT
File typePNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced Hashed8693e5b49bbfec66898fd26b979317 0fe86ee5614e13c3c93672a4d57ef69555f3e701 5b6ef28011995150a50e6e59ca8728a5f0f92c7dfe27f08433e398a7fc177a9d
GET /theme_2023/src/assets/images/virus-scan.png HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: file_code=don4u3c05itx; lang=english; file_name=BG3_--_fitgirl-repacks.site_--_.part056.rar; affiliate=oWG75aIxlQ4J2fSUcUnMp9wPcB9Fv%2Fgho%2FcNoOF80yc%2FxESMui7uMAdrzoFKqVKAJbAqoLzAVvGzWANSvdCb4SXMba8ZgGw%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Wed, 24 Apr 2024 02:02:57 GMT
Content-Type: image/png
Content-Length: 33827
Last-Modified: Wed, 31 Jan 2024 09:41:40 GMT
Connection: keep-alive
ETag: "65ba15d4-8423"
Accept-Ranges: bytes
|
|
| datanodes.to/images/logo.png?v=1 | 31.43.191.18 | 200 OK | 15 kB |
URL GET HTTP/1.1datanodes.to/images/logo.png?v=1 IP31.43.191.18:443 ASN#210848 Telkom Internet LTD
Requested byhttps://datanodes.to/download CertificateIssuerLet's Encrypt Subjectdatanodes.to FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT
File typePNG image data, 364 x 230, 8-bit/color RGBA, non-interlaced Hashc9338a5cbd74ee24aee2175a5ac9cfac eb519e37c50d2dd8908d80a2dd203879f2a430c9 e73da34c3963cd34608bc4016fd1060cf58de21ef14321a153ec45bc004ff56e
GET /images/logo.png?v=1 HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: file_code=don4u3c05itx; lang=english; file_name=BG3_--_fitgirl-repacks.site_--_.part056.rar; affiliate=oWG75aIxlQ4J2fSUcUnMp9wPcB9Fv%2Fgho%2FcNoOF80yc%2FxESMui7uMAdrzoFKqVKAJbAqoLzAVvGzWANSvdCb4SXMba8ZgGw%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Wed, 24 Apr 2024 02:02:57 GMT
Content-Type: image/png
Content-Length: 15350
Last-Modified: Tue, 16 Jan 2024 14:16:42 GMT
Connection: keep-alive
ETag: "65a68fca-3bf6"
Accept-Ranges: bytes
|
|
| datanodes.to/theme_2023/dist/assets/app-804de99c.js | 31.43.191.18 | 200 OK | 178 kB |
URL GET HTTP/1.1datanodes.to/theme_2023/dist/assets/app-804de99c.js IP31.43.191.18:443 ASN#210848 Telkom Internet LTD
Requested byhttps://datanodes.to/download CertificateIssuerLet's Encrypt Subjectdatanodes.to FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT
File typeJavaScript source, ASCII text, with very long lines (37384) Size178 kB (177920 bytes) Hash532512d47faba69d2df29162722eddf3 1b7797cbb10265d77e26f61b0d202b2340d5657c aff4be5ad0fa681e71bce40919045fe0fed7109e8ca2ee24148e9b9c91c64dde
GET /theme_2023/dist/assets/app-804de99c.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: file_code=don4u3c05itx; lang=english; file_name=BG3_--_fitgirl-repacks.site_--_.part056.rar; affiliate=oWG75aIxlQ4J2fSUcUnMp9wPcB9Fv%2Fgho%2FcNoOF80yc%2FxESMui7uMAdrzoFKqVKAJbAqoLzAVvGzWANSvdCb4SXMba8ZgGw%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Wed, 24 Apr 2024 02:02:57 GMT
Content-Type: application/javascript
Content-Length: 177920
Last-Modified: Tue, 12 Mar 2024 01:03:57 GMT
Connection: keep-alive
ETag: "65efa9fd-2b700"
Accept-Ranges: bytes
|
|
| scarcerpokomoo.com/1clkn/31269 | 23.109.170.75 | 200 OK | 26 B |
URL GET HTTP/1.1scarcerpokomoo.com/1clkn/31269 IP23.109.170.75:443
Requested byhttps://datanodes.to/download CertificateIssuerLet's Encrypt Subjectscarcerpokomoo.com FingerprintDE:28:D9:27:81:A5:65:7C:78:E5:60:CB:F5:10:13:A4:71:2B:EE:6A ValidityWed, 28 Feb 2024 04:58:40 GMT - Tue, 28 May 2024 04:58:39 GMT
File typeASCII text, with no line terminators Hash9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /1clkn/31269 HTTP/1.1
Host: scarcerpokomoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 02:02:57 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Thu, 25-Apr-2024 02:02:57 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Thu, 25-Apr-2024 02:02:57 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| www.google.com/recaptcha/api.js?render=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT | 142.250.74.164 | 200 OK | 958 B |
URL GET HTTP/2www.google.com/recaptcha/api.js?render=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT IP142.250.74.164:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintCD:48:2A:0C:60:1D:37:5A:D4:D5:A9:F7:DE:A0:2B:5E:2F:29:76:73 ValidityMon, 18 Mar 2024 20:38:49 GMT - Mon, 10 Jun 2024 20:38:48 GMT
Hash2e719a5b700a44cd62074d20b501e09a 3579f68ff37e2ccc560af5fb0163eb673bc94264 5300779319417596b1aab2b3f6dc970d513888dcae207ac8b3599c866157bed4
GET /recaptcha/api.js?render=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Wed, 24 Apr 2024 02:02:57 GMT
date: Wed, 24 Apr 2024 02:02:57 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| datanodes.to/theme_2023/dist/assets/VirusScan-b512073a.js | 31.43.191.18 | 200 OK | 1.1 kB |
URL GET HTTP/1.1datanodes.to/theme_2023/dist/assets/VirusScan-b512073a.js IP31.43.191.18:443 ASN#210848 Telkom Internet LTD
Requested byhttps://datanodes.to/download CertificateIssuerLet's Encrypt Subjectdatanodes.to FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT
File typeJava source, ASCII text, with very long lines (1119) Hashc0ca7c018bc63759e7761f05e158b720 8c498191c84b902fbaa6326358054655c23033ae 940d0d217e3d34acb1d93c2c2ed8eb194e934bdfd78adc00c15b4bc958652cc4
GET /theme_2023/dist/assets/VirusScan-b512073a.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/theme_2023/dist/assets/app-804de99c.js
Cookie: file_code=don4u3c05itx; lang=english; file_name=BG3_--_fitgirl-repacks.site_--_.part056.rar; affiliate=oWG75aIxlQ4J2fSUcUnMp9wPcB9Fv%2Fgho%2FcNoOF80yc%2FxESMui7uMAdrzoFKqVKAJbAqoLzAVvGzWANSvdCb4SXMba8ZgGw%3D; _ga_7DP7NV2LKF=GS1.1.1713924177.1.0.1713924177.60.0.0; _ga=GA1.1.37894405.1713924178
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Wed, 24 Apr 2024 02:02:57 GMT
Content-Type: application/javascript
Content-Length: 1120
Last-Modified: Tue, 12 Mar 2024 01:03:57 GMT
Connection: keep-alive
ETag: "65efa9fd-460"
Accept-Ranges: bytes
|
|
| fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700;800;900&display=swap | 142.250.74.74 | 200 OK | 1.1 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700;800;900&display=swap IP142.250.74.74:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typegzip compressed data, max compression Hash5ee5202eefc860096b891a1f2710c26a ce8eb9adfe1eea60255ffaa28bfb1c07f74cd2b9 1db39d8ad1b8b8737ba37665d8f578f9d67301608d7f244b3d96ddd0a976ec30
GET /css2?family=Poppins:wght@300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 02:02:57 GMT
date: Wed, 24 Apr 2024 02:02:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| datanodes.to/theme_2023/dist/assets/index-26fc2db3.js | 31.43.191.18 | 200 OK | 6.9 kB |
URL GET HTTP/1.1datanodes.to/theme_2023/dist/assets/index-26fc2db3.js IP31.43.191.18:443 ASN#210848 Telkom Internet LTD
Requested byhttps://datanodes.to/download CertificateIssuerLet's Encrypt Subjectdatanodes.to FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT
File typeJava source, ASCII text, with very long lines (6944) Hash208fdfff8170735bd569d15c49ef331c a50cb02a49ec0de5483e2928b309c69d708a3a9d c0bd34454c7d029f56806d33376abc31b3e7924fa4d028d571842707b2ae90ff
GET /theme_2023/dist/assets/index-26fc2db3.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/theme_2023/dist/assets/VirusScan-b512073a.js
Cookie: file_code=don4u3c05itx; lang=english; file_name=BG3_--_fitgirl-repacks.site_--_.part056.rar; affiliate=oWG75aIxlQ4J2fSUcUnMp9wPcB9Fv%2Fgho%2FcNoOF80yc%2FxESMui7uMAdrzoFKqVKAJbAqoLzAVvGzWANSvdCb4SXMba8ZgGw%3D; _ga_7DP7NV2LKF=GS1.1.1713924177.1.0.1713924177.60.0.0; _ga=GA1.1.37894405.1713924178
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Wed, 24 Apr 2024 02:02:57 GMT
Content-Type: application/javascript
Content-Length: 6945
Last-Modified: Tue, 12 Mar 2024 01:03:57 GMT
Connection: keep-alive
ETag: "65efa9fd-1b21"
Accept-Ranges: bytes
|
|
| datanodes.to/theme_2023/dist/assets/_plugin-vue_export-helper-c27b6911.js | 31.43.191.18 | 200 OK | 91 B |
URL GET HTTP/1.1datanodes.to/theme_2023/dist/assets/_plugin-vue_export-helper-c27b6911.js IP31.43.191.18:443 ASN#210848 Telkom Internet LTD
Requested byhttps://datanodes.to/download CertificateIssuerLet's Encrypt Subjectdatanodes.to FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT
Hash25e3a5dcaf00fb2b1ba0c8ecea6d2560 7850b3fd4aeb69387bdb5a60025d15c41351d5eb cb85b0f263dbe24e857338301c0627076592e9f1f1a5662929f86d2c126444aa
GET /theme_2023/dist/assets/_plugin-vue_export-helper-c27b6911.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/theme_2023/dist/assets/VirusScan-b512073a.js
Cookie: file_code=don4u3c05itx; lang=english; file_name=BG3_--_fitgirl-repacks.site_--_.part056.rar; affiliate=oWG75aIxlQ4J2fSUcUnMp9wPcB9Fv%2Fgho%2FcNoOF80yc%2FxESMui7uMAdrzoFKqVKAJbAqoLzAVvGzWANSvdCb4SXMba8ZgGw%3D; _ga_7DP7NV2LKF=GS1.1.1713924177.1.0.1713924177.60.0.0; _ga=GA1.1.37894405.1713924178
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Wed, 24 Apr 2024 02:02:57 GMT
Content-Type: application/javascript
Content-Length: 91
Last-Modified: Tue, 12 Mar 2024 01:03:57 GMT
Connection: keep-alive
ETag: "65efa9fd-5b"
Accept-Ranges: bytes
|
|
| datanodes.to/theme_2023/dist/assets/_commonjsHelpers-d4b30cbb.js | 31.43.191.18 | 200 OK | 571 B |
URL GET HTTP/1.1datanodes.to/theme_2023/dist/assets/_commonjsHelpers-d4b30cbb.js IP31.43.191.18:443 ASN#210848 Telkom Internet LTD
Requested byhttps://datanodes.to/download CertificateIssuerLet's Encrypt Subjectdatanodes.to FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT
File typeJavaScript source, ASCII text, with very long lines (570) Hash438e021bb3322f23fb81092ef78dd510 51a31923f243d4af84ef0f6e710bdf202e52c6c9 85533b0eb874013bd2468499e014675813269c8983bf7e0abc366d1715020769
GET /theme_2023/dist/assets/_commonjsHelpers-d4b30cbb.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/theme_2023/dist/assets/VirusScan-b512073a.js
Cookie: file_code=don4u3c05itx; lang=english; file_name=BG3_--_fitgirl-repacks.site_--_.part056.rar; affiliate=oWG75aIxlQ4J2fSUcUnMp9wPcB9Fv%2Fgho%2FcNoOF80yc%2FxESMui7uMAdrzoFKqVKAJbAqoLzAVvGzWANSvdCb4SXMba8ZgGw%3D; _ga_7DP7NV2LKF=GS1.1.1713924177.1.0.1713924177.60.0.0; _ga=GA1.1.37894405.1713924178
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Wed, 24 Apr 2024 02:02:57 GMT
Content-Type: application/javascript
Content-Length: 571
Last-Modified: Tue, 12 Mar 2024 01:03:57 GMT
Connection: keep-alive
ETag: "65efa9fd-23b"
Accept-Ranges: bytes
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 | 216.58.207.227 | 200 OK | 7.7 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 IP216.58.207.227:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7748, version 1.0 Hasha09f2fccfee35b7247b08a1a266f0328 0da2d17e738f46d2a09e6fb7969da451719a9820 cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 03:25:26 GMT
expires: Wed, 23 Apr 2025 03:25:26 GMT
cache-control: public, max-age=31536000
age: 81451
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 | 216.58.207.227 | 200 OK | 8.0 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 IP216.58.207.227:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 8000, version 1.0 Hash72993dddf88a63e8f226656f7de88e57 179f97ec0275f09603a8db94d4380eb584d81cd5 f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 Apr 2024 22:05:29 GMT
expires: Sun, 20 Apr 2025 22:05:29 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
content-type: font/woff2
age: 273448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| datanodes.to/theme_2023/dist/assets/FileActions-11047178.js | 31.43.191.18 | 200 OK | 52 kB |
URL GET HTTP/1.1datanodes.to/theme_2023/dist/assets/FileActions-11047178.js IP31.43.191.18:443 ASN#210848 Telkom Internet LTD
Requested byhttps://datanodes.to/download CertificateIssuerLet's Encrypt Subjectdatanodes.to FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (44817) Hash2a3cbbaafd1fd12337a39ce4640cd66f 07eedc5b05779f20e24e69a75040380d97b92a56 26103140889e1de0b1d921102798611f98edee5a7e97673784d9dadc282f51fe
GET /theme_2023/dist/assets/FileActions-11047178.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/theme_2023/dist/assets/app-804de99c.js
Cookie: file_code=don4u3c05itx; lang=english; file_name=BG3_--_fitgirl-repacks.site_--_.part056.rar; affiliate=oWG75aIxlQ4J2fSUcUnMp9wPcB9Fv%2Fgho%2FcNoOF80yc%2FxESMui7uMAdrzoFKqVKAJbAqoLzAVvGzWANSvdCb4SXMba8ZgGw%3D; _ga_7DP7NV2LKF=GS1.1.1713924177.1.0.1713924177.60.0.0; _ga=GA1.1.37894405.1713924178
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Wed, 24 Apr 2024 02:02:57 GMT
Content-Type: application/javascript
Content-Length: 52275
Last-Modified: Tue, 12 Mar 2024 01:03:57 GMT
Connection: keep-alive
ETag: "65efa9fd-cc33"
Accept-Ranges: bytes
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 | 216.58.207.227 | 200 OK | 7.8 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 IP216.58.207.227:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7816, version 1.0 Hash25b0e113ca7cce3770d542736db26368 cb726212d5d525021752a1d8470a0fb593e0c49e 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 Apr 2024 16:23:47 GMT
expires: Tue, 22 Apr 2025 16:23:47 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
content-type: font/woff2
age: 121151
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 | 216.58.207.227 | 200 OK | 7.9 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 IP216.58.207.227:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7884, version 1.0 Hash9212f6f9860f9fc6c69b02fedf6db8c3 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 03:21:03 GMT
expires: Wed, 23 Apr 2025 03:21:03 GMT
cache-control: public, max-age=31536000
age: 81715
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| datanodes.to/theme_2023/dist/assets/Util-a807a770.js | 31.43.191.18 | 200 OK | 2.9 kB |
URL GET HTTP/1.1datanodes.to/theme_2023/dist/assets/Util-a807a770.js IP31.43.191.18:443 ASN#210848 Telkom Internet LTD
Requested byhttps://datanodes.to/download CertificateIssuerLet's Encrypt Subjectdatanodes.to FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (2854) Hashe962a082bd7fbcd22d98fc66ffb66a6a da900dd215cd2afe903d45831bd69fb0b5d89dfe fb0732ca0dc4dd3578662939ce36a20ec6c7b180ac376e9aad31adb4bdc6ec9a
GET /theme_2023/dist/assets/Util-a807a770.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/theme_2023/dist/assets/FileActions-11047178.js
Cookie: file_code=don4u3c05itx; lang=english; file_name=BG3_--_fitgirl-repacks.site_--_.part056.rar; affiliate=oWG75aIxlQ4J2fSUcUnMp9wPcB9Fv%2Fgho%2FcNoOF80yc%2FxESMui7uMAdrzoFKqVKAJbAqoLzAVvGzWANSvdCb4SXMba8ZgGw%3D; _ga_7DP7NV2LKF=GS1.1.1713924177.1.0.1713924177.60.0.0; _ga=GA1.1.37894405.1713924178
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Wed, 24 Apr 2024 02:02:58 GMT
Content-Type: application/javascript
Content-Length: 2857
Last-Modified: Tue, 12 Mar 2024 01:03:57 GMT
Connection: keep-alive
ETag: "65efa9fd-b29"
Accept-Ranges: bytes
|
|
| datanodes.to/theme_2023/dist/assets/Tooltip-e907cfa8.js | 31.43.191.18 | 200 OK | 17 kB |
URL GET HTTP/1.1datanodes.to/theme_2023/dist/assets/Tooltip-e907cfa8.js IP31.43.191.18:443 ASN#210848 Telkom Internet LTD
Requested byhttps://datanodes.to/download CertificateIssuerLet's Encrypt Subjectdatanodes.to FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT
File typeJavaScript source, ASCII text, with very long lines (16550) Hash47570ce2273f6ba76dc8cadb318139d7 24bd9a7efd312beac0db9209ade65a5766b9120f a4047b7166aae1094d906ed2103acbdec37cdf74627c382b8f1007cf26f56078
GET /theme_2023/dist/assets/Tooltip-e907cfa8.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/theme_2023/dist/assets/FileActions-11047178.js
Cookie: file_code=don4u3c05itx; lang=english; file_name=BG3_--_fitgirl-repacks.site_--_.part056.rar; affiliate=oWG75aIxlQ4J2fSUcUnMp9wPcB9Fv%2Fgho%2FcNoOF80yc%2FxESMui7uMAdrzoFKqVKAJbAqoLzAVvGzWANSvdCb4SXMba8ZgGw%3D; _ga_7DP7NV2LKF=GS1.1.1713924177.1.0.1713924177.60.0.0; _ga=GA1.1.37894405.1713924178
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Wed, 24 Apr 2024 02:02:58 GMT
Content-Type: application/javascript
Content-Length: 16551
Last-Modified: Tue, 12 Mar 2024 01:03:57 GMT
Connection: keep-alive
ETag: "65efa9fd-40a7"
Accept-Ranges: bytes
|
|
| datanodes.to/theme_2023/dist/assets/open-closed-e5a84f93.js | 31.43.191.18 | 200 OK | 3.5 kB |
URL GET HTTP/1.1datanodes.to/theme_2023/dist/assets/open-closed-e5a84f93.js IP31.43.191.18:443 ASN#210848 Telkom Internet LTD
Requested byhttps://datanodes.to/download CertificateIssuerLet's Encrypt Subjectdatanodes.to FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT
File typeJavaScript source, ASCII text, with very long lines (1681) Hash81430e48d2b3970c34b08d82381c55eb aaa0206113bd0abfe7064978233356a163624a62 4f85ba591d84f876ed7fa801b00bc0c7eec0e85bfce53e64dd4101fddc1752cc
GET /theme_2023/dist/assets/open-closed-e5a84f93.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/theme_2023/dist/assets/FileActions-11047178.js
Cookie: file_code=don4u3c05itx; lang=english; file_name=BG3_--_fitgirl-repacks.site_--_.part056.rar; affiliate=oWG75aIxlQ4J2fSUcUnMp9wPcB9Fv%2Fgho%2FcNoOF80yc%2FxESMui7uMAdrzoFKqVKAJbAqoLzAVvGzWANSvdCb4SXMba8ZgGw%3D; _ga_7DP7NV2LKF=GS1.1.1713924177.1.0.1713924177.60.0.0; _ga=GA1.1.37894405.1713924178
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Wed, 24 Apr 2024 02:02:58 GMT
Content-Type: application/javascript
Content-Length: 3487
Last-Modified: Tue, 12 Mar 2024 01:03:57 GMT
Connection: keep-alive
ETag: "65efa9fd-d9f"
Accept-Ranges: bytes
|
|
| datanodes.to/theme_2023/dist/assets/transition-4942c40a.js | 31.43.191.18 | 200 OK | 28 kB |
URL GET HTTP/1.1datanodes.to/theme_2023/dist/assets/transition-4942c40a.js IP31.43.191.18:443 ASN#210848 Telkom Internet LTD
Requested byhttps://datanodes.to/download CertificateIssuerLet's Encrypt Subjectdatanodes.to FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT
File typeJavaScript source, ASCII text, with very long lines (27942) Hash6c585011311e4492ae5a8c20699766ea 56071106c0890eb6f11662f5326adf9e39ca6673 e8c46ae956457ce034b3afed53036b2f8456ac8b9ec68086698b2e77f7cfe01b
GET /theme_2023/dist/assets/transition-4942c40a.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/theme_2023/dist/assets/FileActions-11047178.js
Cookie: file_code=don4u3c05itx; lang=english; file_name=BG3_--_fitgirl-repacks.site_--_.part056.rar; affiliate=oWG75aIxlQ4J2fSUcUnMp9wPcB9Fv%2Fgho%2FcNoOF80yc%2FxESMui7uMAdrzoFKqVKAJbAqoLzAVvGzWANSvdCb4SXMba8ZgGw%3D; _ga_7DP7NV2LKF=GS1.1.1713924177.1.0.1713924177.60.0.0; _ga=GA1.1.37894405.1713924178
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Wed, 24 Apr 2024 02:02:58 GMT
Content-Type: application/javascript
Content-Length: 27943
Last-Modified: Tue, 12 Mar 2024 01:03:57 GMT
Connection: keep-alive
ETag: "65efa9fd-6d27"
Accept-Ranges: bytes
|
|
| datanodes.to/favicon.ico | 31.43.191.18 | 200 OK | 2.5 kB |
IP31.43.191.18:443 ASN#210848 Telkom Internet LTD
Requested byhttps://datanodes.to/download CertificateIssuerLet's Encrypt Subjectdatanodes.to FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hashc813091dc9f029ba08588f60cc450755 d2b2f0efc676eff758c4194d80ff2e9ee973f556 682e513cfa795efc1e53c502e9a8aa3d91db160b7fd15f94de2a4156a6961474
GET /favicon.ico HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: file_code=don4u3c05itx; lang=english; file_name=BG3_--_fitgirl-repacks.site_--_.part056.rar; affiliate=oWG75aIxlQ4J2fSUcUnMp9wPcB9Fv%2Fgho%2FcNoOF80yc%2FxESMui7uMAdrzoFKqVKAJbAqoLzAVvGzWANSvdCb4SXMba8ZgGw%3D; _ga_7DP7NV2LKF=GS1.1.1713924177.1.0.1713924177.60.0.0; _ga=GA1.1.37894405.1713924178
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Wed, 24 Apr 2024 02:02:58 GMT
Content-Type: image/x-icon
Content-Length: 2461
Last-Modified: Thu, 01 Sep 2022 19:47:58 GMT
Connection: keep-alive
ETag: "63110c6e-99d"
Accept-Ranges: bytes
|
|
| www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js | 142.250.74.35 | 200 OK | 206 kB |
URL GET HTTP/2www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js IP142.250.74.35:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeJavaScript source, ASCII text, with very long lines (597) Size206 kB (206057 bytes) Hash8326c23d6b3eed35bc3e62f3294587fd edda17e74e53e85073e5eac9cb6be2163dbfa23c 57f03d3ba66117edc152646341120dd3a1d7d71b9a98a3723af5a8ae61bcb3ab
GET /recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 206057
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 21 Apr 2024 20:38:39 GMT
expires: Mon, 21 Apr 2025 20:38:39 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 02:01:04 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 192259
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| gymnasiumfilmgale.com/e1/4e/78/e14e780a032007ee31fa42982e6a623a.js | 172.240.108.84 | 200 OK | 31 kB |
URL GET HTTP/1.1gymnasiumfilmgale.com/e1/4e/78/e14e780a032007ee31fa42982e6a623a.js IP172.240.108.84:443
Requested byhttps://datanodes.to/download CertificateIssuerLet's Encrypt Subjectgymnasiumfilmgale.com Fingerprint04:6D:C3:29:FB:CA:93:51:E1:75:4E:5A:57:D9:54:FF:34:32:12:BF ValidityThu, 11 Apr 2024 12:30:46 GMT - Wed, 10 Jul 2024 12:30:45 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashb8f1add908a6695d3257b1b18ff591ae 9c1ec7d62cfce1791bc61b3dd1b0e0a218a0cdd3 048c8624da1c594c9e0c9decdcc18f5a93d54202b534d142c6a2dcd362620ef7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /e1/4e/78/e14e780a032007ee31fa42982e6a623a.js HTTP/1.1
Host: gymnasiumfilmgale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 02:02:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b78ee50169d5d9b9d0fbd467046d7452
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7DP7NV2LKF&cid=37894405.1713924178>m=45je44m0v9175474265za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1954530809 | 142.250.74.163 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7DP7NV2LKF&cid=37894405.1713924178>m=45je44m0v9175474265za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1954530809 IP142.250.74.163:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint4E:BD:F9:72:97:67:A2:4B:EE:E4:B0:03:CD:C8:F3:30:53:27:53:1D ValidityMon, 18 Mar 2024 20:50:06 GMT - Mon, 10 Jun 2024 20:50:05 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7DP7NV2LKF&cid=37894405.1713924178>m=45je44m0v9175474265za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1954530809 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 24 Apr 2024 02:02:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-7DP7NV2LKF>m=45je44m0v9175474265za200&_p=1713924177727&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=37894405.1713924178&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713924177&sct=1&seg=0&dl=https%3A%2F%2Fdatanodes.to%2Fdownload&dt=Download%20BG3%20fitgirl%20repacks%20site%20part056%20rar&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=912 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-7DP7NV2LKF>m=45je44m0v9175474265za200&_p=1713924177727&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=37894405.1713924178&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713924177&sct=1&seg=0&dl=https%3A%2F%2Fdatanodes.to%2Fdownload&dt=Download%20BG3%20fitgirl%20repacks%20site%20part056%20rar&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=912 IP216.239.34.36:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7DP7NV2LKF>m=45je44m0v9175474265za200&_p=1713924177727&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=37894405.1713924178&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713924177&sct=1&seg=0&dl=https%3A%2F%2Fdatanodes.to%2Fdownload&dt=Download%20BG3%20fitgirl%20repacks%20site%20part056%20rar&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=912 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://datanodes.to
date: Wed, 24 Apr 2024 02:02:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 18.185.247.192 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.247.192:443
Requested byhttps://datanodes.to/download CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashfbdd25e011550b08112b4c5e848feb4e 82b84ed6f5a76a30d246c5b7e156d9dd312e3776 9b907bd779d67c27f56ac05f92953471f16dfd5caf189e6be1fb2dede0728290
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://datanodes.to
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:02:58 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://datanodes.to
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=110cbccc-1dc5-4e24-a51c-bd8e03215378:1:1; expires=Sat, 22 Apr 2034 02:02:58 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/styles__ltr.css | 142.250.74.35 | 200 OK | 25 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/styles__ltr.css IP142.250.74.35:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=m29j7lfmqtg1 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeASCII text, with very long lines (56412), with no line terminators Hash2c00b9f417b688224937053cd0c284a5 17b4c18ebc129055dd25f214c3f11e03e9df2d82 1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed
GET /recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24617
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 21 Apr 2024 20:38:41 GMT
expires: Mon, 21 Apr 2025 20:38:41 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 02:01:04 GMT
content-type: text/css
vary: Accept-Encoding
age: 192257
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| trebleuniversity.com/pixel/purst?dl=0&th=0&sc=0&rs=1492&rd=1492&fd=481&bv=24.4.3467&tmpl=70 | 172.240.108.76 | 200 OK | 0 B |
URL GET HTTP/1.1trebleuniversity.com/pixel/purst?dl=0&th=0&sc=0&rs=1492&rd=1492&fd=481&bv=24.4.3467&tmpl=70 IP172.240.108.76:443
Requested byhttps://datanodes.to/download CertificateIssuerLet's Encrypt Subjecttrebleuniversity.com FingerprintBB:85:33:0C:29:8B:B9:F9:12:37:D8:BE:36:46:F1:D3:EC:A5:DB:42 ValidityTue, 23 Apr 2024 10:53:58 GMT - Mon, 22 Jul 2024 10:53:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/purst?dl=0&th=0&sc=0&rs=1492&rd=1492&fd=481&bv=24.4.3467&tmpl=70 HTTP/1.1
Host: trebleuniversity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 02:02:58 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js | 142.250.74.35 | 200 OK | 206 kB |
URL GET HTTP/2www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js IP142.250.74.35:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeJavaScript source, ASCII text, with very long lines (597) Size206 kB (206057 bytes) Hash8326c23d6b3eed35bc3e62f3294587fd edda17e74e53e85073e5eac9cb6be2163dbfa23c 57f03d3ba66117edc152646341120dd3a1d7d71b9a98a3723af5a8ae61bcb3ab
GET /recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 206057
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 21 Apr 2024 20:38:39 GMT
expires: Mon, 21 Apr 2025 20:38:39 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 02:01:04 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 192259
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=m29j7lfmqtg1 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0 Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:43:03 GMT
expires: Fri, 18 Apr 2025 02:43:03 GMT
cache-control: public, max-age=31536000
age: 515996
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP216.58.207.227:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=m29j7lfmqtg1 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0 Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:25:07 GMT
expires: Fri, 18 Apr 2025 17:25:07 GMT
cache-control: public, max-age=31536000
age: 463072
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api2/webworker.js?hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC | 142.250.74.164 | 200 OK | 7.6 kB |
URL GET HTTP/3www.google.com/recaptcha/api2/webworker.js?hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC IP142.250.74.164:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=m29j7lfmqtg1 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
Hash2afcc0e30bd99cb9afc8c6598b920a86 49cda8c87ce64b22abeaf519513d1ec5a469f3e5 601ab78dc09f0861d28637553e3c501104b7f2fc3c19604c9c6f7214c65ff7c3
GET /recaptcha/api2/webworker.js?hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=m29j7lfmqtg1
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 24 Apr 2024 02:02:59 GMT
date: Wed, 24 Apr 2024 02:02:59 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/recaptcha/api2/logo_48.png | 142.250.74.35 | 200 OK | 2.2 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/api2/logo_48.png IP142.250.74.35:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=m29j7lfmqtg1 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hashef9941290c50cd3866e2ba6b793f010d 4736508c795667dcea21f8d864233031223b7832 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:54:07 GMT
expires: Thu, 25 Apr 2024 02:54:07 GMT
cache-control: public, max-age=604800
age: 515332
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| downstairsnegotiatebarren.com/sfp.js | 172.67.180.87 | 200 OK | 38 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP172.67.180.87:443
Requested byhttps://datanodes.to/download CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:02:58 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 5ff9eab7d90ae8f35d89db432add3997
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 24 Apr 2024 02:02:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BqsA3noTL0WxVGvC2ecgInx4HDHWnOH27qPTyeB4h3p27sqRtvWZKe0Y9OYtBp9Wmmqq1Bwc6qnJiE9RWMDc0p4kHkUva5dtUwnzPG7R9DFLPXsprWlL1r1K3K2m%2BDHqkX8hLaFkuvQ9ZlfnWg9s7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879283a34cac56b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| unseenreport.com/pxf.gif?uuid=110cbccc-1dc5-4e24-a51c-bd8e03215378&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=e14e780a032007ee31fa42982e6a623a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=2 | 192.243.61.227 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=110cbccc-1dc5-4e24-a51c-bd8e03215378&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=e14e780a032007ee31fa42982e6a623a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=2 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://datanodes.to/download CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=110cbccc-1dc5-4e24-a51c-bd8e03215378&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=e14e780a032007ee31fa42982e6a623a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=2 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 02:02:59 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d1b82a9656c961073035e36b04de7448
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| datanodes.to/theme_2023/dist/assets/LoadingIcon-1eaa7e57.js | 31.43.191.18 | 200 OK | 667 B |
URL GET HTTP/1.1datanodes.to/theme_2023/dist/assets/LoadingIcon-1eaa7e57.js IP31.43.191.18:443 ASN#210848 Telkom Internet LTD
Requested byhttps://datanodes.to/download CertificateIssuerLet's Encrypt Subjectdatanodes.to FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT
File typeASCII text, with very long lines (714), with no line terminators Hash031f02245a07467086a9a2e044c951cf 64dddcbdb682c85d781cacdeaee2a57f1c8d37bf a72b9be91b54f7e997d2f86e8edd1aeddea860daa139dea3c7d1d44525ed02a0
GET /theme_2023/dist/assets/LoadingIcon-1eaa7e57.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/theme_2023/dist/assets/VirusScan-b512073a.js
Cookie: file_code=don4u3c05itx; lang=english; file_name=BG3_--_fitgirl-repacks.site_--_.part056.rar; affiliate=oWG75aIxlQ4J2fSUcUnMp9wPcB9Fv%2Fgho%2FcNoOF80yc%2FxESMui7uMAdrzoFKqVKAJbAqoLzAVvGzWANSvdCb4SXMba8ZgGw%3D; _ga_7DP7NV2LKF=GS1.1.1713924177.1.0.1713924177.60.0.0; _ga=GA1.1.37894405.1713924178
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Wed, 24 Apr 2024 02:02:57 GMT
Content-Type: application/javascript
Content-Length: 667
Last-Modified: Tue, 12 Mar 2024 01:03:57 GMT
Connection: keep-alive
ETag: "65efa9fd-29b"
Accept-Ranges: bytes
|
|
| www.google.com/recaptcha/api2/reload?k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT | 142.250.74.164 | 200 OK | 13 kB |
URL POST HTTP/3www.google.com/recaptcha/api2/reload?k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT IP142.250.74.164:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=m29j7lfmqtg1 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File typeASCII text, with very long lines (13073) Hashf0af4f8bd47b0c1d22e8a3c362470938 0f5863020aabe55c9de5cf122c7f13fe6d836ed6 d12ca777c2469e746d9db22e033b6d4999ae4eaf56b40b001035e55378af5218
POST /recaptcha/api2/reload?k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 6754
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=m29j7lfmqtg1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
date: Wed, 24 Apr 2024 02:03:00 GMT
expires: Wed, 24 Apr 2024 02:03:00 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
set-cookie: _GRECAPTCHA=09AKPP-6cFo21O4snTFatVV0pUPEH_Kzcs5znldWZLWMo9gGuKG7QnqPtKBnQILEAs6fIhQFcCCXPHBIxv9B4EjcU;Path=/recaptcha;Expires=Mon, 21-Oct-2024 02:03:00 GMT;Secure;HttpOnly;Priority=HIGH;SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=m29j7lfmqtg1 | 142.250.74.164 | 200 OK | 45 kB |
URL GET HTTP/3www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=m29j7lfmqtg1 IP142.250.74.164:443
Requested byhttps://datanodes.to/download CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File typeHTML document, ASCII text, with very long lines (36261) Hashf5c31399ae0ea6daeb9079324905f060 357af636e266fa2e2e72120f132bf771ca229eb6 4178e93871dd1a99add325ac93764549159ebcada80ef74c971a2462118cf540
GET /recaptcha/api2/anchor?ar=1&k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=m29j7lfmqtg1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 24 Apr 2024 02:02:58 GMT
content-security-policy: script-src 'nonce-C-Uc8q6ram70VkQVCG6zWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/js/bg/F3t2rNz7bgl6HBEOkbpna2AoS4gdljz1bcAONYlXrnE.js | 142.250.74.164 | 200 OK | 18 kB |
URL GET HTTP/3www.google.com/js/bg/F3t2rNz7bgl6HBEOkbpna2AoS4gdljz1bcAONYlXrnE.js IP142.250.74.164:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=m29j7lfmqtg1 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File typeJavaScript source, ASCII text, with very long lines (17687) Hash133138dc8ed76a5e7f52fd72aeb36003 10c34d56309ef22c2bf88339d926efa45f86c579 177b76acdcfb6e097a1c110e91ba676b60284b881d963cf56dc00e358957ae71
GET /js/bg/F3t2rNz7bgl6HBEOkbpna2AoS4gdljz1bcAONYlXrnE.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5HFUpAAAAAJOhHkDP6NtCvmdUvxeO_uJbtWlT&co=aHR0cHM6Ly9kYXRhbm9kZXMudG86NDQz&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=m29j7lfmqtg1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7443
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 05:06:06 GMT
expires: Thu, 17 Apr 2025 05:06:06 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 16 Apr 2024 13:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 593813
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| datanodes.to/theme_2023/dist/assets/Tooltip-4872b02d.css | 31.43.191.18 | 200 OK | 372 B |
URL GET HTTP/1.1datanodes.to/theme_2023/dist/assets/Tooltip-4872b02d.css IP31.43.191.18:443 ASN#210848 Telkom Internet LTD
Requested byhttps://datanodes.to/download CertificateIssuerLet's Encrypt Subjectdatanodes.to FingerprintDD:E5:D4:EE:55:80:7D:51:7D:70:B9:F7:43:3E:95:3C:70:DD:DE:9E ValidityTue, 09 Apr 2024 11:53:16 GMT - Mon, 08 Jul 2024 11:53:15 GMT
File typeASCII text, with very long lines (373), with no line terminators Hash9fa892c8b5cb88d2cb9977b8ab1503e2 56541ba3e043b3a46ad525b4185c436017c8f45a 0b25778dbe5067fa8cdb0569dcb6938bc39856e430289cba0f3098364b33fc3e
GET /theme_2023/dist/assets/Tooltip-4872b02d.css HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: file_code=don4u3c05itx; lang=english; file_name=BG3_--_fitgirl-repacks.site_--_.part056.rar; affiliate=oWG75aIxlQ4J2fSUcUnMp9wPcB9Fv%2Fgho%2FcNoOF80yc%2FxESMui7uMAdrzoFKqVKAJbAqoLzAVvGzWANSvdCb4SXMba8ZgGw%3D; _ga_7DP7NV2LKF=GS1.1.1713924177.1.0.1713924177.60.0.0; _ga=GA1.1.37894405.1713924178
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Wed, 24 Apr 2024 02:02:57 GMT
Content-Type: text/css
Content-Length: 372
Last-Modified: Tue, 12 Mar 2024 01:03:57 GMT
Connection: keep-alive
ETag: "65efa9fd-174"
Accept-Ranges: bytes
|
|