depositfiles.com/files/u3tux9lji
91.226.124.78302 Moved Temporarily 138 B URL HTTP/1.1 depositfiles.com/files/u3tux9lji
IP 91.226.124.78:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /files/u3tux9lji HTTP/1.1
Host: depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 01 Feb 2023 20:00:35 GMT
Content-Type: text/html
Content-Length: 138
Connection: close
Location: https://depositfiles.com/files/u3tux9lji
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15594
Expires: Thu, 02 Feb 2023 00:20:30 GMT
Date: Wed, 01 Feb 2023 20:00:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14067
Expires: Wed, 01 Feb 2023 23:55:03 GMT
Date: Wed, 01 Feb 2023 20:00:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 19:43:26 GMT
content-type: application/json
age: 1030
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8003
Expires: Wed, 01 Feb 2023 22:13:59 GMT
Date: Wed, 01 Feb 2023 20:00:36 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 1NePtiUYd2WrPam0zMF6Ri+cA/P710zaJs/jUKU3hvzgPeE3Az2P4nL0lvcmycJ8bpxR0Lqhp+mSaDQkWooWPg==
x-amz-request-id: VM3FDSKZZ6ZB2XGZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 19:22:47 GMT
age: 2269
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 840948e57a644c2ac8f1e653a4587ba7
43a1d90bcf03fabb6278c55e348b2842eca87c4c
e12b77f9ac8e2dab43186d6fa83e7fbbed8582432f81fc58e355f5ffdbf80ce5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E12B77F9AC8E2DAB43186D6FA83E7FBBED8582432F81FC58E355F5FFDBF80CE5"
Last-Modified: Tue, 31 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5527
Expires: Wed, 01 Feb 2023 21:32:43 GMT
Date: Wed, 01 Feb 2023 20:00:36 GMT
Connection: keep-alive
depositfiles.com/files/u3tux9lji
91.226.124.80302 Found 0 B URL HTTP/1.1 depositfiles.com/files/u3tux9lji
IP 91.226.124.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /files/u3tux9lji HTTP/1.1
Host: depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 01 Feb 2023 20:00:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Location: //dfiles.eu/files/u3tux9lji
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 20:00:36 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash caa2cb3e3c72d487237851abef9c4c1b
cc169545795e1766feaf32a02f1c47511809a210
77937d42e5ea6675f02c6ceeefc93f879cf776efdf81d37c0c39d2c1c161078d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "77937D42E5EA6675F02C6CEEEFC93F879CF776EFDF81D37C0C39D2C1C161078D"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12062
Expires: Wed, 01 Feb 2023 23:21:38 GMT
Date: Wed, 01 Feb 2023 20:00:36 GMT
Connection: keep-alive
dfiles.eu/files/u3tux9lji
91.226.124.80200 OK 8.4 kB URL HTTP/1.1 dfiles.eu/files/u3tux9lji
IP 91.226.124.80:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6441), with CRLF, CR, LF line terminators
Hash 7bc7292bb815a7c70f1ff79ddb75a9c5
9ed6267f62d8e1b002e7e82886f1d1127c18b0cb
0dd20e7b52190df9f57ef2904b680fdf0a675bb3a7f393aad661f649cf6f97e8
GET /files/u3tux9lji HTTP/1.1
Host: dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 20:00:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: uprand=19d13269a515b58b5a38d402403cdce4; path=/; domain=.dfiles.eu
last_file=u3tux9lji; path=/; domain=.dfiles.eu
lang_current=en; expires=Thu, 01-Feb-2024 20:00:36 GMT; Max-Age=31536000; path=/; domain=.dfiles.eu; secure
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 19:41:42 GMT
age: 1134
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash df4a6d84addba49571d9f6ae44c61a3f
28c8093de27e27645cf6dfd5ae93a62fc77b9be5
cb6623b08b6245ea11bb871729613e453046d427d738a8c6431c5da8347e6e05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 20:00:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 840948e57a644c2ac8f1e653a4587ba7
43a1d90bcf03fabb6278c55e348b2842eca87c4c
e12b77f9ac8e2dab43186d6fa83e7fbbed8582432f81fc58e355f5ffdbf80ce5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E12B77F9AC8E2DAB43186D6FA83E7FBBED8582432F81FC58E355F5FFDBF80CE5"
Last-Modified: Tue, 31 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5527
Expires: Wed, 01 Feb 2023 21:32:43 GMT
Date: Wed, 01 Feb 2023 20:00:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 840948e57a644c2ac8f1e653a4587ba7
43a1d90bcf03fabb6278c55e348b2842eca87c4c
e12b77f9ac8e2dab43186d6fa83e7fbbed8582432f81fc58e355f5ffdbf80ce5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E12B77F9AC8E2DAB43186D6FA83E7FBBED8582432F81FC58E355F5FFDBF80CE5"
Last-Modified: Tue, 31 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5527
Expires: Wed, 01 Feb 2023 21:32:43 GMT
Date: Wed, 01 Feb 2023 20:00:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 840948e57a644c2ac8f1e653a4587ba7
43a1d90bcf03fabb6278c55e348b2842eca87c4c
e12b77f9ac8e2dab43186d6fa83e7fbbed8582432f81fc58e355f5ffdbf80ce5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E12B77F9AC8E2DAB43186D6FA83E7FBBED8582432F81FC58E355F5FFDBF80CE5"
Last-Modified: Tue, 31 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5527
Expires: Wed, 01 Feb 2023 21:32:43 GMT
Date: Wed, 01 Feb 2023 20:00:36 GMT
Connection: keep-alive
www.google.com/recaptcha/api.js
216.58.211.4200 OK 556 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 216.58.211.4:0
File type ASCII text, with very long lines (850), with no line terminators
Hash f678bcfbe98b4039961065c12543bfd0
31a000bba532f910d036c24c795ef3636450e4c3
1dabb56e42c7b0a90264a0e7d8884e4111eed0e1b6321cab5f6e26440d63da8d
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 01 Feb 2023 20:00:36 GMT
date: Wed, 01 Feb 2023 20:00:36 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 556
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 840948e57a644c2ac8f1e653a4587ba7
43a1d90bcf03fabb6278c55e348b2842eca87c4c
e12b77f9ac8e2dab43186d6fa83e7fbbed8582432f81fc58e355f5ffdbf80ce5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E12B77F9AC8E2DAB43186D6FA83E7FBBED8582432F81FC58E355F5FFDBF80CE5"
Last-Modified: Tue, 31 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5527
Expires: Wed, 01 Feb 2023 21:32:43 GMT
Date: Wed, 01 Feb 2023 20:00:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3989
Expires: Wed, 01 Feb 2023 21:07:05 GMT
Date: Wed, 01 Feb 2023 20:00:36 GMT
Connection: keep-alive
static.depositfiles.com/js/function.js
91.226.124.79200 OK 35 kB URL HTTP/1.1 static.depositfiles.com/js/function.js
IP 91.226.124.79:0
File type ASCII text, with very long lines (4240)
Hash a5779d2f560cd50376dbba372b0fd15b
07b08e35b9254288c1372e37577db8b9e4da01b4
51d26403861d61a7842bc73f518d4a4351a7027c40c9f0347f61421226950b84
GET /js/function.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 20:00:36 GMT
Content-Type: application/javascript
Content-Length: 34915
Last-Modified: Thu, 28 Apr 2022 09:39:11 GMT
Connection: keep-alive
ETag: "626a60bf-8863"
Expires: Wed, 01 Feb 2023 20:05:36 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 20:00:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.depositfiles.com/js/jquery.validate.js
91.226.124.79200 OK 38 kB URL HTTP/1.1 static.depositfiles.com/js/jquery.validate.js
IP 91.226.124.79:0
File type Unicode text, UTF-8 text, with very long lines (1238)
Hash d5231b6378847ebdb55f64c77d5a234f
eed97aa0b2aa9486b6f6831ed8a85dc729ad6b9c
95434a8a2568a6481a1fbcf5808a75dd58e77348ed6d70b4f7aeda8842e8f0c7
GET /js/jquery.validate.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 20:00:36 GMT
Content-Type: application/javascript
Content-Length: 38269
Last-Modified: Thu, 28 Apr 2022 09:39:11 GMT
Connection: keep-alive
ETag: "626a60bf-957d"
Expires: Wed, 01 Feb 2023 20:05:36 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes
static.depositfiles.com/css/main.css
91.226.124.79200 OK 47 kB URL HTTP/1.1 static.depositfiles.com/css/main.css
IP 91.226.124.79:0
File type ASCII text, with very long lines (332)
Hash cea03c07a2dcdd9444f5f6de6a3f6c64
89307ec85eb1fa31aa0b0d759e13f78970b0375b
5ecd5842291f787ca0d39182e73ab7992ed55dccce2aaeb7cfc4e10ba3917634
GET /css/main.css HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 20:00:36 GMT
Content-Type: text/css
Last-Modified: Thu, 28 Apr 2022 09:39:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"626a60be-2f719"
Expires: Wed, 01 Feb 2023 20:05:36 GMT
Cache-Control: max-age=300
Content-Encoding: gzip
static.depositfiles.com/js/base2.js
91.226.124.79200 OK 399 kB URL HTTP/1.1 static.depositfiles.com/js/base2.js
IP 91.226.124.79:0
File type Unicode text, UTF-8 text, with very long lines (65481)
Size 399 kB (398927 bytes)
Hash 2fcae8126c3fd9a626370a701f0bd887
f3496fb7bbe122a9774d7dcfcd68da03a24dc285
d29ab86f64b4fcfbc45b9ef806c147f1e42e37e37d44a559147232288063badc
GET /js/base2.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 20:00:36 GMT
Content-Type: application/javascript
Content-Length: 398927
Last-Modified: Thu, 28 Apr 2022 09:39:11 GMT
Connection: keep-alive
ETag: "626a60bf-6164f"
Expires: Wed, 01 Feb 2023 20:05:36 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b01029b94f6a4a1665dfc860aecebcd7
7197e4a488041155dbdec5b4a294cf9637ebeea9
342c4d077c3ad7982a659b1694e0dc9b03e2561c6af32b8c640666358fa71077
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "342C4D077C3AD7982A659B1694E0DC9B03E2561C6AF32B8C640666358FA71077"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5964
Expires: Wed, 01 Feb 2023 21:40:01 GMT
Date: Wed, 01 Feb 2023 20:00:37 GMT
Connection: keep-alive
push.services.mozilla.com/
52.43.158.219101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.158.219:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: H0BukYxZC47iYZ2EAK+WVw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: z77UE8SOs7gIu9fsLT5EQJRQdVk=
pl16105218.highcpmrevenuenetwork.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js
173.233.137.36200 OK 13 kB URL HTTP/1.1 pl16105218.highcpmrevenuenetwork.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js
IP 173.233.137.36:0
File type ASCII text, with very long lines (37146), with no line terminators
Hash cb9bcc1eeb4eff5fb2a1f3ef9a2e0e50
21de270f32fac2a238cedbf7ace9e506cd61704b
413e8d3ef458f9f621745dc9262dcaae47dcc0d71aaf35c517b49c5847b01eec
Analyzer Verdict Alert quad9 Sinkholed
GET /22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js HTTP/1.1
Host: pl16105218.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 01 Feb 2023 20:00:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5cba96cf1c6e20fc60af0c2751655247
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
static.depositfiles.com/images/logo.png
91.226.124.79200 OK 3.6 kB URL HTTP/1.1 static.depositfiles.com/images/logo.png
IP 91.226.124.79:0
File type PNG image data, 176 x 43, 8-bit/color RGBA, non-interlaced\012- data
Hash c41fdd84b04e45a91cb17cfdeccb1b38
fec7fffe104c7e169aeb159032078c4b71ff2cdc
7f89eb8ab03684f4db282ca30eb231b1e254bca10c7b511950df5e0eab0a68a0
GET /images/logo.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 20:00:37 GMT
Content-Type: image/png
Content-Length: 3623
Last-Modified: Thu, 28 Apr 2022 09:39:11 GMT
Connection: keep-alive
ETag: "626a60bf-e27"
Accept-Ranges: bytes
static.depositfiles.com/images/member_menu_bg.gif
91.226.124.79200 OK 78 B URL HTTP/1.1 static.depositfiles.com/images/member_menu_bg.gif
IP 91.226.124.79:0
File type GIF image data, version 89a, 1 x 48\012- data
Hash 20a24b56dcedf6a71a71ebec771e1f7d
d7bed493d5d4eeaed5dbbf7d30d45107840790a0
6f57f29224d8e9e51ed0839e329055426fba7dcd97ef31e93ed495f93a6063df
GET /images/member_menu_bg.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 20:00:37 GMT
Content-Type: image/gif
Content-Length: 78
Last-Modified: Thu, 28 Apr 2022 09:39:11 GMT
Connection: keep-alive
ETag: "626a60bf-4e"
Expires: Mon, 06 Feb 2023 20:00:37 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
static.depositfiles.com/images/timer.gif
91.226.124.79200 OK 12 kB URL HTTP/1.1 static.depositfiles.com/images/timer.gif
IP 91.226.124.79:0
File type GIF image data, version 89a, 70 x 70\012- data
Hash fb170c2ce20d8088b7cee465689c3637
9759429c7de6921580fac900c4c6026c758bb94c
6b5c53dd4d2d07c854e019e55458ff9652a4d9b7bf1fe8848ad00ca16032e294
GET /images/timer.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 20:00:37 GMT
Content-Type: image/gif
Content-Length: 11607
Last-Modified: Thu, 28 Apr 2022 09:39:11 GMT
Connection: keep-alive
ETag: "626a60bf-2d57"
Expires: Mon, 06 Feb 2023 20:00:37 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
static.depositfiles.com/images/flags/lang24.png
91.226.124.79200 OK 9.2 kB URL HTTP/1.1 static.depositfiles.com/images/flags/lang24.png
IP 91.226.124.79:0
File type PNG image data, 24 x 552, 8-bit/color RGBA, non-interlaced\012- data
Hash efdcd1ca23d564ddd811f41152a2b83c
0b5aa064e7f8f241363c55fa17eb448f42a5f8df
ce23be242e34c5b420f8ba0390aef20fa50ffc69f700091029616eff524e8f9b
GET /images/flags/lang24.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 20:00:37 GMT
Content-Type: image/png
Content-Length: 9172
Last-Modified: Thu, 28 Apr 2022 09:39:11 GMT
Connection: keep-alive
ETag: "626a60bf-23d4"
Accept-Ranges: bytes
static.depositfiles.com/images/sprite.png
91.226.124.79200 OK 37 kB URL HTTP/1.1 static.depositfiles.com/images/sprite.png
IP 91.226.124.79:0
File type PNG image data, 102 x 630, 8-bit/color RGBA, non-interlaced\012- data
Hash 2333675d7e431d5313c6dbb5230a14cd
93c4032e5b8b85793a9cda7167804445d950dd96
b287134a60667ce8e2c3fa1603e3a8f2ffa59c64e746d026d1a13ef19f3f38a0
GET /images/sprite.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 20:00:37 GMT
Content-Type: image/png
Content-Length: 36802
Last-Modified: Thu, 28 Apr 2022 09:39:11 GMT
Connection: keep-alive
ETag: "626a60bf-8fc2"
Accept-Ranges: bytes
static.depositfiles.com/images/sprite16.png
91.226.124.79200 OK 28 kB URL HTTP/1.1 static.depositfiles.com/images/sprite16.png
IP 91.226.124.79:0
File type PNG image data, 32 x 1072, 8-bit/color RGBA, non-interlaced\012- data
Hash 2e86fe2d2c2650c5f4663f0fc135ebc1
ba86e14a9abcff0581eda84a307594ef1288b982
604187f8828381a47ae70249f55f21c78c53ab1401d20a5f2230a0d6c9ae50d1
GET /images/sprite16.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 20:00:37 GMT
Content-Type: image/png
Content-Length: 28501
Last-Modified: Thu, 28 Apr 2022 09:39:11 GMT
Connection: keep-alive
ETag: "626a60bf-6f55"
Accept-Ranges: bytes
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a803ab4e3d208f5f2f423789c4e2b979
15708b6218150e5f9d2970f2b3dd057f481ebb62
8b3c8774e9bba02ab66d2f2fc6a195a0e407f16e5a1b968c8eaa5b9d88628702
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B3C8774E9BBA02AB66D2F2FC6A195A0E407F16E5A1B968C8EAA5B9D88628702"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15232
Expires: Thu, 02 Feb 2023 00:14:29 GMT
Date: Wed, 01 Feb 2023 20:00:37 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dde2c749c196c5c411a2ceed2cd1da07
5ac939841ebacdace7e97e900056fcacdce1ee51
a153214f1fe422c54f64ba0e259c63c010f97ae9dca05ab953fcac10a4706946
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A153214F1FE422C54F64BA0E259C63C010F97AE9DCA05AB953FCAC10A4706946"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12662
Expires: Wed, 01 Feb 2023 23:31:39 GMT
Date: Wed, 01 Feb 2023 20:00:37 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 80f52df5e0a02860681823dcf39a1486
d111804cbf5a2d82c76ef23ba669cce449f58a2b
dc92cc3256aa62c665e792c752d00c325ba5ba885c3c19052ab9a2165ce84475
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 01 Feb 2023 20:00:37 GMT
Last-Modified: Wed, 01 Feb 2023 18:51:48 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hNRNudFLFPay8h901HEbeGr4gcCJoBddUiHHflqJuNW1l22PmqhTXg==
Age: 4129
dominantroute.com/bens/vinos.js?23701&u=null&a=0.8824121845720374
193.200.64.20200 OK 140 kB URL HTTP/1.1 dominantroute.com/bens/vinos.js?23701&u=null&a=0.8824121845720374
IP 193.200.64.20:0
ASN #6681 Rozetka Sp. z o.o.
File type ASCII text, with very long lines (727)
Size 140 kB (140145 bytes)
Hash 8c2caea0661b954ca715cf81426be8fd
d08cb4fa08e9766b37e4cd5370521aea03bf9532
83312b1e471e4fc3310c01e9508e998a3e37e9c747e4529e9149cde6ae189f82
GET /bens/vinos.js?23701&u=null&a=0.8824121845720374 HTTP/1.1
Host: dominantroute.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 20:00:37 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NON DSP COR CURa TIA"
Set-Cookie: uuid=16752816351532635802; expires=Fri, 31-Jan-2025 20:00:37 GMT; Max-Age=63072000; path=/; samesite=None; domain=.dominantroute.com; secure
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6d76fee9c994b8baa6f9552a8ab2287c
0d5ea6bf915f27d1ea9f78c99d6b52a1687f3317
41e8e756c724db7ce92ef167325e84f040c813584737c8adfb870223245f8e47
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41E8E756C724DB7CE92EF167325E84F040C813584737C8ADFB870223245F8E47"
Last-Modified: Mon, 30 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5855
Expires: Wed, 01 Feb 2023 21:38:12 GMT
Date: Wed, 01 Feb 2023 20:00:37 GMT
Connection: keep-alive
simplewebanalysis.com/stats
35.156.167.37200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.156.167.37:0
File type ASCII text, with no line terminators
Hash d4b31560f5fff1f02a3f19b990272db9
8249dfbd20732aae85612c6a6422c606645d6dcf
d5aae3cd92e8abcc113b398cb6d9180cbbf35a1a029beab46b76d933e1ea0c27
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 20:00:37 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dfiles.eu
access-control-allow-credentials: true
set-cookie: uid_id2=c23eb804-ec1d-493d-a459-d2fd71ca9f0f:3:1; expires=Sat, 29 Jan 2033 20:00:37 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
adsbb.dfiles.eu//ad.php?z=56&c=NO
91.226.124.76303 See Other 0 B URL HTTP/1.1 adsbb.dfiles.eu//ad.php?z=56&c=NO
IP 91.226.124.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET //ad.php?z=56&c=NO HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: uprand=19d13269a515b58b5a38d402403cdce4; last_file=u3tux9lji; lang_current=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 303 See Other
Server: nginx
Date: Wed, 01 Feb 2023 20:00:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.30-0+deb8u1
Set-Cookie: _nf56=1; expires=Thu, 02-Feb-2023 20:00:37 GMT; Max-Age=86400
Location: /upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
adsbb.dfiles.eu//ad.php?z=7&c=NO&g=no_file&u=63dac4e496e7b-14098369
91.226.124.76303 See Other 0 B URL HTTP/1.1 adsbb.dfiles.eu//ad.php?z=7&c=NO&g=no_file&u=63dac4e496e7b-14098369
IP 91.226.124.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET //ad.php?z=7&c=NO&g=no_file&u=63dac4e496e7b-14098369 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: uprand=19d13269a515b58b5a38d402403cdce4; last_file=u3tux9lji; lang_current=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 303 See Other
Server: nginx
Date: Wed, 01 Feb 2023 20:00:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.30-0+deb8u1
Set-Cookie: _nf7=1; expires=Thu, 02-Feb-2023 20:00:37 GMT; Max-Age=86400
Location: /upload/2212/ad2769296150a424.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
adsbb.dfiles.eu//ad.php?z=58&c=NO&g=no_file
91.226.124.76303 See Other 0 B URL HTTP/1.1 adsbb.dfiles.eu//ad.php?z=58&c=NO&g=no_file
IP 91.226.124.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET //ad.php?z=58&c=NO&g=no_file HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: uprand=19d13269a515b58b5a38d402403cdce4; last_file=u3tux9lji; lang_current=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 303 See Other
Server: nginx
Date: Wed, 01 Feb 2023 20:00:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.30-0+deb8u1
Set-Cookie: _nf58=1; expires=Thu, 02-Feb-2023 20:00:37 GMT; Max-Age=86400
Location: /upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
adsbb.dfiles.eu/upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
91.226.124.76200 OK 669 B URL HTTP/1.1 adsbb.dfiles.eu/upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
IP 91.226.124.76:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 04b9037f6e6dea748fc42e4ffc967cc3
00bca4a643a8adc316386c86c53ee112f78c8bf9
299c6d780e60bcb53a95507be86818f6bcf1ec964f4d582d8be7eafe3c9c50aa
GET /upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Connection: keep-alive
Cookie: uprand=19d13269a515b58b5a38d402403cdce4; last_file=u3tux9lji; lang_current=en; _nf60=1; _nf56=1; _nf7=1; _nf58=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 20:00:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Last-Modified: Wed, 01 Feb 2023 20:00:01 GMT
Content-Encoding: gzip
adsbb.dfiles.eu/upload/2212/ad2769296150a424.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
91.226.124.76200 OK 2.4 kB URL HTTP/1.1 adsbb.dfiles.eu/upload/2212/ad2769296150a424.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
IP 91.226.124.76:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (879)
Hash 5dfa1098da903e3459a1897ae0071e0c
cafd5683918e1789bfafc8c6300f4ec4ab28c5b6
f9bbe5aacf979d118213610d4601f018084dc10490935412b4e5440f9908afb8
GET /upload/2212/ad2769296150a424.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Connection: keep-alive
Cookie: uprand=19d13269a515b58b5a38d402403cdce4; last_file=u3tux9lji; lang_current=en; _nf60=1; _nf56=1; _nf7=1; _nf58=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 20:00:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Last-Modified: Wed, 01 Feb 2023 20:00:01 GMT
Content-Encoding: gzip
adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
91.226.124.76200 OK 669 B URL HTTP/1.1 adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
IP 91.226.124.76:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 14c0684f138709926c74540c85213c03
921d7177a444896b555fe634f3cf9fb852a91e34
556dc2c737cbe930523fe4817ec5f6e910ef6e8aaf2bef0a76ec6e71118cd359
GET /upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Connection: keep-alive
Cookie: uprand=19d13269a515b58b5a38d402403cdce4; last_file=u3tux9lji; lang_current=en; _nf60=1; _nf56=1; _nf7=1; _nf58=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 20:00:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Last-Modified: Wed, 01 Feb 2023 20:00:01 GMT
Content-Encoding: gzip
adsbb.dfiles.eu/upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
91.226.124.76200 OK 887 B URL HTTP/1.1 adsbb.dfiles.eu/upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
IP 91.226.124.76:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash a5cdcd77da635fa25ee4d6625de6c64e
92b821766b3e273b5dd7950e70398bebafb49228
b60d7d9b8d2a927a3eb86ba4fba859739e49fa00d3f7516f7e974ac559443a72
GET /upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Connection: keep-alive
Cookie: uprand=19d13269a515b58b5a38d402403cdce4; last_file=u3tux9lji; lang_current=en; _nf60=1; _nf56=1; _nf7=1; _nf58=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 20:00:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Last-Modified: Wed, 01 Feb 2023 20:00:01 GMT
Content-Encoding: gzip
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dde2c749c196c5c411a2ceed2cd1da07
5ac939841ebacdace7e97e900056fcacdce1ee51
a153214f1fe422c54f64ba0e259c63c010f97ae9dca05ab953fcac10a4706946
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A153214F1FE422C54F64BA0E259C63C010F97AE9DCA05AB953FCAC10A4706946"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12662
Expires: Wed, 01 Feb 2023 23:31:39 GMT
Date: Wed, 01 Feb 2023 20:00:37 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 6b24c2ce8de7f7187fa07239974c8356
b8c30b91769831a7fcb094f84f1ad840b5cef13f
d9c53f37561c69a2e4deb95f205471be44027dfed2b8614e4c7c4180ca9ea604
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1652
Cache-Control: max-age=91294
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 20:00:37 GMT
Etag: "63d9800f-116"
Expires: Thu, 02 Feb 2023 21:22:11 GMT
Last-Modified: Tue, 31 Jan 2023 20:54:39 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 6b24c2ce8de7f7187fa07239974c8356
b8c30b91769831a7fcb094f84f1ad840b5cef13f
d9c53f37561c69a2e4deb95f205471be44027dfed2b8614e4c7c4180ca9ea604
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6150
Cache-Control: max-age=95792
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 20:00:37 GMT
Etag: "63d9800f-116"
Expires: Thu, 02 Feb 2023 22:37:09 GMT
Last-Modified: Tue, 31 Jan 2023 20:54:39 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 20bc97b097da546495b9c01c5dc71655
40bb60ce4880a0bc139bc3c78ef328c87dfae183
b851c1790939839b27812681207cbb8cbc31b32300fe5ed6944b4bdf0fe93472
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B851C1790939839B27812681207CBB8CBC31B32300FE5ED6944B4BDF0FE93472"
Last-Modified: Tue, 31 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5084
Expires: Wed, 01 Feb 2023 21:25:21 GMT
Date: Wed, 01 Feb 2023 20:00:37 GMT
Connection: keep-alive
adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
91.226.124.76200 OK 85 kB URL HTTP/1.1 adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
IP 91.226.124.76:0
File type Unicode text, UTF-8 text, with very long lines (65168)
Hash b04a3bccd23ddeb7982143707a63ccf9
4a5dc1389aad050a44ee5e81408238a317ab3413
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=19d13269a515b58b5a38d402403cdce4; last_file=u3tux9lji; lang_current=en; _nf60=1; _nf56=1; _nf7=1; _nf58=1; u_count=%5B0%2C0%5D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 20:00:37 GMT
Content-Type: application/javascript
Content-Length: 85260
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes
jsc.mgid.com/d/e/depositfiles.com.3334.js
104.19.134.78200 OK 1.2 kB URL HTTP/2 jsc.mgid.com/d/e/depositfiles.com.3334.js
IP 104.19.134.78:0
File type ASCII text, with very long lines (2651), with no line terminators
Hash 19ab57b9dd5d9039bc215bf2499e4feb
1178c3fd88163b47fee55e2d5aa3b01d3c9eaf2b
2ac53607cb726d680f28bf897e06d5e94a5a5513ce4d6c85bb0d4801cd975b20
GET /d/e/depositfiles.com.3334.js HTTP/1.1
Host: jsc.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 20:00:37 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=2652
etag: W/"719838c59e4eb9fe7d745af703314b8f"
last-modified: Thu, 29 Dec 2022 12:52:05 GMT
x-amz-id-2: mty2kJ28LFAg28GES/GOz6uvNGBl37Y1o/thF+BVXisSnVZjc9ypY1DvyeUACAro5nKu33FuqvM=
x-amz-request-id: A3MHH47KXAFBYKGX
x-amz-version-id: akOVbCv8ROzBxtmb.pV9g4vNZDfPEWlt
cf-cache-status: HIT
age: 2418
expires: Wed, 01 Feb 2023 23:00:37 GMT
cache-control: public, max-age=10800
set-cookie: __cf_bm=RWTRFeGnTXG1oQ3UtkueejQnEx4OfjcRnAoXblP7z28-1675281637-0-AbUncukjh4MfHlMUaXhXXQzfQYAplpJsRHiXjQcy4bStPecUju5bcvPLZVgzq8Trlo654c9FlJ+dcYsqFjcZJPE=; path=/; expires=Wed, 01-Feb-23 20:30:37 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 792d463ceb831c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
91.226.124.76200 OK 85 kB URL HTTP/1.1 adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
IP 91.226.124.76:0
File type Unicode text, UTF-8 text, with very long lines (65168)
Hash b04a3bccd23ddeb7982143707a63ccf9
4a5dc1389aad050a44ee5e81408238a317ab3413
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=19d13269a515b58b5a38d402403cdce4; last_file=u3tux9lji; lang_current=en; _nf60=1; _nf56=1; _nf7=1; _nf58=1; u_count=%5B0%2C0%5D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 20:00:37 GMT
Content-Type: application/javascript
Content-Length: 85260
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes
adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
91.226.124.76200 OK 85 kB URL HTTP/1.1 adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
IP 91.226.124.76:0
File type Unicode text, UTF-8 text, with very long lines (65168)
Hash b04a3bccd23ddeb7982143707a63ccf9
4a5dc1389aad050a44ee5e81408238a317ab3413
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2212/ad2769296150a424.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=19d13269a515b58b5a38d402403cdce4; last_file=u3tux9lji; lang_current=en; _nf60=1; _nf56=1; _nf7=1; _nf58=1; u_count=%5B0%2C0%5D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 20:00:37 GMT
Content-Type: application/javascript
Content-Length: 85260
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes
adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
91.226.124.76200 OK 85 kB URL HTTP/1.1 adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js
IP 91.226.124.76:0
File type Unicode text, UTF-8 text, with very long lines (65168)
Hash b04a3bccd23ddeb7982143707a63ccf9
4a5dc1389aad050a44ee5e81408238a317ab3413
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=19d13269a515b58b5a38d402403cdce4; last_file=u3tux9lji; lang_current=en; _nf60=1; _nf56=1; _nf7=1; _nf58=1; u_count=%5B0%2C0%5D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 20:00:37 GMT
Content-Type: application/javascript
Content-Length: 85260
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes
nudgeworry.com/c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js
192.243.61.225200 OK 29 kB URL HTTP/1.1 nudgeworry.com/c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash acc5da787af8f584d55ee53c6161e119
f53da9634bf441b210213d3769c051e736e69aab
7f710f4c0e0df5526212b379daf2041fe069143f95ddcbdd976b645c65e2ede8
Analyzer Verdict Alert quad9 Sinkholed
GET /c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js HTTP/1.1
Host: nudgeworry.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 01 Feb 2023 20:00:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9d7546caf3e9952c7d2732e1b159f2a4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
dde280e15f.5608bd4f7e.com/d6c37f8b5d81f1fbc29c7becbcbf7232/46445?version_name=a
45.133.44.25200 OK 78 kB URL HTTP/2 dde280e15f.5608bd4f7e.com/d6c37f8b5d81f1fbc29c7becbcbf7232/46445?version_name=a
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash f0401f0a8447dcbe4ac032cb37eabc55
943577410f25401f518964861b4ab6d7e2884b1f
ce2d05a135d5499cb6578e77649d7962b607076515b2d5143666511953a3fe67
Analyzer Verdict Alert quad9 Sinkholed
GET /d6c37f8b5d81f1fbc29c7becbcbf7232/46445?version_name=a HTTP/1.1
Host: dde280e15f.5608bd4f7e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 20:00:38 GMT
content-type: application/json
content-length: 441
server: nginx/1.18.0
cache-control: max-age=300
expires: Wed, 01 Feb 2023 20:05:38 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
adsbb.dfiles.eu/view.gif?c=2687&z=60&b=2759&u=63dac4c15e8dc32904552642570517
91.226.124.76200 OK 43 B URL HTTP/1.1 adsbb.dfiles.eu/view.gif?c=2687&z=60&b=2759&u=63dac4c15e8dc32904552642570517
IP 91.226.124.76:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /view.gif?c=2687&z=60&b=2759&u=63dac4c15e8dc32904552642570517 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2112/ad27592687cc8bc6.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=19d13269a515b58b5a38d402403cdce4; last_file=u3tux9lji; lang_current=en; _nf60=1; _nf56=1; _nf7=1; _nf58=1; u_count=%5B0%2C0%5D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 20:00:38 GMT
Content-Type: image/gif
Content-Length: 43
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9004ba4b34f1ae3498b3afeccc240e8c
ee465f20e9365246ef0e90b5349df5d0ec7afc31
e75b585711a65a09bb8188ef1a592d6c8708bfb3f1fa395befa9643974b0a680
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E75B585711A65A09BB8188EF1A592D6C8708BFB3F1FA395BEFA9643974B0A680"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6742
Expires: Wed, 01 Feb 2023 21:53:00 GMT
Date: Wed, 01 Feb 2023 20:00:38 GMT
Connection: keep-alive
js.wpadmngr.com/npc/sdk/wp-banners.js
45.133.44.25200 OK 0 B URL HTTP/2 js.wpadmngr.com/npc/sdk/wp-banners.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 20:00:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Wed, 01 Feb 2023 20:05:38 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.203.23200 OK 27 kB URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.203.23:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 52b0157af0d4778ebbea84148cbfd87b
407772459a0e74eb521bf75cba2a8eccbcf26048
97f8c9cd673554621ef97373a37509d9fd353d5d5c954ef21b168eaa70336f31
Analyzer Verdict Alert fortinet Malware
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 20:00:37 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: de7d4a09074871f6005c823b5f41b10d
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 01 Feb 2023 20:00:37 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGuoDZLQ%2F8lLIyI03%2B6FdDHwiD2%2BH%2Fa0erSL3aOmrzNAnAXPAic0omtpMIroEyzUwA3gH09YS5vljMieZC%2Bmb%2BZzhU6%2Bnefr%2F93u9NZSw2qyRphVcQOytXeOTWW6f3kobxRfvXI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792d463b3dab75cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
adsbb.dfiles.eu/view.gif?c=2927&z=58&b=2708&u=63dac4c160303744563218406372
91.226.124.76200 OK 43 B URL HTTP/1.1 adsbb.dfiles.eu/view.gif?c=2927&z=58&b=2708&u=63dac4c160303744563218406372
IP 91.226.124.76:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /view.gif?c=2927&z=58&b=2708&u=63dac4c160303744563218406372 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/1906/ad2708292742b09a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: uprand=19d13269a515b58b5a38d402403cdce4; last_file=u3tux9lji; lang_current=en; _nf60=1; _nf56=1; _nf7=1; _nf58=1; u_count=%5B0%2C0%5D; MgidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22https%3A%2F%2Fdfiles.eu%2F%22%2C%22svsds%22%3A1%7D%2C%22C3334%22%3A%7B%22page%22%3A1%7D%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 20:00:38 GMT
Content-Type: image/gif
Content-Length: 43
Connection: close
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Accept-Ranges: bytes
adserver.adreactor.com/js/libcode3.js
46.166.179.121200 OK 85 kB URL HTTP/1.1 adserver.adreactor.com/js/libcode3.js
IP 46.166.179.121:0
ASN #43350 NForce Entertainment B.V.
Hash b235bc4aa1a4d6057f63f4678cfcc2c6
f4ca36f55659fdb7ff5822ab43feb74533b07dd9
a542f9d74bbeca3bbd37bc4da702f1ad3d18e6690ac7746a1dc98f543084f5a9
GET /js/libcode3.js HTTP/1.1
Host: adserver.adreactor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 20:00:38 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=86400
Expires: Thu, 02 Feb 2023 20:00:38 GMT
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Tue, 15 Mar 2022 21:49:26 GMT
Content-Encoding: gzip
nudgeworry.com/sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6
192.243.61.225200 OK 3.3 kB URL HTTP/1.1 nudgeworry.com/sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (5991), with no line terminators
Hash 5c4cb9a4db60174affc0580c926ab43c
ffddb0c7bfbffd838e58f5ee708a8c4b365e16d3
963f650f07c2c9891291717e0c950b6c53223843b55b95ecac172283c4d345c1
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6 HTTP/1.1
Host: nudgeworry.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 01 Feb 2023 20:00:38 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://dfiles.eu
Access-Control-Allow-Origin: https://dfiles.eu
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16004719; expires=Thu, 02 Feb 2023 20:00:38 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 02 Feb 2023 20:00:38 GMT; secure; SameSite=None
uncs=1; expires=Thu, 02 Feb 2023 20:00:38 GMT; secure; SameSite=None
pdhtkv29=true; expires=Thu, 02 Feb 2023 20:00:38 GMT; secure; SameSite=None
uncs29=1; expires=Thu, 02 Feb 2023 20:00:38 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 01041f1fef8da75698cf39a8020cb292
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
adserver.adreactor.com/servlet/tagger/88247024/1675281661212
46.166.179.121200 OK 81 B URL HTTP/1.1 adserver.adreactor.com/servlet/tagger/88247024/1675281661212
IP 46.166.179.121:0
ASN #43350 NForce Entertainment B.V.
Hash bf26491e2b8fbd49c8103f70f50f3ca2
df50aec4cb4ddf42719f98b582950af6719dee7f
e4bf3221ed30102178d5a92387ce1a1fd1b796f91a4a88dcf44496e829212059
GET /servlet/tagger/88247024/1675281661212 HTTP/1.1
Host: adserver.adreactor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 20:00:38 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, no-store
Pragma: no-cache
Expires: Thu, 31 Dec 1998 11:59:59 GMT
X-Robots-Tag: none
P3P: CP="NOI DSP COR NID"
Set-Cookie: ADRUID=467287d4bf38f53c3c013c251fc80903; Expires=Thu, 01-Feb-2024 20:00:38 GMT; Path=/; Secure; HttpOnly; SameSite=None
Content-Encoding: gzip
adserver.adreactor.com/servlet/view/banner/javascript/ajax/crossdomain/zone?zid=9&pid=8620&uuid=467287d4bf38f53c3c013c251fc80903&tagid=avp_1560248483863&viewable=true&txid=97376668&sver=1&pvid=68022432&resolution=728x91&random=78343127&millis=1675281661258&referrer=https%3A%2F%2Fadsbb.dfiles.eu%2Fupload%2F1906%2Fad2708292742b09a.htm%3Fcanp%3Dadv_73b411c406ca38ecadcf742fe6ade752
46.166.179.121200 OK 1.1 kB URL HTTP/1.1 adserver.adreactor.com/servlet/view/banner/javascript/ajax/crossdomain/zone?zid=9&pid=8620&uuid=467287d4bf38f53c3c013c251fc80903&tagid=avp_1560248483863&viewable=true&txid=97376668&sver=1&pvid=68022432&resolution=728x91&random=78343127&millis=1675281661258&referrer=https%3A%2F%2Fadsbb.dfiles.eu%2Fupload%2F1906%2Fad2708292742b09a.htm%3Fcanp%3Dadv_73b411c406ca38ecadcf742fe6ade752
IP 46.166.179.121:0
ASN #43350 NForce Entertainment B.V.
File type HTML document, ASCII text, with very long lines (1905)
Hash c77f3e2883f421e67382080a9851887d
0f2aa6f3edc59f6b6eb360d8867abde2e1e5f2ea
5f2d0b023623bbae1d9b52078ad110047e50748221edce423a7b9ae05bef58a5
GET /servlet/view/banner/javascript/ajax/crossdomain/zone?zid=9&pid=8620&uuid=467287d4bf38f53c3c013c251fc80903&tagid=avp_1560248483863&viewable=true&txid=97376668&sver=1&pvid=68022432&resolution=728x91&random=78343127&millis=1675281661258&referrer=https%3A%2F%2Fadsbb.dfiles.eu%2Fupload%2F1906%2Fad2708292742b09a.htm%3Fcanp%3Dadv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adserver.adreactor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 20:00:38 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, no-store
Pragma: no-cache
Expires: Thu, 31 Dec 1998 11:59:59 GMT
X-Robots-Tag: none
P3P: CP="NOI DSP COR NID"
Set-Cookie: ADRUID=467287d4bf38f53c3c013c251fc80903; Expires=Thu, 01-Feb-2024 20:00:38 GMT; Path=/; Secure; HttpOnly; SameSite=None
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 62eaeb13a1754898f3cf9705521d7006
1e19795248e9fdc846b4e21cfac713d909c6f56f
d634fb511d5e7c62267de7f4bc580692a4d2115a5010b3c47c5283bc4bb4e9bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D634FB511D5E7C62267DE7F4BC580692A4D2115A5010B3C47C5283BC4BB4E9BF"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7802
Expires: Wed, 01 Feb 2023 22:10:40 GMT
Date: Wed, 01 Feb 2023 20:00:38 GMT
Connection: keep-alive
adserver.adreactor.com/js/interactive2.js
46.166.179.121200 OK 2.7 kB URL HTTP/1.1 adserver.adreactor.com/js/interactive2.js
IP 46.166.179.121:0
ASN #43350 NForce Entertainment B.V.
File type ASCII text, with very long lines (11195), with no line terminators
Hash 3aab9ab80248895ff925b5906764597e
0fc31983fe85d422bb46bf29e52f65eb7bc5a469
e280705d04639ecfec0dfb05b495ffbbb4138cd34c955c9925286a06b02efea3
GET /js/interactive2.js HTTP/1.1
Host: adserver.adreactor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 20:00:38 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=86400
Expires: Thu, 02 Feb 2023 20:00:38 GMT
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Tue, 15 Mar 2022 21:49:26 GMT
Content-Encoding: gzip
static.depositfiles.com/images/favicon.ico
91.226.124.79200 OK 318 B URL HTTP/1.1 static.depositfiles.com/images/favicon.ico
IP 91.226.124.79:0
File type MS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel\012- data
Hash 0f0b975ee529197ec75780ebc2de5907
59688c6aafca5606e388ba9a44fc9dc25fc32cd3
28a0b52229f05b66354ca38b6b813d2281af3efb7e8b0a424ef8b4c68b9e583c
GET /images/favicon.ico HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 20:00:38 GMT
Content-Type: image/x-icon
Content-Length: 318
Last-Modified: Thu, 28 Apr 2022 09:39:11 GMT
Connection: keep-alive
ETag: "626a60bf-13e"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 20:00:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6072
Expires: Wed, 01 Feb 2023 21:41:50 GMT
Date: Wed, 01 Feb 2023 20:00:38 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 20:00:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6072
Expires: Wed, 01 Feb 2023 21:41:50 GMT
Date: Wed, 01 Feb 2023 20:00:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6072
Expires: Wed, 01 Feb 2023 21:41:50 GMT
Date: Wed, 01 Feb 2023 20:00:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6072
Expires: Wed, 01 Feb 2023 21:41:50 GMT
Date: Wed, 01 Feb 2023 20:00:38 GMT
Connection: keep-alive
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
142.250.74.35200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (771)
Size 164 kB (163774 bytes)
Hash 57c909ab73fc27ec24f737bbf1cb1de8
89b2c02e9e7a9a764518fca545d3eec2044fd6d9
7e407e2b00bb7c238c71d96472f7ab030de4e610b1048f0f77b25cb85c2d166b
GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 17:09:34 GMT
expires: Tue, 30 Jan 2024 17:09:34 GMT
cache-control: public, max-age=31536000
age: 183064
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec7e808a5e82552c46c3417a5b32b836
f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd
f16d982224dfeb0753eaf9d4eb87d80fd1111f682fd8fa36f3177aad5bf926a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6819
x-amzn-requestid: a0368695-4182-40bd-9a28-c50ae783a7a5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRHGnoAMF0Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-624285eb16110b8c2360dec5;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4MpUHqMYJoNA7QuRuQwbJIodNkhizq6EL5SPbIoSKFQjtoAKQgLuEg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:51:25 GMT
age: 79753
etag: "f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2998f7f50ac0eec931c348e8a0fb0c60
f5e411cda74cb7fb4a662f4787e9543b9749c8b5
0c81413a819e379212bf757b1c9469415aec2ac8fdf47f94ff23c420a1da20e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5736
x-amzn-requestid: 895ee89b-8d2e-42f9-a392-466557f8a0d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffEtEGk_oAMFYPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e7ed-026a1b0d79dc7eb572317bd2;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:28:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 64EbarGrn6AIpXOE8TIfiBeGFQinx-P9lUIvmiQ1ivZgFrxl7_W4EQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:57:42 GMT
age: 79376
etag: "f5e411cda74cb7fb4a662f4787e9543b9749c8b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 22:03:43 GMT
age: 79015
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 27e95b7912edc909d6b031e36fe83534
eb27fae0bb17dbe0929a620002195233ef50c1d0
b32e7e1a2eee367c5bf9e99bcb38f4c74c4e9e7bdfe7fb0f8f2a657060c0624c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8597
x-amzn-requestid: e7bf4ac9-d86d-4ee9-9e10-8a42e5dfe2c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcRaNEW4IAMFatA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4c90d-7731312f630b00ba028836ca;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:04:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z3ZJ7bq6LuJd-9I9D22VIs0avctNGVDKnYmt-fxevCheQibivmUomQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:53:10 GMT
age: 43648
etag: "eb27fae0bb17dbe0929a620002195233ef50c1d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23db22ce2120fbb0ae6109e1a046062d
2068c8d9a5bc30a17be658e198e26c64a80703cf
f307ba6c4929d9f0c9354334b7baea878da379138489d9689bb777c4da308dab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: f466c962-7b12-4923-a4be-7ff9fce372a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaWFP_IAMF9wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-7a8c027d58f5b9132bb68a33;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hjIm9dNf6UE9rpIlKWeLwWuF7Pm6yJeAZgbwchvJcuDy-zkXEr502w==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:51:18 GMT
age: 79760
etag: "2068c8d9a5bc30a17be658e198e26c64a80703cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
s-img.steepto.com/g/12578222/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAxLzEwMTkyNC8zMmYxNWQyYmI4MzkzYjc0NTU3YzlmNDRjNTgyNGI2MS5qcGVn.webp?v=1675281638-Ek_NZ8oc2DzQXiP-JTlFeRUHbzbDIwHlYjsHh-6KHbM
104.19.135.80200 OK 19 kB URL HTTP/2 s-img.steepto.com/g/12578222/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAxLzEwMTkyNC8zMmYxNWQyYmI4MzkzYjc0NTU3YzlmNDRjNTgyNGI2MS5qcGVn.webp?v=1675281638-Ek_NZ8oc2DzQXiP-JTlFeRUHbzbDIwHlYjsHh-6KHbM
IP 104.19.135.80:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x328, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e3adb2db32703e7be695af30cba85479
dd412e0040d57c4e92a83191e36c99818875709d
15424aa239e5b9acd5ead3f31c089a7ec35caaf10e413082e1a19bb59dc273a7
GET /g/12578222/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAxLzEwMTkyNC8zMmYxNWQyYmI4MzkzYjc0NTU3YzlmNDRjNTgyNGI2MS5qcGVn.webp?v=1675281638-Ek_NZ8oc2DzQXiP-JTlFeRUHbzbDIwHlYjsHh-6KHbM HTTP/1.1
Host: s-img.steepto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adsbb.dfiles.eu
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 20:00:38 GMT
content-type: image/webp
content-length: 18672
x-mg-request-uuid: 7cccb0eb-6d5a-4367-ae13-b7aa5982d3b0
access-control-allow-origin: *
last-modified: Tue, 29 Mar 2022 06:54:16 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 792d464009900afa-OSL
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test_adblock=true
142.250.74.34200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test_adblock=true
IP 142.250.74.34:0
File type ASCII text, with very long lines (3649)
Hash e422905c19b3476157fb5ab4c29c46d2
905d2e14512cdec8557ba62b1a0c93f7ae359bc2
47e81e1b9ed3adfe053646676441420b329df314d95c82c4145703249682934b
GET /pagead/js/adsbygoogle.js?test_adblock=true HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 01 Feb 2023 20:00:38 GMT
expires: Wed, 01 Feb 2023 20:00:38 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 457426834782126520
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 50053
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 20:00:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sweepfrequencydissolved.com/pixel/purst?dl=0&th=0&sc=0&rs=2185&rd=2185&fd=616&bv=22.10.v.10&tmpl=136
192.243.59.20200 OK 0 B URL HTTP/1.1 sweepfrequencydissolved.com/pixel/purst?dl=0&th=0&sc=0&rs=2185&rd=2185&fd=616&bv=22.10.v.10&tmpl=136
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2185&rd=2185&fd=616&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: sweepfrequencydissolved.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 01 Feb 2023 20:00:38 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 20:00:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.steepto.com/i.js?&cbuster=1675281661241604777781
104.19.136.80200 OK 0 B URL HTTP/2 cm.steepto.com/i.js?&cbuster=1675281661241604777781
IP 104.19.136.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /i.js?&cbuster=1675281661241604777781 HTTP/1.1
Host: cm.steepto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 20:00:38 GMT
content-type: application/javascript
content-length: 0
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
last-modified: Wed, 01 Feb 2023 20:00:38 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 792d46404e48b4f7-OSL
X-Firefox-Spdy: h2
cm.steepto.com/i-noref.js?cbuster=1675281661254899879148
104.19.136.80200 OK 0 B URL HTTP/2 cm.steepto.com/i-noref.js?cbuster=1675281661254899879148
IP 104.19.136.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /i-noref.js?cbuster=1675281661254899879148 HTTP/1.1
Host: cm.steepto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 20:00:38 GMT
content-type: application/javascript
content-length: 0
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
last-modified: Wed, 01 Feb 2023 20:00:38 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 792d46403e42b4f7-OSL
X-Firefox-Spdy: h2
ads.a-static.com/0/img/adv_pd_728x90.png
46.166.179.115200 OK 11 kB URL HTTP/2 ads.a-static.com/0/img/adv_pd_728x90.png
IP 46.166.179.115:0
ASN #43350 NForce Entertainment B.V.
File type PNG image data, 728 x 90, 8-bit/color RGB, non-interlaced\012- data
Hash 22a028765c7abab19f98a814d41ad5fb
0b1f391d8b9a8fad09c28bd77223129416fd450b
e0125430911589e28cb4d1e3203195f2476c416344117f0da405090e86283888
GET /0/img/adv_pd_728x90.png HTTP/1.1
Host: ads.a-static.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 20:00:39 GMT
content-type: image/png
content-length: 10700
last-modified: Tue, 03 Oct 2017 13:18:05 GMT
etag: "59d38e0d-29cc"
expires: Fri, 03 Mar 2023 20:00:39 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
s-img.steepto.com/g/11533308/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC84NzY2NWIwMTVjNjllMGJjZDE5M2MxMDk3YTE3YjE4Ny5wbmc.webp?v=1675281638-bvFfRIKjgZ-yNgDn-H5hJMLT9VEiAMRZJIhIxgb1OCU
104.19.135.80200 OK 8.2 kB URL HTTP/2 s-img.steepto.com/g/11533308/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC84NzY2NWIwMTVjNjllMGJjZDE5M2MxMDk3YTE3YjE4Ny5wbmc.webp?v=1675281638-bvFfRIKjgZ-yNgDn-H5hJMLT9VEiAMRZJIhIxgb1OCU
IP 104.19.135.80:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x328, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 21584ecb21074863a89d44f571ae5cf0
b3201cb3be9f724820b12cdf91954adc539564e3
f417123d9ee6533ca43c58ebdcf326ee8e85356fd6c3f394706d44d0d35de627
GET /g/11533308/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC84NzY2NWIwMTVjNjllMGJjZDE5M2MxMDk3YTE3YjE4Ny5wbmc.webp?v=1675281638-bvFfRIKjgZ-yNgDn-H5hJMLT9VEiAMRZJIhIxgb1OCU HTTP/1.1
Host: s-img.steepto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adsbb.dfiles.eu
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 20:00:38 GMT
content-type: image/webp
content-length: 8190
x-mg-request-uuid: e740988d-27c8-4fc7-a12c-566423ba73b5
access-control-allow-origin: *
last-modified: Wed, 01 Dec 2021 12:23:34 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 792d464019990afa-OSL
X-Firefox-Spdy: h2
s-img.steepto.com/g/13785545/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8xMTQ1LHlfNzYzL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzE3NTY4NS85ZDY5NmQ2MjNmNWEyYjZmMzlhYmM2OTJhMzYxMjExMi5qcGc.webp?v=1675281638-jKLMwb9MzawVQqZbI5L5Eyv5Vuj8J7uEg94m6jq2fc4
104.19.135.80200 OK 10 kB URL HTTP/2 s-img.steepto.com/g/13785545/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8xMTQ1LHlfNzYzL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzE3NTY4NS85ZDY5NmQ2MjNmNWEyYjZmMzlhYmM2OTJhMzYxMjExMi5qcGc.webp?v=1675281638-jKLMwb9MzawVQqZbI5L5Eyv5Vuj8J7uEg94m6jq2fc4
IP 104.19.135.80:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x328, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 169a2cefad31535f25bd63826483fa0f
0962c7ec67ccd2945988f07172aa4896345f62b4
a9b3831eb6be6dea8e17d2aa8792dcf3f710678a9442d1cfcdc5db326a33d88e
GET /g/13785545/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8xMTQ1LHlfNzYzL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzE3NTY4NS85ZDY5NmQ2MjNmNWEyYjZmMzlhYmM2OTJhMzYxMjExMi5qcGc.webp?v=1675281638-jKLMwb9MzawVQqZbI5L5Eyv5Vuj8J7uEg94m6jq2fc4 HTTP/1.1
Host: s-img.steepto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adsbb.dfiles.eu
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 20:00:38 GMT
content-type: image/webp
content-length: 10424
x-mg-request-uuid: c2b3396a-0a4f-4509-859a-3af6378bf806
access-control-allow-origin: *
last-modified: Fri, 12 Aug 2022 17:42:29 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 792d464029ab0afa-OSL
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
2.18.172.200200 OK 73 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
IP 2.18.172.200:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 06cd2eddf805cce44a8cb5178e00d7de
4450e085f121f57255512d5f7c8d4bcffbf77bc5
8c41037c0b242f0fe65640486379d7f6cd91c55f8edd998ea285d8f994ec48f7
GET /AdServer/js/pwt/161673/7165/pwt.js HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 12:15:31 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: application/javascript
cache-control: max-age=97144
expires: Thu, 02 Feb 2023 22:59:42 GMT
date: Wed, 01 Feb 2023 20:00:38 GMT
content-length: 73257
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6ed8529cb0121dfada69c1912efb936c
8684642f27eeeea9cc31d84114e21037e1dfc0ee
26a4346640b34deea357f81d3d08f831729318df2ec7b59f3cdbd652307c065c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4379
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 20:00:38 GMT
Last-Modified: Wed, 01 Feb 2023 18:47:39 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.33.119.27200 OK 3.1 kB IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
File type gzip compressed data, from Unix\012- data
Hash a93838094bb6adc3213a36ff77996184
f1cebcc415eb47dd6324c0a1be76c15fe5429d4a
d54751f1d0665f51888aa1f98be74e1736b62674c6c54527f64add0000365940
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D63168B3E1576CA354DE7B05B0862D0770F0F4D0C45EA566965E4BEA48611AAF"
Last-Modified: Mon, 30 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12200
Expires: Wed, 01 Feb 2023 23:23:59 GMT
Date: Wed, 01 Feb 2023 20:00:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 723de41863b7d3a6898b5306d240e329
924514514d5ecaa7da5dc2587d811dbb0f0339d3
d63168b3e1576ca354de7b05b0862d0770f0f4d0c45ea566965e4bea48611aaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D63168B3E1576CA354DE7B05B0862D0770F0F4D0C45EA566965E4BEA48611AAF"
Last-Modified: Mon, 30 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12200
Expires: Wed, 01 Feb 2023 23:23:59 GMT
Date: Wed, 01 Feb 2023 20:00:39 GMT
Connection: keep-alive
lb.eu-1-id5-sync.com/lb/v1
162.19.138.119200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP 162.19.138.119:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 727ccab86ddc4e0923e4adea59c7a18f
18a62ababb346cebc2572f34e8a9a9135caf0246
3f8d41d248e2eb7f3b782fdc1ad68a50e9ff561da3f37aaf1c429e55181a86a3
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://adsbb.dfiles.eu
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://adsbb.dfiles.eu
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Wed, 01 Feb 2023 20:00:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
lbs.eu-1-id5-sync.com/lbs/v1
141.95.98.65200 OK 34 B URL HTTP/1.1 lbs.eu-1-id5-sync.com/lbs/v1
IP 141.95.98.65:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8ab472845ccbd1f1860a3be0f6e3861f
f502bd0c964b80c28ab3a33108c4fc7a252b6af0
3c9de6aa237b5f1b2872535e12397a6eac4cd0d6405f13854f0a40c2d771fa4f
GET /lbs/v1 HTTP/1.1
Host: lbs.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://adsbb.dfiles.eu
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Wed, 1 Feb 2023 20:00:39 GMT
access-control-allow-origin: https://adsbb.dfiles.eu
vary: Origin
content-type: application/json
content-length: 34
strict-transport-security: max-age=63072000; includeSubDomains; preload
nudgeworry.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST28bxRuebfO7%2FMqlwAUJhI8gVc6uvbbj5lARSlBESUJbiMQFzb91hszurGZ2vU7UQ0Ql1AuSOcFx8zhpBFSo%2FQBIaNMLyinmgIJEuPEFQJyRHUuGV5p532ee9%2FA877yfH%2BQXxEdOzzffN3tKa7rYqvu1N7ZUIkzhauv3a4Ff95drWypph8u1weSy%2FZuB36r7b9belXzHLDb8wPcDP6itKisjM1icslDpk25Q7%2Fr1sFEPWiEG9r%2FY5R4c9SD6F%2BRFKDH%2B3%2FZPz6B4hSR%2Belu6ncykN96Jc00zY9EXxx8mO4kpEsTzMrIeouR41g3jxoR8fQUmOZ45gOkfThyAqTHxfgnAkuOZTLD%2B0aVSpiETMHENRb%2BC1BUUrcDNQyhxRgAusL6BJH68bmxBdy9ZOmHHZOHvP6GKMVn47WUk8fcrWg1q94zOM2USh0FUQg0qqF6FND9BtudBFSfg2WdQgiCJSyhRTl0rVUFFFbQcgjoP%2BeQoD3nkIU89xOK8RlvdyPc7EYuazaWQc95sct5aaouWaIZLkY%2BcT2QNkaVDcD0Et%2FtI7T521BA2%2FxFuu4QTHlw2Jt4H%2B%2BiLEoUkKBxBQQkKRVBkBEW%2FPBLaNVz5WGiXs2CWG7PcLEcm6x3QI5P1ZEIO0gtyfTqPv9oGO%2FK81miEVIQ0CFnIghYPOo12FHX8luTtTkPSNpwqodyVqdU9dfZSilSdvfAqGD2B0yfg6jpo%2FhpoMeo0fNDtUbjkYy95KmRqnMoipaWrcxNDmBJptoBs1zvQF%2BSVqY6b125A8tNbX32x8fuy%2BBjclkhtiU%2FVc4KefjS6awpyeNcUjjzbSDMVqz06%2BbN7Gc3k1W%2Ffk7uFsWLttht%2B8xafEJPyyX3psjs0ESrpOfLdihJC2lVjuSQ%2FrLktyTZzt72S2yRP72y%2BvboWp1Y6p0xSgaqzjx6AqzH5%2F4NPptv4ujeCshVsXiLOT8ksoEwFnu7DpXP1zhBYPe9hqYciL0e2weaPWhFoOceUlXD%2FwmxeH7hH6FkPNHs43cG%2BLdHXJagewuVXR1lqT2%2F93JwGmPZGTFvvkGmrv7wcrVPnNdmK%2FEj6DcmiLos61BfdKOwy2g1kh7VogMyN%2Ba%2FP%2F%2FgHAAD%2F%2FwEAAP%2F%2FoofEemUEAAA%3D
192.243.61.225200 OK 7 B URL HTTP/1.1 nudgeworry.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST28bxRuebfO7%2FMqlwAUJhI8gVc6uvbbj5lARSlBESUJbiMQFzb91hszurGZ2vU7UQ0Ql1AuSOcFx8zhpBFSo%2FQBIaNMLyinmgIJEuPEFQJyRHUuGV5p532ee9%2FA877yfH%2BQXxEdOzzffN3tKa7rYqvu1N7ZUIkzhauv3a4Ff95drWypph8u1weSy%2FZuB36r7b9belXzHLDb8wPcDP6itKisjM1icslDpk25Q7%2Fr1sFEPWiEG9r%2FY5R4c9SD6F%2BRFKDH%2B3%2FZPz6B4hSR%2Belu6ncykN96Jc00zY9EXxx8mO4kpEsTzMrIeouR41g3jxoR8fQUmOZ45gOkfThyAqTHxfgnAkuOZTLD%2B0aVSpiETMHENRb%2BC1BUUrcDNQyhxRgAusL6BJH68bmxBdy9ZOmHHZOHvP6GKMVn47WUk8fcrWg1q94zOM2USh0FUQg0qqF6FND9BtudBFSfg2WdQgiCJSyhRTl0rVUFFFbQcgjoP%2BeQoD3nkIU89xOK8RlvdyPc7EYuazaWQc95sct5aaouWaIZLkY%2BcT2QNkaVDcD0Et%2FtI7T521BA2%2FxFuu4QTHlw2Jt4H%2B%2BiLEoUkKBxBQQkKRVBkBEW%2FPBLaNVz5WGiXs2CWG7PcLEcm6x3QI5P1ZEIO0gtyfTqPv9oGO%2FK81miEVIQ0CFnIghYPOo12FHX8luTtTkPSNpwqodyVqdU9dfZSilSdvfAqGD2B0yfg6jpo%2FhpoMeo0fNDtUbjkYy95KmRqnMoipaWrcxNDmBJptoBs1zvQF%2BSVqY6b125A8tNbX32x8fuy%2BBjclkhtiU%2FVc4KefjS6awpyeNcUjjzbSDMVqz06%2BbN7Gc3k1W%2Ffk7uFsWLttht%2B8xafEJPyyX3psjs0ESrpOfLdihJC2lVjuSQ%2FrLktyTZzt72S2yRP72y%2BvboWp1Y6p0xSgaqzjx6AqzH5%2F4NPptv4ujeCshVsXiLOT8ksoEwFnu7DpXP1zhBYPe9hqYciL0e2weaPWhFoOceUlXD%2FwmxeH7hH6FkPNHs43cG%2BLdHXJagewuVXR1lqT2%2F93JwGmPZGTFvvkGmrv7wcrVPnNdmK%2FEj6DcmiLos61BfdKOwy2g1kh7VogMyN%2Ba%2FP%2F%2FgHAAD%2F%2FwEAAP%2F%2FoofEemUEAAA%3D
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST28bxRuebfO7%2FMqlwAUJhI8gVc6uvbbj5lARSlBESUJbiMQFzb91hszurGZ2vU7UQ0Ql1AuSOcFx8zhpBFSo%2FQBIaNMLyinmgIJEuPEFQJyRHUuGV5p532ee9%2FA877yfH%2BQXxEdOzzffN3tKa7rYqvu1N7ZUIkzhauv3a4Ff95drWypph8u1weSy%2FZuB36r7b9belXzHLDb8wPcDP6itKisjM1icslDpk25Q7%2Fr1sFEPWiEG9r%2FY5R4c9SD6F%2BRFKDH%2B3%2FZPz6B4hSR%2Belu6ncykN96Jc00zY9EXxx8mO4kpEsTzMrIeouR41g3jxoR8fQUmOZ45gOkfThyAqTHxfgnAkuOZTLD%2B0aVSpiETMHENRb%2BC1BUUrcDNQyhxRgAusL6BJH68bmxBdy9ZOmHHZOHvP6GKMVn47WUk8fcrWg1q94zOM2USh0FUQg0qqF6FND9BtudBFSfg2WdQgiCJSyhRTl0rVUFFFbQcgjoP%2BeQoD3nkIU89xOK8RlvdyPc7EYuazaWQc95sct5aaouWaIZLkY%2BcT2QNkaVDcD0Et%2FtI7T521BA2%2FxFuu4QTHlw2Jt4H%2B%2BiLEoUkKBxBQQkKRVBkBEW%2FPBLaNVz5WGiXs2CWG7PcLEcm6x3QI5P1ZEIO0gtyfTqPv9oGO%2FK81miEVIQ0CFnIghYPOo12FHX8luTtTkPSNpwqodyVqdU9dfZSilSdvfAqGD2B0yfg6jpo%2FhpoMeo0fNDtUbjkYy95KmRqnMoipaWrcxNDmBJptoBs1zvQF%2BSVqY6b125A8tNbX32x8fuy%2BBjclkhtiU%2FVc4KefjS6awpyeNcUjjzbSDMVqz06%2BbN7Gc3k1W%2Ffk7uFsWLttht%2B8xafEJPyyX3psjs0ESrpOfLdihJC2lVjuSQ%2FrLktyTZzt72S2yRP72y%2BvboWp1Y6p0xSgaqzjx6AqzH5%2F4NPptv4ujeCshVsXiLOT8ksoEwFnu7DpXP1zhBYPe9hqYciL0e2weaPWhFoOceUlXD%2FwmxeH7hH6FkPNHs43cG%2BLdHXJagewuVXR1lqT2%2F93JwGmPZGTFvvkGmrv7wcrVPnNdmK%2FEj6DcmiLos61BfdKOwy2g1kh7VogMyN%2Ba%2FP%2F%2FgHAAD%2F%2FwEAAP%2F%2FoofEemUEAAA%3D HTTP/1.1
Host: nudgeworry.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 01 Feb 2023 20:00:39 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9c54dff06019a2b4d08f883e6fe7c749
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 22861a7be3635aa6cc542d394b72a866
aa28050a11dc8d47f10360251351b380b9a85cf9
77518188813c585ffbf9e72006293d28542c80a93e977cabce60c7d6b5d85da7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "77518188813C585FFBF9E72006293D28542C80A93E977CABCE60C7D6B5D85DA7"
Last-Modified: Mon, 30 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11446
Expires: Wed, 01 Feb 2023 23:11:25 GMT
Date: Wed, 01 Feb 2023 20:00:39 GMT
Connection: keep-alive
id5-sync.com/g/v2/231.json
141.95.98.65200 216 B URL HTTP/1.1 id5-sync.com/g/v2/231.json
IP 141.95.98.65:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8cad7b91b471db7ec63f8e7b1089e7e1
a6121f88bc41819573e2b33d5719460cb5d82a62
bda1d2897ac9b10ad539e6e86cb5be7e57459519597d212b160c46b45a9699a8
POST /g/v2/231.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 379
Origin: https://adsbb.dfiles.eu
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://adsbb.dfiles.eu
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Wed, 01 Feb 2023 20:00:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d62d6b1aa5d380b6cdbfae5d3dca5421
f715b643ffd374ace9695098eb3ed3a70de0fde1
04f32494a66d0cd2ed4b1a8078b86edcfca40190fedcf0334d9cd62ca2ca6d19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "04F32494A66D0CD2ED4B1A8078B86EDCFCA40190FEDCF0334D9CD62CA2CA6D19"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13346
Expires: Wed, 01 Feb 2023 23:43:05 GMT
Date: Wed, 01 Feb 2023 20:00:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ebc5267a43e35d9874d2d70ed8e7f4c9
f8d59e7a7641c1c665cda79c908aa05c68b95f47
0f5c4b99130d094313f8d8126489693e7fdd8e7e2dbd8dd0f331a8ed5d59839f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0F5C4B99130D094313F8D8126489693E7FDD8E7E2DBD8DD0F331A8ED5D59839F"
Last-Modified: Tue, 31 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2907
Expires: Wed, 01 Feb 2023 20:49:06 GMT
Date: Wed, 01 Feb 2023 20:00:39 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e55279b0641fb8435b27a53d5af7d6e8
cd3ac0125fc6e1705f9340d797e76d4cd1045ff4
0e8644ff039742611260e8288f1466bcce8bdfa61b0bc9b6223b75836225dc34
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0E8644FF039742611260E8288F1466BCCE8BDFA61B0BC9B6223B75836225DC34"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13125
Expires: Wed, 01 Feb 2023 23:39:24 GMT
Date: Wed, 01 Feb 2023 20:00:39 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e55279b0641fb8435b27a53d5af7d6e8
cd3ac0125fc6e1705f9340d797e76d4cd1045ff4
0e8644ff039742611260e8288f1466bcce8bdfa61b0bc9b6223b75836225dc34
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0E8644FF039742611260E8288F1466BCCE8BDFA61B0BC9B6223B75836225DC34"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13125
Expires: Wed, 01 Feb 2023 23:39:24 GMT
Date: Wed, 01 Feb 2023 20:00:39 GMT
Connection: keep-alive
f5523cd9a7.c1249041fb.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNzE1Mzk1MjA2ODY1ODYyNTAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjIxLjEiLCJ0YWdfaWQiOjQ2NDQ1LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjEuMjMsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MCwidXNlcl9rZXl3b3JkcyI6IkRlcG9zaXRGaWxlcyUyQ0RlcG9zaXRGaWxlcyUyQ3Byb3ZpZGVzJTJDeW91JTJDd2l0aCUyQ2ElMkNsZWdpdGltYXRlJTJDdGVjaG5pY2FsJTJDc29sdXRpb24lMkN3aGljaCUyQ2VuYWJsZXMlMkN5b3UlMkN0byUyQ3VwbG9hZCUyQ3N0b3JlJTJDYWNjZXNzJTJDYW5kJTJDZG93bmxvYWQlMkN0ZXh0JTJDc29mdHdhcmUlMkMlMkNzY3JpcHRzJTJDaW1hZ2VzJTJDc291bmRzJTJDdmlkZW9zJTJDYW5pbWF0aW9ucyUyQ2FuZCUyQ2FueSUyQ290aGVyJTJDbWF0ZXJpYWxzJTJDaW4lMkNmb3JtJTJDb2YlMkNvbmUlMkNvciUyQ3NldmVyYWwlMkNlbGVjdHJvbmljJTJDZmlsZXMuIn0=
45.133.44.25200 OK 0 B URL HTTP/2 f5523cd9a7.c1249041fb.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNzE1Mzk1MjA2ODY1ODYyNTAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjIxLjEiLCJ0YWdfaWQiOjQ2NDQ1LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjEuMjMsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MCwidXNlcl9rZXl3b3JkcyI6IkRlcG9zaXRGaWxlcyUyQ0RlcG9zaXRGaWxlcyUyQ3Byb3ZpZGVzJTJDeW91JTJDd2l0aCUyQ2ElMkNsZWdpdGltYXRlJTJDdGVjaG5pY2FsJTJDc29sdXRpb24lMkN3aGljaCUyQ2VuYWJsZXMlMkN5b3UlMkN0byUyQ3VwbG9hZCUyQ3N0b3JlJTJDYWNjZXNzJTJDYW5kJTJDZG93bmxvYWQlMkN0ZXh0JTJDc29mdHdhcmUlMkMlMkNzY3JpcHRzJTJDaW1hZ2VzJTJDc291bmRzJTJDdmlkZW9zJTJDYW5pbWF0aW9ucyUyQ2FuZCUyQ2FueSUyQ290aGVyJTJDbWF0ZXJpYWxzJTJDaW4lMkNmb3JtJTJDb2YlMkNvbmUlMkNvciUyQ3NldmVyYWwlMkNlbGVjdHJvbmljJTJDZmlsZXMuIn0=
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNzE1Mzk1MjA2ODY1ODYyNTAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjIxLjEiLCJ0YWdfaWQiOjQ2NDQ1LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjEuMjMsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MCwidXNlcl9rZXl3b3JkcyI6IkRlcG9zaXRGaWxlcyUyQ0RlcG9zaXRGaWxlcyUyQ3Byb3ZpZGVzJTJDeW91JTJDd2l0aCUyQ2ElMkNsZWdpdGltYXRlJTJDdGVjaG5pY2FsJTJDc29sdXRpb24lMkN3aGljaCUyQ2VuYWJsZXMlMkN5b3UlMkN0byUyQ3VwbG9hZCUyQ3N0b3JlJTJDYWNjZXNzJTJDYW5kJTJDZG93bmxvYWQlMkN0ZXh0JTJDc29mdHdhcmUlMkMlMkNzY3JpcHRzJTJDaW1hZ2VzJTJDc291bmRzJTJDdmlkZW9zJTJDYW5pbWF0aW9ucyUyQ2FuZCUyQ2FueSUyQ290aGVyJTJDbWF0ZXJpYWxzJTJDaW4lMkNmb3JtJTJDb2YlMkNvbmUlMkNvciUyQ3NldmVyYWwlMkNlbGVjdHJvbmljJTJDZmlsZXMuIn0= HTTP/1.1
Host: f5523cd9a7.c1249041fb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 20:00:39 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 20:00:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fp.metricswpsh.com/fp?tag_id=46445
157.90.84.242204 No Content 0 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=46445
IP 157.90.84.242:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=46445 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Wed, 01 Feb 2023 20:00:39 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://dfiles.eu
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 48237dc866d6f2387b67ad0ba335689d
766b9034cf7cb4d04ce8cb76107834772611cdfa
f7e4b65ebd6a99bcd51f95bd777025d00fe3947654a3c58ac06708ecf9f53f03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7E4B65EBD6A99BCD51F95BD777025D00FE3947654A3C58AC06708ECF9F53F03"
Last-Modified: Mon, 30 Jan 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8398
Expires: Wed, 01 Feb 2023 22:20:37 GMT
Date: Wed, 01 Feb 2023 20:00:39 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e55279b0641fb8435b27a53d5af7d6e8
cd3ac0125fc6e1705f9340d797e76d4cd1045ff4
0e8644ff039742611260e8288f1466bcce8bdfa61b0bc9b6223b75836225dc34
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0E8644FF039742611260E8288F1466BCCE8BDFA61B0BC9B6223B75836225DC34"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13125
Expires: Wed, 01 Feb 2023 23:39:24 GMT
Date: Wed, 01 Feb 2023 20:00:39 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 20:00:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d4a52a6de3e34cfce9dac30029f3d100
75c46e62ee3052e3e004a62afb350459bbec0784
684f0a268e7f1dbb38fe0e99d1be76aad024017a11dace9c29c744803dd46736
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "684F0A268E7F1DBB38FE0E99D1BE76AAD024017A11DACE9C29C744803DD46736"
Last-Modified: Tue, 31 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7250
Expires: Wed, 01 Feb 2023 22:01:29 GMT
Date: Wed, 01 Feb 2023 20:00:39 GMT
Connection: keep-alive
js.wpshsdk.com/npc/sdk/wp-banners.js
45.133.44.24200 OK 0 B URL HTTP/2 js.wpshsdk.com/npc/sdk/wp-banners.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 20:00:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Wed, 01 Feb 2023 20:05:39 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d1ede23ab1ddbc0d7fa930fd3810e49e
879f79b820606c514ae97d5a3c2be12533440a51
7ec120a673fc6ae1a147829269069666ef47b0258b832030906da7dc97ab2a14
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7EC120A673FC6AE1A147829269069666EF47B0258B832030906DA7DC97AB2A14"
Last-Modified: Tue, 31 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5715
Expires: Wed, 01 Feb 2023 21:35:54 GMT
Date: Wed, 01 Feb 2023 20:00:39 GMT
Connection: keep-alive
fp.metricswpsh.com/fp?tag_id=46445
157.90.84.242200 OK 28 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=46445
IP 157.90.84.242:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text
Hash e3af49472d683a217237a6ebaf79bcb7
378db4d7e6171a2676ee15c80b4475d7f5ec9742
7714898d715fb8b1ce7a1de73e0e7c9f6394acc8a08cf1a3b342a7829d4de84a
POST /fp?tag_id=46445 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22286
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 01 Feb 2023 20:00:39 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 28
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://dfiles.eu
Set-Cookie: id=8521605107520697571; Expires=Thu, 01 Feb 2024 20:00:39 GMT; Secure; SameSite=None
Vary: Origin
cdn.cloudimagesb.com/si/84/83/0e/84830eeb6afb1a25a871aa22c0042566/1667590271.png
45.133.44.9200 OK 33 kB URL HTTP/2 cdn.cloudimagesb.com/si/84/83/0e/84830eeb6afb1a25a871aa22c0042566/1667590271.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 2cb2500acb00f247ef19403c3a0f89e1
7c57e8b84b2bb0003810ffae7a14e24869155464
7efcd5082673b787603d2a0b8d768fb26807cf2ab79771a69886a916d0cda3ce
GET /si/84/83/0e/84830eeb6afb1a25a871aa22c0042566/1667590271.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 20:00:39 GMT
content-type: image/png
content-length: 32763
server: nginx/1.17.6
last-modified: Fri, 04 Nov 2022 19:31:19 GMT
etag: "63656887-7ffb"
expires: Fri, 03 Feb 2023 20:00:39 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
dfiles.eu/ps/QW13h0.js
91.226.124.80200 OK 48 B IP 91.226.124.80:0
Hash b215ecc0d708a2fb5464f5e8d65d2d4e
d8c0da4fd6cd8c2a3b36cb6a7d21ce620810ccc0
eb4333e919f16aa3042235966e790e430e0faecf66ee95bb387b147e168b8ee5
GET /ps/QW13h0.js HTTP/1.1
Host: dfiles.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uprand=19d13269a515b58b5a38d402403cdce4; last_file=u3tux9lji; lang_current=en; u_count=%5B0%2C0%5D; sb_page_224ad4a14b4b15c1726ff705ec672ea6=1; sb_onpage_224ad4a14b4b15c1726ff705ec672ea6=1; sb_main_224ad4a14b4b15c1726ff705ec672ea6=1; sb_count_224ad4a14b4b15c1726ff705ec672ea6=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=c23eb804-ec1d-493d-a459-d2fd71ca9f0f%3A3%3A1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=nudgeworry.com; ppu_idelay_c22dc50dc2bbe4422c7f68d26ab95eb9=1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 20:00:39 GMT
Content-Type: application/javascript
Content-Length: 48
Last-Modified: Fri, 21 Oct 2022 18:27:48 GMT
Connection: close
ETag: "6352e4a4-30"
Accept-Ranges: bytes
unseenreport.com/pxf.gif?uuid=c23eb804-ec1d-493d-a459-d2fd71ca9f0f&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=c23eb804-ec1d-493d-a459-d2fd71ca9f0f&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=c23eb804-ec1d-493d-a459-d2fd71ca9f0f&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 01 Feb 2023 20:00:39 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d112bf2619f90dc8916ed50fc97a2f27
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash efe2987e73eb290b5361f34e7396cb67
73fdd5972f7341ef84a1953d8f5409dd1a406083
4df592276cef5d667743880f6b3a940364edbef912f3d036c72110aa7e0fcfe0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4DF592276CEF5D667743880F6B3A940364EDBEF912F3D036C72110AA7E0FCFE0"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9116
Expires: Wed, 01 Feb 2023 22:32:35 GMT
Date: Wed, 01 Feb 2023 20:00:39 GMT
Connection: keep-alive
cdn.creative-bars1.com/sb/notifications/dating/default/us/universal/white/ssp/css/animate.css
172.64.166.9200 OK 21 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/dating/default/us/universal/white/ssp/css/animate.css
IP 172.64.166.9:0
Hash 3dc4d4b6b0d08d02130362a7dc0e4fd0
68e248add624490a760d884ceb71361141e677c1
2e2f1f341b83e8c79fa70d9db28649168e2d772d97f85dc0d64325f14ae30d14
GET /sb/notifications/dating/default/us/universal/white/ssp/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 20:00:39 GMT
content-type: text/css
last-modified: Mon, 05 Oct 2020 09:08:43 GMT
etag: W/"5f7ae29b-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2014420
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2BILKqZZhL5ckKfkdPW10s%2BfuO3eSu2lj3Ga67%2B9y41rcMHX0BLnDSIokvoteAK3Dc5F%2BYa%2FCflfwJ7C8whpdyY3qbPbkUQyCpyrGYhaYxA80VaB82myqpBv8wQQyX3DnvoEULTahc%2B8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792d4646bd1023a8-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 251919
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=c23eb804-ec1d-493d-a459-d2fd71ca9f0f&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=c23eb804-ec1d-493d-a459-d2fd71ca9f0f&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=c23eb804-ec1d-493d-a459-d2fd71ca9f0f&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 01 Feb 2023 20:00:39 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 46325529dcd56f049aa8c1fe9ab137ef
Strict-Transport-Security: max-age=0; includeSubdomains
js.wpshsdk.com/npc/sdk/common/config.js
45.133.44.24200 OK 19 B URL HTTP/2 js.wpshsdk.com/npc/sdk/common/config.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash 67fc2c9421e21f4a3707c7fabc8e9f33
0d311fbfaea3d64122b4c5e575a5c3fbea11f718
b93ed3f9c6f2c27004ef57a9fa8f11248af5bd9848cc56a1c215db36d4ecc1bb
GET /npc/sdk/common/config.js HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 20:00:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 19
server: nginx/1.18.0
last-modified: Thu, 26 Jan 2023 12:22:57 GMT
etag: "63d270a1-13"
expires: Wed, 01 Feb 2023 20:05:39 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
nudgeworry.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST28cxRPtSfy7%2FMIlwAUJxBxBitYzs7N%2FHB8iTDCyCLZJApa4oJ7unnXjnulR98zO2srBIhLKBWk5wXH81o4FRCj5AEhonAvyycsBGQlz4wuAOKNdr7RQUnfV61eH96rr84Pigngo6Pnm%2B3pPKkUXWw3PfWNLplyX1l2%2F7%2Fpew1t2t2TaDpfdweQy%2FZu%2B12p4b7rvCrajFwPP9zzf891VaUSsB4tTFjJ7suQ3lrxGGDT8VoiB%2BS%2B2hQNLHfD%2BBXkRko%2F%2Ft%2F3TM0hWI02e3hZ2J9fZjXeSQtFcG%2FT58YfpTqrLFMm8jI2DOD2edUPbMSFfX4FOj2cOoPuHEweI5Jg4v%2FiI0uOZTET9o0ulkYJIEfFrKPs1hKohaQ2mH0LyMwIwjvUNpMnjdW1KunvJ0gk7Jgt%2F%2FwlZjsnCby8jTb5fUXLg3tOqyKVOLQZxBTmoIXs1suIE%2BZ4DWZ6A5Z9BcoI0qSB5NXUtZQ0Z11BiCGodFJMjHRSxgyJzkPBzl7aWYs%2FrxFHcbHZDxlizyVir2%2BYt3gy7sYeCTWQNkWdDMDUEM%2FvIzD525BCm%2BBF2u4LlDmw%2BJs4H%2B%2BjzCqUgKC1BSQlKSVDmBGW%2FOuLKBrZ6zJUtIn%2BWg1luViOd9w7okc57IiUH2QW5Pp3HX22NHXHuBkFIeUj9MAojv8X8TtCO447XEqzdCQRtw8oK0l6ZWt2TZy9lyOTZC68ioiew6gRMXgctXgMtR53AA90ehV0Pe%2BlTLjJtZR5LJWyD6QRcV8jyBeS7zoG6IK9Mddy8dgOCnd766ouN35f5x2CmQmYqfCqfE%2FTUo9FdXZLDu7q05NlGlstE7tHJn93LaS6ufvue2C214Wu37fCbt9iEmJRP7gub36Epl2nPku9WJOfCrGrDBPlhzW6JaLOw2yuFSYvszubbq2tJZoS1Uqc1qDz76AGYHJP%2FP%2Fhkuo2vOyNIU8MUFZLilMwCUtdg2T5sNldvNYFR854oc1AW1cgE0fxRSQIl5phGFey%2FcDSvD%2Bwj9IwDmj%2Bc7mDfVOirClQNYYurozwzp7d%2Bbk4DkXJGkTLOYaSM%2BvJytFaeuy0%2FFN2o22GcR4JxvxM0u03PCzgPO0vCX0Jux%2BzX53%2F8AwAA%2F%2F8BAAD%2F%2F7aPSpxlBAAA
192.243.61.225200 OK 7 B URL HTTP/1.1 nudgeworry.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST28cxRPtSfy7%2FMIlwAUJxBxBitYzs7N%2FHB8iTDCyCLZJApa4oJ7unnXjnulR98zO2srBIhLKBWk5wXH81o4FRCj5AEhonAvyycsBGQlz4wuAOKNdr7RQUnfV61eH96rr84Pigngo6Pnm%2B3pPKkUXWw3PfWNLplyX1l2%2F7%2Fpew1t2t2TaDpfdweQy%2FZu%2B12p4b7rvCrajFwPP9zzf891VaUSsB4tTFjJ7suQ3lrxGGDT8VoiB%2BS%2B2hQNLHfD%2BBXkRko%2F%2Ft%2F3TM0hWI02e3hZ2J9fZjXeSQtFcG%2FT58YfpTqrLFMm8jI2DOD2edUPbMSFfX4FOj2cOoPuHEweI5Jg4v%2FiI0uOZTET9o0ulkYJIEfFrKPs1hKohaQ2mH0LyMwIwjvUNpMnjdW1KunvJ0gk7Jgt%2F%2FwlZjsnCby8jTb5fUXLg3tOqyKVOLQZxBTmoIXs1suIE%2BZ4DWZ6A5Z9BcoI0qSB5NXUtZQ0Z11BiCGodFJMjHRSxgyJzkPBzl7aWYs%2FrxFHcbHZDxlizyVir2%2BYt3gy7sYeCTWQNkWdDMDUEM%2FvIzD525BCm%2BBF2u4LlDmw%2BJs4H%2B%2BjzCqUgKC1BSQlKSVDmBGW%2FOuLKBrZ6zJUtIn%2BWg1luViOd9w7okc57IiUH2QW5Pp3HX22NHXHuBkFIeUj9MAojv8X8TtCO447XEqzdCQRtw8oK0l6ZWt2TZy9lyOTZC68ioiew6gRMXgctXgMtR53AA90ehV0Pe%2BlTLjJtZR5LJWyD6QRcV8jyBeS7zoG6IK9Mddy8dgOCnd766ouN35f5x2CmQmYqfCqfE%2FTUo9FdXZLDu7q05NlGlstE7tHJn93LaS6ufvue2C214Wu37fCbt9iEmJRP7gub36Epl2nPku9WJOfCrGrDBPlhzW6JaLOw2yuFSYvszubbq2tJZoS1Uqc1qDz76AGYHJP%2FP%2Fhkuo2vOyNIU8MUFZLilMwCUtdg2T5sNldvNYFR854oc1AW1cgE0fxRSQIl5phGFey%2FcDSvD%2Bwj9IwDmj%2Bc7mDfVOirClQNYYurozwzp7d%2Bbk4DkXJGkTLOYaSM%2BvJytFaeuy0%2FFN2o22GcR4JxvxM0u03PCzgPO0vCX0Jux%2BzX53%2F8AwAA%2F%2F8BAAD%2F%2F7aPSpxlBAAA
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RST28cxRPtSfy7%2FMIlwAUJxBxBitYzs7N%2FHB8iTDCyCLZJApa4oJ7unnXjnulR98zO2srBIhLKBWk5wXH81o4FRCj5AEhonAvyycsBGQlz4wuAOKNdr7RQUnfV61eH96rr84Pigngo6Pnm%2B3pPKkUXWw3PfWNLplyX1l2%2F7%2Fpew1t2t2TaDpfdweQy%2FZu%2B12p4b7rvCrajFwPP9zzf891VaUSsB4tTFjJ7suQ3lrxGGDT8VoiB%2BS%2B2hQNLHfD%2BBXkRko%2F%2Ft%2F3TM0hWI02e3hZ2J9fZjXeSQtFcG%2FT58YfpTqrLFMm8jI2DOD2edUPbMSFfX4FOj2cOoPuHEweI5Jg4v%2FiI0uOZTET9o0ulkYJIEfFrKPs1hKohaQ2mH0LyMwIwjvUNpMnjdW1KunvJ0gk7Jgt%2F%2FwlZjsnCby8jTb5fUXLg3tOqyKVOLQZxBTmoIXs1suIE%2BZ4DWZ6A5Z9BcoI0qSB5NXUtZQ0Z11BiCGodFJMjHRSxgyJzkPBzl7aWYs%2FrxFHcbHZDxlizyVir2%2BYt3gy7sYeCTWQNkWdDMDUEM%2FvIzD525BCm%2BBF2u4LlDmw%2BJs4H%2B%2BjzCqUgKC1BSQlKSVDmBGW%2FOuLKBrZ6zJUtIn%2BWg1luViOd9w7okc57IiUH2QW5Pp3HX22NHXHuBkFIeUj9MAojv8X8TtCO447XEqzdCQRtw8oK0l6ZWt2TZy9lyOTZC68ioiew6gRMXgctXgMtR53AA90ehV0Pe%2BlTLjJtZR5LJWyD6QRcV8jyBeS7zoG6IK9Mddy8dgOCnd766ouN35f5x2CmQmYqfCqfE%2FTUo9FdXZLDu7q05NlGlstE7tHJn93LaS6ufvue2C214Wu37fCbt9iEmJRP7gub36Epl2nPku9WJOfCrGrDBPlhzW6JaLOw2yuFSYvszubbq2tJZoS1Uqc1qDz76AGYHJP%2FP%2Fhkuo2vOyNIU8MUFZLilMwCUtdg2T5sNldvNYFR854oc1AW1cgE0fxRSQIl5phGFey%2FcDSvD%2Bwj9IwDmj%2Bc7mDfVOirClQNYYurozwzp7d%2Bbk4DkXJGkTLOYaSM%2BvJytFaeuy0%2FFN2o22GcR4JxvxM0u03PCzgPO0vCX0Jux%2BzX53%2F8AwAA%2F%2F8BAAD%2F%2F7aPSpxlBAAA HTTP/1.1
Host: nudgeworry.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 01 Feb 2023 20:00:39 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dd7cf8ab419ab68a33f36ea4fd2ae3f6
Strict-Transport-Security: max-age=0; includeSubdomains
nudgeworry.com/pixel/sbs?c=1
192.243.61.225200 OK 0 B URL HTTP/1.1 nudgeworry.com/pixel/sbs?c=1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: nudgeworry.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 01 Feb 2023 20:00:39 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash efe2987e73eb290b5361f34e7396cb67
73fdd5972f7341ef84a1953d8f5409dd1a406083
4df592276cef5d667743880f6b3a940364edbef912f3d036c72110aa7e0fcfe0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4DF592276CEF5D667743880F6B3A940364EDBEF912F3D036C72110AA7E0FCFE0"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9115
Expires: Wed, 01 Feb 2023 22:32:35 GMT
Date: Wed, 01 Feb 2023 20:00:40 GMT
Connection: keep-alive
cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=f6c43cb5-024f-4158-a34e-034f3e05bbb0
104.16.159.17200 OK 46 kB URL HTTP/2 cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=f6c43cb5-024f-4158-a34e-034f3e05bbb0
IP 104.16.159.17:0
File type ASCII text, with very long lines (64095)
Hash 9b748136d746a0e576e1f1bf1951b622
ebc65661ea95c675596fe0536010a0820ab106ae
c323384a908e401161a5a4d63ab2d73787efeea32ae2c02a8283a127c9acd415
GET /Scripts/infinity.js.aspx?guid=f6c43cb5-024f-4158-a34e-034f3e05bbb0 HTTP/1.1
Host: cdn.engine.4dsply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 20:00:38 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=900
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
last-modified: Wed, 01 Feb 2023 19:52:14 GMT
cf-cache-status: HIT
age: 230
expires: Wed, 01 Feb 2023 20:15:38 GMT
server: cloudflare
cf-ray: 792d46407efdb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sw.wpush.org/ps/sw.js
45.133.44.24200 OK 2.9 kB IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (8695)
Hash 1671ed5a74ab91bb574274825da4d442
a1572a8eb9d873860688f275bde743eba1f17de9
a2bd956f5ac4ec56f3719bcf1093b79f3ca917937a38911ad10651e960c81738
GET /ps/sw.js HTTP/1.1
Host: sw.wpush.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 20:00:41 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 26 Jan 2023 12:22:57 GMT
etag: W/"63d270a1-158c"
content-encoding: gzip
expires: Wed, 01 Feb 2023 20:05:41 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/dating/default/us/universal/white/ssp/css/style.css
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/dating/default/us/universal/white/ssp/css/style.css
IP 172.64.166.9:0
GET /sb/notifications/dating/default/us/universal/white/ssp/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 20:00:39 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 12:48:43 GMT
etag: W/"6128df2b-112c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2014420
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evr9iUQapg5%2BFY7qiH59J3KtNgFwI8tHqL43EloEOYa5R3XITkceo58CyTOwQvH3IFhX0YdcPlEmwR5T6sfUx372S%2FleXaDdhUNQmWywd%2FNLa5ixzi0q2k28pAQNCZyPJvCRM4J9D3%2FY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792d4646ad0223a8-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/dating/default/us/universal/white/ssp/js/script.js
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/dating/default/us/universal/white/ssp/js/script.js
IP 172.64.166.9:0
GET /sb/notifications/dating/default/us/universal/white/ssp/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 20:00:39 GMT
content-type: application/javascript
last-modified: Mon, 05 Oct 2020 09:08:48 GMT
etag: W/"5f7ae2a0-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2014421
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOX%2FE8pdps7LBxIQTbxYWnvQke%2F80ndvE6QtJnYnpJQ4pZRNr4ugHglAYpde770SiZ9N9GhiHnrQGVOqdHUVcUWH04oAczE0UJx8IJby9jeASTEoesNMErIqyfvWeBjaG2Ve1RzGUKKA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792d4646bd1b23a8-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.106:0
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 01 Feb 2023 20:00:39 GMT
date: Wed, 01 Feb 2023 20:00:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sw.wpush.org/ps/sw.js
45.133.44.25200 OK 0 B IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
GET /ps/sw.js HTTP/1.1
Host: sw.wpush.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Feb 2023 20:00:39 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 26 Jan 2023 12:22:57 GMT
etag: W/"63d270a1-158c"
content-encoding: gzip
expires: Wed, 01 Feb 2023 20:05:39 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.unblockia.com/h.js
54.230.111.2200 OK 0 B IP 54.230.111.2:0
GET /h.js HTTP/1.1
Host: cdn.unblockia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 01 Feb 2023 17:15:22 GMT
last-modified: Wed, 01 Feb 2023 16:56:57 GMT
etag: W/"0298f5b07154a01756527ea50aa20b69"
x-amz-meta-codebuild-content-sha256: d2cad23c06f64c92abd687e9af25313addce67d5a9659ca62882437bd5a89900
x-amz-version-id: hY4L4iRWDT4x4HpHoBgZQ_jDylmV88m0
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:987257285531:build/unblockia-loader-codebuild-project:eed14b09-bf79-4256-9d87-8421f120fcea
x-amz-meta-codebuild-content-md5: cf2e8578aabfc94a9bd8e460e1034106
server: AmazonS3
content-encoding: br
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: z4v1f6gXyrKYCZ_ZCwS0GbReOvGDKQ3kx0PsIbrRTIS3h1wqL1LYfA==
age: 9915
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/df/bd/7a/dfbd7a33d1397e7e7063b1664658e57d/1601889852.html
45.133.44.3200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/df/bd/7a/dfbd7a33d1397e7e7063b1664658e57d/1601889852.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/df/bd/7a/dfbd7a33d1397e7e7063b1664658e57d/1601889852.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 20:00:39 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Mon, 16 Nov 2020 15:00:21 GMT
etag: W/"5fb29405-563"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Wed, 01 Feb 2023 21:00:39 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
jsc.mgid.com/d/e/depositfiles.com.7998.js
104.19.134.78200 OK 0 B URL HTTP/2 jsc.mgid.com/d/e/depositfiles.com.7998.js
IP 104.19.134.78:0
GET /d/e/depositfiles.com.7998.js HTTP/1.1
Host: jsc.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 20:00:37 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=2652
etag: W/"443dbf997da8fe1e8633d2db0b59feab"
last-modified: Wed, 18 Jan 2023 10:06:08 GMT
x-amz-id-2: teJuW/RwCtSaoxDCRntWMrDqtsdRhC20KVqFplE/HttghmV9jMjB2Gaoo3TIare2TnwQBB39EBA=
x-amz-request-id: RGZAP65EKA30RXYQ
x-amz-version-id: nUKWV5PsQ9PvJfD8F3v8NmYXLF3MgaCf
cf-cache-status: HIT
age: 4843
expires: Wed, 01 Feb 2023 23:00:37 GMT
cache-control: public, max-age=10800
set-cookie: __cf_bm=S6LPtCSVHROzIGCR95zwzm001pPMYv8KaeiP0P3OG2g-1675281637-0-AeC3pwYvyHhbj4IUKbL/FGTnEvkohLplXSWSyjHYhw4n6zgErXaxf/b+XYkGt1aqiUh9TJVzIzjwQN31E7RjvsY=; path=/; expires=Wed, 01-Feb-23 20:30:37 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 792d463ceb881c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dde280e15f.5608bd4f7e.com/c0c3a5692bf79b818cec35ce6cc43ad7.js
45.133.44.25200 OK 0 B URL HTTP/2 dde280e15f.5608bd4f7e.com/c0c3a5692bf79b818cec35ce6cc43ad7.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert quad9 Sinkholed
GET /c0c3a5692bf79b818cec35ce6cc43ad7.js HTTP/1.1
Host: dde280e15f.5608bd4f7e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 20:00:37 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 13 Jan 2023 14:07:40 GMT
etag: W/"63c165ac-188ee"
content-encoding: gzip
expires: Wed, 01 Feb 2023 20:05:37 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
js.wpshsdk.com/npc/sdk/push.m.js?v=1
45.133.44.24200 OK 0 B URL HTTP/2 js.wpshsdk.com/npc/sdk/push.m.js?v=1
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
GET /npc/sdk/push.m.js?v=1 HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 20:00:39 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 26 Jan 2023 12:22:57 GMT
etag: W/"63d270a1-f96f"
content-encoding: gzip
expires: Wed, 01 Feb 2023 20:05:39 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2