Report - loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Report Overview

Visitedpublic

2025-08-01 23:00:42

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
oy.archeusdungs.com	unknown	2025-03-03	2025-06-02	2025-06-02	419 B	1.1 kB	23.109.170.60
preferencenail.com	unknown	2025-07-01	2025-07-08	2025-07-29	826 B	172 kB	185.196.197.71
push-sdk.com	unknown	2022-10-25	2022-12-23	2025-07-30	885 B	56 kB	157.90.33.72
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-07-30	1.0 kB	812 kB	142.250.74.168
besideunderstatement.com	unknown	2024-02-12	2024-02-12	2025-07-16	914 B	154 kB	172.240.108.68
flushpersist.com	unknown	2025-07-01	2025-07-08	2025-07-29	1.5 kB	992 B	192.243.61.227
loadedfiles.org	unknown	2023-09-20	2023-09-20	2024-02-26	19 kB	992 kB	195.230.23.84
professionaltrafficmonitor.com	unknown	2025-01-23	2025-01-25	2025-08-01	906 B	848 B	18.194.162.133
cdn.storageimagedisplay.com	unknown	2024-09-13	2024-09-13	2025-08-01	964 B	160 kB	45.133.44.1
cdn.show-sb.com	unknown	2024-08-20	2024-08-31	2025-07-26	496 B	2.1 kB	172.67.170.115
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-07-30	1.4 kB	59 kB	142.250.74.10
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-07-30	3.4 kB	258 kB	142.250.178.99
kettledroopingcontinuation.com	unknown	2024-09-01	2025-07-30	2025-07-30	4.9 kB	10 kB	192.243.59.20
cdn.creative-sb1.com	unknown	2025-07-01	2025-07-08	2025-07-29	2.4 kB	217 kB	104.21.64.1
weirdopt.com	unknown	2025-07-01	2025-07-08	2025-07-30	418 B	377 B	185.196.197.71

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Detection System	Indicator	Verdict	Alert
Quad9 DNS	preferencenail.com	malicious	Sinkholed
Quad9 DNS	kettledroopingcontinuation.com	malicious	Sinkholed
Quad9 DNS	weirdopt.com	malicious	Sinkholed
Quad9 DNS	besideunderstatement.com	malicious	Sinkholed
Quad9 DNS	oy.archeusdungs.com	malicious	Sinkholed

JavaScript (26)

	URL	From	Size	First Seen	Last Seen
	loadedfiles.org/themes/spirit/assets/frontend/js/flickity.min.js	ScriptElement	54 kB	2023-03-07	2025-08-10
URL loadedfiles.org/themes/spirit/assets/frontend/js/flickity.min.js IP / ASN 195.230.23.84 #58294 CloudWall Ltd. Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-10 Times Seen 2230 Size 54 kB (53873 bytes) MD5 8c1e666176ac7bdce67d58b45823ffac SHA1 75947e4316427ce0c5e33300aeb4dc4d7d54dd09 SHA256 c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6 Format Code Loading...

	loadedfiles.org/themes/spirit/assets/frontend/js/countdown.min.js	ScriptElement	5.4 kB	2023-03-07	2025-08-10
URL loadedfiles.org/themes/spirit/assets/frontend/js/countdown.min.js IP / ASN 195.230.23.84 #58294 CloudWall Ltd. Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-10 Times Seen 2681 Size 5.4 kB (5360 bytes) MD5 76a923d3d69255c45cd24bf9b100244f SHA1 eb3c96f9901692f1a03500ea632963a16afdb985 SHA256 8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5 Format Code Loading...

	loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=	ScriptElement	44 B	2023-03-07	2025-08-10
URL loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0= IP / ASN 195.230.23.84 #58294 CloudWall Ltd. Introduced by ScriptElement Embedded true Resource Info First Seen 2023-03-07 Last Seen 2025-08-10 Times Seen 4398 Size 44 B (44 bytes) MD5 21d884540875fb4d2b8f280c541d092c SHA1 9f2a58bb4ff1897269b2df54e333ce35d4435b91 SHA256 8f75c65a00382bae7799a76f3517023df9a72035e9b469e95469b028d4bd0d0a Format Code Loading...

	loadedfiles.org/themes/spirit/assets/frontend/js/scripts.js	ScriptElement	115 kB	2023-03-07	2025-08-10
URL loadedfiles.org/themes/spirit/assets/frontend/js/scripts.js IP / ASN 195.230.23.84 #58294 CloudWall Ltd. Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-10 Times Seen 1956 Size 115 kB (114862 bytes) MD5 ce260d2170faf98639ab8e0e3758f1e2 SHA1 32eeb82a44bf0bce2df78eafae9f2e9ff8d72e1f SHA256 ac331833ebf1c06b0f8565caaeb4760c2184bd89d1cb5574c3947a8d0b6dca1c Format Code Loading...

	besideunderstatement.com/1f/f6/36/1ff6363a986e7aa87f530defe2094722.js	ScriptElement	30 kB	2025-08-01	2025-08-01
URL besideunderstatement.com/1f/f6/36/1ff6363a986e7aa87f530defe2094722.js IP / ASN 172.240.108.68 #7979 SERVERS-COM Introduced by ScriptElement Embedded false Resource Info First Seen 2025-08-01 Last Seen 2025-08-01 Times Seen 1 Size 30 kB (30170 bytes) MD5 00906cec04464bc2b5dd3d9d76794ce3 SHA1 e03c238f86dfad2e58afdafa61ca72b2fc1592ef SHA256 a9796c566ea7881009781486998fe78ff0fe9b16e1352e7107d120b59a5552f2 Format Code Loading...

	loadedfiles.org/themes/spirit/assets/frontend/js/cookiealert.js	ScriptElement	1.8 kB	2023-03-07	2025-08-09
URL loadedfiles.org/themes/spirit/assets/frontend/js/cookiealert.js IP / ASN 195.230.23.84 #58294 CloudWall Ltd. Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-09 Times Seen 2692 Size 1.8 kB (1836 bytes) MD5 81279e22c8ece9e1d0536a402484daa3 SHA1 911797507fb12d4f451d5900e32db96ad697c401 SHA256 5c6237178e88ab7f1c6e26c9e99547e58782450b8f2a182129448ff4d99e89ab Format Code Loading...

	loadedfiles.org/themes/spirit/assets/frontend/js/granim.min.js	ScriptElement	11 kB	2023-03-07	2025-08-10
URL loadedfiles.org/themes/spirit/assets/frontend/js/granim.min.js IP / ASN 195.230.23.84 #58294 CloudWall Ltd. Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-10 Times Seen 2228 Size 11 kB (10635 bytes) MD5 714368d20c70f8c91b0a596e128dac07 SHA1 563954ec3a896fc129d014f01836245829f6d01d SHA256 e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3 Format Code Loading...

	loadedfiles.org/themes/spirit/assets/frontend/js/jquery.dataTables.min.js	ScriptElement	70 kB	2023-03-07	2025-08-10
URL loadedfiles.org/themes/spirit/assets/frontend/js/jquery.dataTables.min.js IP / ASN 195.230.23.84 #58294 CloudWall Ltd. Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-10 Times Seen 2237 Size 70 kB (69754 bytes) MD5 6fda19caa29287e6f584f0557fdeb6d4 SHA1 40f58160090cd1f022704ee1352b343adb9e73b9 SHA256 8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f Format Code Loading...

	loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=	ScriptElement	715 B	2025-08-01	2025-08-01
URL loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0= IP / ASN 195.230.23.84 #58294 CloudWall Ltd. Introduced by ScriptElement Embedded true Resource Info First Seen 2025-08-01 Last Seen 2025-08-01 Times Seen 1 Size 715 B (715 bytes) MD5 dcccf6fcf99e2094d8c45d2214d5aab1 SHA1 fefb863a4eecc3192bbe11f8fa1cde275cde98ff SHA256 59e32fa5ebc220b95ddc1fb7f0d5cd111e2803a3818a9e71621d3bba5f9c65a4 Format Code Loading...

	besideunderstatement.com/89/8e/5d/898e5d63a0695f6c0eb338be63784f41.js	ScriptElement	123 kB	2025-08-01	2025-08-02
URL besideunderstatement.com/89/8e/5d/898e5d63a0695f6c0eb338be63784f41.js IP / ASN 172.240.108.68 #7979 SERVERS-COM Introduced by ScriptElement Embedded false Resource Info First Seen 2025-08-01 Last Seen 2025-08-02 Times Seen 2 Size 123 kB (122660 bytes) MD5 7af17494b77ac1f7f155e8954b415426 SHA1 9bc0da72c481ff98f01a303624d1460931742f96 SHA256 ed42d71a4a3bdcbdc8ffb779a2e12964a66e4893088e4c8a37edb264b4ef9f40 Format Code Loading...

	www.googletagmanager.com/gtag/js?id=G-HD48XQQR2V	ScriptElement	405 kB	2025-08-01	2025-08-01
URL www.googletagmanager.com/gtag/js?id=G-HD48XQQR2V IP / ASN 142.250.74.168 #15169 GOOGLE Introduced by ScriptElement Embedded false Resource Info First Seen 2025-08-01 Last Seen 2025-08-01 Times Seen 1 Size 405 kB (405158 bytes) MD5 37a4521177f90374cf8944a2a004980b SHA1 71cd3a41a36b2d83aeb7c4ce29310139c1fafc4b SHA256 7678ad42750e1af3f96b7d4044fb6a78c0d51ec2eedd3393ee92cee23bee74ab Format Code Loading...

	preferencenail.com/sfp.js	ScriptElement	85 kB	2025-07-08	2025-08-10
URL preferencenail.com/sfp.js IP / ASN 185.196.197.71 #39572 DataWeb Global Group B.V. Introduced by ScriptElement Embedded false Resource Info First Seen 2025-07-08 Last Seen 2025-08-10 Times Seen 2683 Size 85 kB (85386 bytes) MD5 46a6fef91632b94d14252fe324c1585f SHA1 387cebbd261b8fe947fe9805875300f2ceeb5cfd SHA256 36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5 Format Code Loading...

	cdn.creative-sb1.com/sb/ssp/interstitial/background_image/1/js/jquery-3.2.1.min.js	ScriptElement	130 kB	2023-03-08	2025-08-10
URL cdn.creative-sb1.com/sb/ssp/interstitial/background_image/1/js/jquery-3.2.1.min.js IP / ASN 104.21.64.1 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-08 Last Seen 2025-08-10 Times Seen 180 Size 130 kB (129575 bytes) MD5 e59a2e92b4756cc61e2e4f3082ee1360 SHA1 c96d002f642bd85adf1e5326bcc0679f9c3ee001 SHA256 42173a3ca70c715370ce99071f892ad61d3fee33dbf15426fa7eee549a4afca2 Format Code Loading...

	loadedfiles.org/themes/spirit/assets/frontend/js/jquery.steps.min.js	ScriptElement	14 kB	2023-03-07	2025-08-10
URL loadedfiles.org/themes/spirit/assets/frontend/js/jquery.steps.min.js IP / ASN 195.230.23.84 #58294 CloudWall Ltd. Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-10 Times Seen 2249 Size 14 kB (13862 bytes) MD5 0eef6fe46d14f860d5666d2c7b13a564 SHA1 7ab5f7deaca2f71efbc3bf9f5ba27b89d4697dbe SHA256 95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843 Format Code Loading...

	push-sdk.com/f/sdk.js?z=1670726	ScriptElement	55 kB	2025-04-01	2025-08-10
URL push-sdk.com/f/sdk.js?z=1670726 IP / ASN 157.90.33.72 #24940 Hetzner Online GmbH Introduced by ScriptElement Embedded false Resource Info First Seen 2025-04-01 Last Seen 2025-08-10 Times Seen 400 Size 55 kB (54787 bytes) MD5 f4d87b22393ed5eef57d01d86c6a88f6 SHA1 5e1aaee78cd735c23cc423fc863decca30aee219 SHA256 91cf9b34af48f3b62d706127b1140c89d8bb3a5455120acd2cfcfc41ab4ad5ee Format Code Loading...

	oy.archeusdungs.com/1clkn/70008	ScriptElement	6 B	2023-03-07	2025-08-10
URL oy.archeusdungs.com/1clkn/70008 IP / ASN 23.109.170.60 #7979 SERVERS-COM Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-10 Times Seen 13800 Size 6 B (6 bytes) MD5 9082dc37e5e8046929da411544ad071a SHA1 41e0e3963ed94e59e8a2f115994c382712411537 SHA256 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Format Code Loading...

	loadedfiles.org/themes/spirit/assets/frontend/js/typed.min.js	ScriptElement	3.9 kB	2023-03-07	2025-08-10
URL loadedfiles.org/themes/spirit/assets/frontend/js/typed.min.js IP / ASN 195.230.23.84 #58294 CloudWall Ltd. Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-10 Times Seen 4963 Size 3.9 kB (3949 bytes) MD5 2f6185a8a32a50b2b3e04849f44359d4 SHA1 0e5501588c5c0d1c9462f34b0d56c21abff5bfef SHA256 914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b Format Code Loading...

	loadedfiles.org/themes/spirit/assets/frontend/js/datepicker.js	ScriptElement	21 kB	2023-03-07	2025-08-10
URL loadedfiles.org/themes/spirit/assets/frontend/js/datepicker.js IP / ASN 195.230.23.84 #58294 CloudWall Ltd. Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-10 Times Seen 4319 Size 21 kB (20975 bytes) MD5 8cfe207a6a21c7495cfb751c761217a6 SHA1 35d686a6c4ecc9946c35444ce93e110cb0e1611c SHA256 804e3c2608de23694fa71684178e2f9815115d56ee022ec770e1fcb208847acc Format Code Loading...

	loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=	ScriptElement	1.4 kB	2025-08-01	2025-08-01
URL loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0= IP / ASN 195.230.23.84 #58294 CloudWall Ltd. Introduced by ScriptElement Embedded true Resource Info First Seen 2025-08-01 Last Seen 2025-08-01 Times Seen 1 Size 1.4 kB (1422 bytes) MD5 bd2386d4575c1a8988d0ca3c9017c1ae SHA1 f3af2e945d5cd568eb7b0264c1a10ac2634f5e3a SHA256 b9f6395c65437587a6d8abf3a1430ae128ecfb7677aa65fe209de9483707fe64 Format Code Loading...

	loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=	ScriptElement	292 B	2023-03-07	2025-08-09
URL loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0= IP / ASN 195.230.23.84 #58294 CloudWall Ltd. Introduced by ScriptElement Embedded true Resource Info First Seen 2023-03-07 Last Seen 2025-08-09 Times Seen 4481 Size 292 B (292 bytes) MD5 f6038f840321581380bcf8e68fbec2ed SHA1 9c64ca84baabd04b9994597b90882d8ec7158ba2 SHA256 fc7d223cc022e6a00869dea89642667579b0ca033afb07bb0070c7b7a0fd23c3 Format Code Loading...

	www.googletagmanager.com/gtag/js?id=G-W330KW4RQ2&cx=c&gtm=45je57u1v9181252087za200&tag_exp=101509157~103116026~103200004~103233427~104684208~104684211~105033766~105033768~105087538~105087540~105103161~105103163	ScriptElement	405 kB	2025-08-01	2025-08-01
URL www.googletagmanager.com/gtag/js?id=G-W330KW4RQ2&cx=c&gtm=45je57u1v9181252087za200&tag_exp=101509157~103116026~103200004~103233427~104684208~104684211~105033766~105033768~105087538~105087540~105103161~105103163 IP / ASN 142.250.74.168 #15169 GOOGLE Introduced by ScriptElement Embedded false Resource Info First Seen 2025-08-01 Last Seen 2025-08-01 Times Seen 1 Size 405 kB (405121 bytes) MD5 059e8ac067067277f093a00ce33a67e1 SHA1 494c5636da334aa6dafeb57806495383a8383be6 SHA256 1e04508cdf97c51f2490e83828961b62a763e4724636c002076334f6490b5339 Format Code Loading...

	loadedfiles.org/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js	ScriptElement	87 kB	2023-03-07	2025-08-10
URL loadedfiles.org/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js IP / ASN 195.230.23.84 #58294 CloudWall Ltd. Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-10 Times Seen 3030 Size 87 kB (86713 bytes) MD5 5b5a269bd363e0886c17d855c2aab241 SHA1 042dd055cd289215835a58507c9531f808e1648a SHA256 1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e Format Code Loading...

	loadedfiles.org/themes/spirit/assets/frontend/js/smooth-scroll.min.js	ScriptElement	6.0 kB	2023-03-07	2025-08-10
URL loadedfiles.org/themes/spirit/assets/frontend/js/smooth-scroll.min.js IP / ASN 195.230.23.84 #58294 CloudWall Ltd. Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-10 Times Seen 2226 Size 6.0 kB (6028 bytes) MD5 c9e3a210d83398f301b3a7049c259676 SHA1 8e227bb40fe120841829a7fef0ffeb091d179a91 SHA256 aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805 Format Code Loading...

	about:blank	ScriptElement	817 B	2024-10-06	2025-08-10
URL about:blank IP / ASN 0.0.0.0 #0 Introduced by ScriptElement Embedded false Resource Info First Seen 2024-10-06 Last Seen 2025-08-10 Times Seen 6 Size 817 B (817 bytes) MD5 8fa9894988a7809fc91d285aa38da93d SHA1 0855893cc847a2db8ae4685eb8238c6855706db4 SHA256 52e01e2c3f1d0606306cca0fbfce6e832aab96a3b477a3c45429b771e268a7e3 Format Code Loading...

	loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=	ScriptElement	187 B	2024-06-30	2025-08-01
URL loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0= IP / ASN 195.230.23.84 #58294 CloudWall Ltd. Introduced by ScriptElement Embedded true Resource Info First Seen 2024-06-30 Last Seen 2025-08-01 Times Seen 3 Size 187 B (187 bytes) MD5 6a38650adb21b7dc1eb50538a0566b17 SHA1 beb702b251f1eb1dadc4f23b20c5e3e3f42f70c8 SHA256 c134a38d2c9a61065848dcce375060fd8f500c2ae911a7cfd0c7fb4432f3e167 Format Code Loading...

	preferencenail.com/sfp.js	ScriptElement	85 kB	2025-07-08	2025-08-10
URL preferencenail.com/sfp.js IP / ASN 185.196.197.71 #39572 DataWeb Global Group B.V. Introduced by ScriptElement Embedded false Resource Info First Seen 2025-07-08 Last Seen 2025-08-10 Times Seen 2683 Size 85 kB (85386 bytes) MD5 46a6fef91632b94d14252fe324c1585f SHA1 387cebbd261b8fe947fe9805875300f2ceeb5cfd SHA256 36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5 Format Code Loading...

HTTP Transactions (66)

URL IP Response Size

GET loadedfiles.org/cache/themes/spirit/logo_inverse.png

195.230.23.84

200 OK

24 kB

URL GET HTTPS

loadedfiles.org/cache/themes/spirit/logo_inverse.png

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typePNG image data, 354 x 86, 16-bit/color RGBA, non-interlaced

First Seen2023-12-09

Last Seen2025-08-01

Times Seen8

Size24 kB (23882 bytes)

MD53d9022aa0e549ed30fd0d47c6bf2fce0

SHA17ab6cbe637259d597486dbe7bda6143e2524f062

SHA2563f527b63bfeb24834c6b95a0017f949392c77a0f043b04821fc38e5452871314

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

Apache HTTP Server (Web servers)

HTTP Headers

GET /cache/themes/spirit/logo_inverse.png HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=
Cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Thu, 18 Apr 2024 22:08:54 GMT
etag: "5d4a-616663781e980"
accept-ranges: bytes
content-length: 23882
content-type: image/png
date: Fri, 01 Aug 2025 23:00:19 GMT
server: Apache
X-Firefox-Spdy: h2

GET loadedfiles.org/themes/spirit/assets/frontend/css/flickity.css

195.230.23.84

200 OK

2.5 kB

URL GET HTTPS

loadedfiles.org/themes/spirit/assets/frontend/css/flickity.css

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeASCII text, with CRLF line terminators

First Seen2023-04-11

Last Seen2025-08-10

Times Seen1787

Size2.5 kB (2521 bytes)

MD5244d315064064270eabbbb7ac9f6c700

SHA121ad53d3efbb40154293190173ee0c497ed7651c

SHA256ff5fe542e37297733305fb7e68a41b3269a681d64145945f2131a646044c016a

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

Apache HTTP Server (Web servers)

HTTP Headers

GET /themes/spirit/assets/frontend/css/flickity.css HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=
Cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 15 Apr 2022 11:04:00 GMT
etag: "9d9-5dcaf5e1e8800-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 782
content-type: text/css
date: Fri, 01 Aug 2025 23:00:19 GMT
server: Apache
X-Firefox-Spdy: h2

GET loadedfiles.org/themes/spirit/assets/frontend/js/scripts.js

195.230.23.84

200 OK

115 kB

URL GET HTTPS

loadedfiles.org/themes/spirit/assets/frontend/js/scripts.js

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeJavaScript source, ASCII text, with very long lines (914), with CRLF line terminators

First Seen2023-03-07

Last Seen2025-08-10

Times Seen1956

Size115 kB (114862 bytes)

MD5ce260d2170faf98639ab8e0e3758f1e2

SHA132eeb82a44bf0bce2df78eafae9f2e9ff8d72e1f

SHA256ac331833ebf1c06b0f8565caaeb4760c2184bd89d1cb5574c3947a8d0b6dca1c

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

Apache HTTP Server (Web servers)

HTTP Headers

GET /themes/spirit/assets/frontend/js/scripts.js HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=
Cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 15 Apr 2022 11:04:00 GMT
etag: "1c0ae-5dcaf5e1e8800-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 23137
content-type: text/javascript
date: Fri, 01 Aug 2025 23:00:19 GMT
server: Apache
X-Firefox-Spdy: h2

GET professionaltrafficmonitor.com/stats

18.194.162.133

200 OK

40 B

URL GET HTTPS

professionaltrafficmonitor.com/stats

IP / ASN

18.194.162.133

#16509 AMAZON-02

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeASCII text, with no line terminators

First Seen2025-08-01

Last Seen2025-08-01

Times Seen1

Size40 B (40 bytes)

MD59492e755f06d8130b562f14e1db6438a

SHA1f1624274e3d55d8e6b05efa07c284bfcae21006d

SHA25687ec682687fe403a3109cf14c0a7b0f8e3b988e610f06c62121f456900dd7a53

Certificate Info

IssuerAmazon

Subjectprotrafficinspector.com

Fingerprint5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6

ValidityTue, 01 Jul 2025 00:00:00 GMT - Thu, 30 Jul 2026 23:59:59 GMT

HTTP Headers

GET /stats HTTP/1.1
Host: professionaltrafficmonitor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://loadedfiles.org
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Aug 2025 23:00:20 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://loadedfiles.org
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=b8fde2c5-34d5-4738-a267-7f9be79cd404:3:1; expires=Mon, 30 Jul 2035 23:00:20 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

GET loadedfiles.org/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png

195.230.23.84

200 OK

447 B

URL GET HTTPS

loadedfiles.org/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced

First Seen2023-05-01

Last Seen2025-08-09

Times Seen984

Size447 B (447 bytes)

MD5f3d5da06fe8d5a2425d5d229285e5eea

SHA101032b864f3c74bbf44771e2ba41eeb2251fad90

SHA256d11d596429d3543bfb07191a87a67a8c22e198113c6f3a109158a5a85bf82f26

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

Apache HTTP Server (Web servers)

HTTP Headers

GET /themes/spirit/assets/frontend/img/favicon/favicon-16x16.png HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=
Cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe; _ga_HD48XQQR2V=GS2.1.s1754089220$o1$g0$t1754089220$j60$l0$h0; _ga=GA1.1.1263307868.1754089220
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 15 Apr 2022 11:04:00 GMT
etag: "1bf-5dcaf5e1e8800"
accept-ranges: bytes
content-length: 447
content-type: image/png
date: Fri, 01 Aug 2025 23:00:20 GMT
server: Apache
X-Firefox-Spdy: h2

GET loadedfiles.org/themes/spirit/assets/frontend/js/typed.min.js

195.230.23.84

200 OK

3.9 kB

URL GET HTTPS

loadedfiles.org/themes/spirit/assets/frontend/js/typed.min.js

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeJavaScript source, ASCII text, with very long lines (3949), with no line terminators

First Seen2023-03-07

Last Seen2025-08-10

Times Seen4963

Size3.9 kB (3949 bytes)

MD52f6185a8a32a50b2b3e04849f44359d4

SHA10e5501588c5c0d1c9462f34b0d56c21abff5bfef

SHA256914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

Apache HTTP Server (Web servers)

HTTP Headers

GET /themes/spirit/assets/frontend/js/typed.min.js HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=
Cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 15 Apr 2022 11:04:00 GMT
etag: "f6d-5dcaf5e1e8800-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1473
content-type: text/javascript
date: Fri, 01 Aug 2025 23:00:19 GMT
server: Apache
X-Firefox-Spdy: h2

GET loadedfiles.org/themes/spirit/assets/frontend/js/granim.min.js

195.230.23.84

200 OK

11 kB

URL GET HTTPS

loadedfiles.org/themes/spirit/assets/frontend/js/granim.min.js

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeJavaScript source, ASCII text, with very long lines (10573), with CRLF line terminators

First Seen2023-03-07

Last Seen2025-08-10

Times Seen2228

Size11 kB (10635 bytes)

MD5714368d20c70f8c91b0a596e128dac07

SHA1563954ec3a896fc129d014f01836245829f6d01d

SHA256e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

Apache HTTP Server (Web servers)

HTTP Headers

GET /themes/spirit/assets/frontend/js/granim.min.js HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=
Cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 15 Apr 2022 11:04:00 GMT
etag: "298b-5dcaf5e1e8800-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2838
content-type: text/javascript
date: Fri, 01 Aug 2025 23:00:19 GMT
server: Apache
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.178.99

200 OK

48 kB

URL GET HTTPS

fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

IP / ASN

142.250.178.99

#15169 GOOGLE

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeWeb Open Font Format (Version 2), TrueType, length 48332, version 1.0

First Seen2025-05-29

Last Seen2025-08-10

Times Seen34603

Size48 kB (48332 bytes)

MD55734e133a619a6ae6ee21a6c00a95eba

SHA157c0ac17302d07bd4f968240098afe5ed53d4ad2

SHA256d7a547581722aa055a7fb5b9912aebf3f3e928e1db3e5af9e54cf158cb4c4c4a

Certificate Info

IssuerGoogle Trust Services

Subject*.gstatic.com

Fingerprint43:A0:95:35:FB:C7:02:15:92:9E:20:20:0D:0A:E7:8F:93:61:52:CD

ValidityMon, 07 Jul 2025 08:35:11 GMT - Mon, 29 Sep 2025 08:35:10 GMT

HTTP Headers

GET /s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://loadedfiles.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 31 Jul 2025 15:48:02 GMT
expires: Fri, 31 Jul 2026 15:48:02 GMT
cache-control: public, max-age=31536000
age: 112337
last-modified: Wed, 28 May 2025 18:06:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET preferencenail.com/sfp.js

185.196.197.71

200 OK

85 kB

URL GET HTTPS

preferencenail.com/sfp.js

IP / ASN

185.196.197.71

#39572 DataWeb Global Group B.V.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators

First Seen2025-07-08

Last Seen2025-08-10

Times Seen2683

Size85 kB (85386 bytes)

MD546a6fef91632b94d14252fe324c1585f

SHA1387cebbd261b8fe947fe9805875300f2ceeb5cfd

SHA25636d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5

Certificate Info

IssuerLet's Encrypt

Subjectpreferencenail.com

FingerprintF9:52:70:4B:81:A8:F8:39:E6:E7:96:8F:EA:FE:17:FD:96:C5:32:E3

ValidityTue, 01 Jul 2025 15:11:38 GMT - Mon, 29 Sep 2025 15:11:37 GMT

Technology Fingerprints

Nginx:1.21.6 (Web servers, Reverse proxies)

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: preferencenail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Aug 2025 23:00:19 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28254
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Host: preferencenail.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: e8ac6d1aa96a1da3a527466187c4bff9
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET loadedfiles.org/themes/spirit/assets/frontend/css/socicon.css

195.230.23.84

200 OK

9.8 kB

URL GET HTTPS

loadedfiles.org/themes/spirit/assets/frontend/css/socicon.css

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeASCII text, with CRLF line terminators

First Seen2023-04-11

Last Seen2025-08-10

Times Seen1755

Size9.8 kB (9838 bytes)

MD5910a42ce112991b31b30a735f1006a5f

SHA16c8b4769270f1c86bb1c7a6b54325465395ba614

SHA256010e6ffb18715ededb10c4ae5a8518475c138fb63b83ec1c125d09b714ccdd8b

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

Apache HTTP Server (Web servers)

HTTP Headers

GET /themes/spirit/assets/frontend/css/socicon.css HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=
Cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 15 Apr 2022 11:04:00 GMT
etag: "266e-5dcaf5e1e8800-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1886
content-type: text/css
date: Fri, 01 Aug 2025 23:00:19 GMT
server: Apache
X-Firefox-Spdy: h2

GET preferencenail.com/sfp.js

185.196.197.71

200 OK

85 kB

URL GET HTTPS

preferencenail.com/sfp.js

IP / ASN

185.196.197.71

#39572 DataWeb Global Group B.V.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators

First Seen2025-07-08

Last Seen2025-08-10

Times Seen2683

Size85 kB (85386 bytes)

MD546a6fef91632b94d14252fe324c1585f

SHA1387cebbd261b8fe947fe9805875300f2ceeb5cfd

SHA25636d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5

Certificate Info

IssuerLet's Encrypt

Subjectpreferencenail.com

FingerprintF9:52:70:4B:81:A8:F8:39:E6:E7:96:8F:EA:FE:17:FD:96:C5:32:E3

ValidityTue, 01 Jul 2025 15:11:38 GMT - Mon, 29 Sep 2025 15:11:37 GMT

Technology Fingerprints

Nginx:1.21.6 (Web servers, Reverse proxies)

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: preferencenail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Aug 2025 23:00:19 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28254
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Host: preferencenail.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: edad58894aa8eec716b07bbf2fc4ecab
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET flushpersist.com/pxf.gif?uuid=b8fde2c5-34d5-4738-a267-7f9be79cd404&eb=bff3d6bf6d16c0bb5e58232c1a99ef63&te=fe015aeda515c30449c87b1701cc307f&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=898e5d63a0695f6c0eb338be63784f41&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23

192.243.61.227

200 OK

0 B

URL GET HTTPS

flushpersist.com/pxf.gif?uuid=b8fde2c5-34d5-4738-a267-7f9be79cd404&eb=bff3d6bf6d16c0bb5e58232c1a99ef63&te=fe015aeda515c30449c87b1701cc307f&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=898e5d63a0695f6c0eb338be63784f41&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23

IP / ASN

192.243.61.227

#39572 DataWeb Global Group B.V.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-10

Times Seen5753523

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerLet's Encrypt

Subjectflushpersist.com

Fingerprint9E:08:20:A0:75:ED:21:51:E0:3D:DE:29:CD:B0:11:01:4D:04:77:0A

ValidityTue, 01 Jul 2025 15:12:33 GMT - Mon, 29 Sep 2025 15:12:32 GMT

Technology Fingerprints

Nginx:1.21.6 (Web servers, Reverse proxies)

HTTP Headers

GET /pxf.gif?uuid=b8fde2c5-34d5-4738-a267-7f9be79cd404&eb=bff3d6bf6d16c0bb5e58232c1a99ef63&te=fe015aeda515c30449c87b1701cc307f&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=898e5d63a0695f6c0eb338be63784f41&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23 HTTP/1.1
Host: flushpersist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Aug 2025 23:00:21 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: flushpersist.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 8c86c3518e418647a8c4002d82341289
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET loadedfiles.org/themes/spirit/assets/frontend/js/jquery.dataTables.min.js

195.230.23.84

200 OK

70 kB

URL GET HTTPS

loadedfiles.org/themes/spirit/assets/frontend/js/jquery.dataTables.min.js

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeJavaScript source, ASCII text, with very long lines (768), with CRLF line terminators

First Seen2023-03-07

Last Seen2025-08-10

Times Seen2237

Size70 kB (69754 bytes)

MD56fda19caa29287e6f584f0557fdeb6d4

SHA140f58160090cd1f022704ee1352b343adb9e73b9

SHA2568ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

Apache HTTP Server (Web servers)

HTTP Headers

GET /themes/spirit/assets/frontend/js/jquery.dataTables.min.js HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=
Cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 15 Apr 2022 11:04:00 GMT
etag: "1107a-5dcaf5e1e8800-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 19371
content-type: text/javascript
date: Fri, 01 Aug 2025 23:00:19 GMT
server: Apache
X-Firefox-Spdy: h2

GET loadedfiles.org/themes/spirit/assets/frontend/js/smooth-scroll.min.js

195.230.23.84

200 OK

6.0 kB

URL GET HTTPS

loadedfiles.org/themes/spirit/assets/frontend/js/smooth-scroll.min.js

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeJavaScript source, ASCII text, with very long lines (4887), with CRLF line terminators

First Seen2023-03-07

Last Seen2025-08-10

Times Seen2226

Size6.0 kB (6028 bytes)

MD5c9e3a210d83398f301b3a7049c259676

SHA18e227bb40fe120841829a7fef0ffeb091d179a91

SHA256aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

Apache HTTP Server (Web servers)

HTTP Headers

GET /themes/spirit/assets/frontend/js/smooth-scroll.min.js HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=
Cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 15 Apr 2022 11:04:00 GMT
etag: "178c-5dcaf5e1e8800-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2757
content-type: text/javascript
date: Fri, 01 Aug 2025 23:00:19 GMT
server: Apache
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.178.99

200 OK

48 kB

URL GET HTTPS

fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

IP / ASN

142.250.178.99

#15169 GOOGLE

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeWeb Open Font Format (Version 2), TrueType, length 48332, version 1.0

First Seen2025-05-29

Last Seen2025-08-10

Times Seen34603

Size48 kB (48332 bytes)

MD55734e133a619a6ae6ee21a6c00a95eba

SHA157c0ac17302d07bd4f968240098afe5ed53d4ad2

SHA256d7a547581722aa055a7fb5b9912aebf3f3e928e1db3e5af9e54cf158cb4c4c4a

Certificate Info

IssuerGoogle Trust Services

Subject*.gstatic.com

Fingerprint43:A0:95:35:FB:C7:02:15:92:9E:20:20:0D:0A:E7:8F:93:61:52:CD

ValidityMon, 07 Jul 2025 08:35:11 GMT - Mon, 29 Sep 2025 08:35:10 GMT

HTTP Headers

GET /s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://loadedfiles.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 31 Jul 2025 15:48:02 GMT
expires: Fri, 31 Jul 2026 15:48:02 GMT
cache-control: public, max-age=31536000
age: 112338
last-modified: Wed, 28 May 2025 18:06:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

POST push-sdk.com/event?z=1670726

157.90.33.72

200 OK

0 B

URL POST HTTPS

push-sdk.com/event?z=1670726

IP / ASN

157.90.33.72

#24940 Hetzner Online GmbH

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-10

Times Seen5753523

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerLet's Encrypt

Subjectpush-sdk.com

Fingerprint2E:9A:67:76:0E:42:81:D5:30:A2:76:47:85:CA:6C:D7:FD:FF:38:9C

ValidityThu, 05 Jun 2025 03:47:05 GMT - Wed, 03 Sep 2025 03:47:04 GMT

Technology Fingerprints

Perl (Programming languages)

Angie (Web servers)

C (Programming languages)

HTTP Headers

POST /event?z=1670726 HTTP/1.1
Host: push-sdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 83
Origin: https://loadedfiles.org
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Angie
date: Fri, 01 Aug 2025 23:00:20 GMT
content-length: 0
access-control-allow-origin: https://loadedfiles.org
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
expires: Tue, 11 Jan 1994 00:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
X-Firefox-Spdy: h2

GET cdn.storageimagedisplay.com/si/e7/c8/a1/e7c8a13987e7f8f7cda5f475a9824b338a33b5f7294bc944b6786a38ea479d30.png

45.133.44.1

200 OK

36 kB

URL GET HTTPS

cdn.storageimagedisplay.com/si/e7/c8/a1/e7c8a13987e7f8f7cda5f475a9824b338a33b5f7294bc944b6786a38ea479d30.png

IP / ASN

45.133.44.1

#39572 DataWeb Global Group B.V.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x300, components 3

First Seen2025-07-24

Last Seen2025-08-10

Times Seen100

Size36 kB (35777 bytes)

MD55d927b09f526577920cc71ef978b2397

SHA1d26fb4cf28d500bb2761889ea7968e54a48ed1f4

SHA25636bf52fddbda17aa737ad2ce02c3d4cfda7c377074eddf629064183539398890

Certificate Info

IssuerLet's Encrypt

Subjectcdn.storageimagedisplay.com

Fingerprint06:D8:07:0F:AB:BF:D8:7F:C5:38:82:AC:A7:8A:20:4D:83:6C:EA:C9

ValidityThu, 10 Jul 2025 02:33:11 GMT - Wed, 08 Oct 2025 02:33:10 GMT

Technology Fingerprints

Nginx:1.21.6 (Web servers, Reverse proxies)

HTTP Headers

GET /si/e7/c8/a1/e7c8a13987e7f8f7cda5f475a9824b338a33b5f7294bc944b6786a38ea479d30.png HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Aug 2025 23:00:21 GMT
content-type: image/png
content-length: 35777
server: nginx/1.21.6
last-modified: Sat, 19 Jul 2025 15:26:43 GMT
etag: "687bb933-8bc1"
expires: Sun, 03 Aug 2025 23:00:21 GMT
cache-control: max-age=172800
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

195.230.23.84

200 OK

16 kB

URL User Request GET HTTPS

loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with CRLF, LF line terminators

First Seen2025-08-01

Last Seen2025-08-01

Times Seen1

Size16 kB (16220 bytes)

MD5cc501fde0f9806050fb7f43a27597b32

SHA1c7669af1719004d3341e8438c5b377f603c561bc

SHA256fbc672797364568190019655cd8ab0cd10dd180c1bb313e8ae89e80981917e04

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

DataTables (JavaScript libraries)

Google Analytics (Analytics)

Apache HTTP Server (Web servers)

Bootstrap (UI frameworks)

jQuery:3.1.1 (JavaScript libraries)

HTTP Headers

GET /0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0= HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, no-cache, private
pragma: no-cache
access-control-allow-origin: https://loadedfiles.org
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description
access-control-allow-credentials: true
date: Fri, 01 Aug 2025 23:00:18 GMT
set-cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe; expires=Sat, 02-Aug-2025 23:00:18 GMT; Max-Age=86400; path=/; domain=loadedfiles.org; secure; HttpOnly; SameSite=None
vary: Accept-Encoding
content-encoding: gzip
content-length: 3553
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2

GET loadedfiles.org/cache/themes/spirit/logo.png

195.230.23.84

200 OK

24 kB

URL GET HTTPS

loadedfiles.org/cache/themes/spirit/logo.png

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typePNG image data, 354 x 86, 16-bit/color RGBA, non-interlaced

First Seen2023-12-09

Last Seen2025-08-01

Times Seen8

Size24 kB (23882 bytes)

MD53d9022aa0e549ed30fd0d47c6bf2fce0

SHA17ab6cbe637259d597486dbe7bda6143e2524f062

SHA2563f527b63bfeb24834c6b95a0017f949392c77a0f043b04821fc38e5452871314

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

Apache HTTP Server (Web servers)

HTTP Headers

GET /cache/themes/spirit/logo.png HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=
Cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Thu, 18 Apr 2024 22:08:54 GMT
etag: "5d4a-616663781e980"
accept-ranges: bytes
content-length: 23882
content-type: image/png
date: Fri, 01 Aug 2025 23:00:19 GMT
server: Apache
X-Firefox-Spdy: h2

GET loadedfiles.org/themes/spirit/assets/frontend/css/custom.css

195.230.23.84

200 OK

8.9 kB

URL GET HTTPS

loadedfiles.org/themes/spirit/assets/frontend/css/custom.css

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeassembler source, ASCII text, with CRLF line terminators

First Seen2023-04-09

Last Seen2025-08-01

Times Seen576

Size8.9 kB (8936 bytes)

MD565417cde74809cb9b9e66d0ab4adc448

SHA19729ccac013729aed790fdc25d71d858f50a137b

SHA256c8dee41785c1f45859a70f3bb9a65b3cba83d866dd46ca0096d07067fec9d280

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

Apache HTTP Server (Web servers)

HTTP Headers

GET /themes/spirit/assets/frontend/css/custom.css HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=
Cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 15 Apr 2022 11:04:00 GMT
etag: "22e8-5dcaf5e1e8800-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2040
content-type: text/css
date: Fri, 01 Aug 2025 23:00:19 GMT
server: Apache
X-Firefox-Spdy: h2

GET loadedfiles.org/themes/spirit/assets/frontend/js/countdown.min.js

195.230.23.84

200 OK

5.4 kB

URL GET HTTPS

loadedfiles.org/themes/spirit/assets/frontend/js/countdown.min.js

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeJavaScript source, ASCII text, with very long lines (4136), with CRLF line terminators

First Seen2023-03-07

Last Seen2025-08-10

Times Seen2681

Size5.4 kB (5360 bytes)

MD576a923d3d69255c45cd24bf9b100244f

SHA1eb3c96f9901692f1a03500ea632963a16afdb985

SHA2568f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

Apache HTTP Server (Web servers)

HTTP Headers

GET /themes/spirit/assets/frontend/js/countdown.min.js HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=
Cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 15 Apr 2022 11:04:00 GMT
etag: "14f0-5dcaf5e1e8800-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2378
content-type: text/javascript
date: Fri, 01 Aug 2025 23:00:19 GMT
server: Apache
X-Firefox-Spdy: h2

GET cdn.show-sb.com/sb/au/3a/fb/42/3afb429f1f81cca1b8c0759baff80b11/1698575610.html

172.67.170.115

200 OK

1.4 kB

URL GET HTTPS

cdn.show-sb.com/sb/au/3a/fb/42/3afb429f1f81cca1b8c0759baff80b11/1698575610.html

IP / ASN

172.67.170.115

#13335 CLOUDFLARENET

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeHTML document, ASCII text

First Seen2024-02-19

Last Seen2025-08-10

Times Seen146

Size1.4 kB (1356 bytes)

MD5f573728dd24850e679d2f18c02bb0daa

SHA1aed77a988b90e06ceb55dd70a653472ae34c88dd

SHA25628f7cce0994cf9fc353e61df45beaff264ac061f0158a84e090981c64f016c87

Certificate Info

IssuerGoogle Trust Services

Subjectshow-sb.com

FingerprintDF:A8:5A:11:E9:7E:8B:0E:2E:08:20:FB:02:FE:C4:E3:E7:97:E8:3A

ValidityThu, 12 Jun 2025 07:26:41 GMT - Wed, 10 Sep 2025 08:25:04 GMT

Technology Fingerprints

Cloudflare (CDN)

HTTP Headers

GET /sb/au/3a/fb/42/3afb429f1f81cca1b8c0759baff80b11/1698575610.html HTTP/1.1
Host: cdn.show-sb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://loadedfiles.org
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Aug 2025 23:00:21 GMT
content-type: text/html
server: cloudflare
last-modified: Sun, 29 Oct 2023 10:33:35 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-expose-headers: Date
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=mi%2BjWZBzqf1Tbxagom8YcMP4fAumUzmTku1yK1EE4b6xTuc5ZjTGSFnhBC6Kudt%2BTg6HQl87fjoAnIjZELmpmJxGU%2Br9b9c9dGqqEok%3D"}]}
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9688f38008ec7127-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET loadedfiles.org/themes/spirit/assets/frontend/css/bootstrap.min.css

195.230.23.84

200 OK

77 kB

URL GET HTTPS

loadedfiles.org/themes/spirit/assets/frontend/css/bootstrap.min.css

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeASCII text, with very long lines (65319), with CRLF line terminators

First Seen2023-04-11

Last Seen2025-08-10

Times Seen2190

Size77 kB (76922 bytes)

MD59b67b9ffbfcbe226a8c413fa740fd91c

SHA17837bd0c312897e46311aaf472947f3e23d75df2

SHA2562642f94894419d1cebdc4a010b9380a7403063dd6d28ea8a80bd5ebd01186732

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

Apache HTTP Server (Web servers)

HTTP Headers

GET /themes/spirit/assets/frontend/css/bootstrap.min.css HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=
Cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 15 Apr 2022 11:04:00 GMT
etag: "12c7a-5dcaf5e1e8800-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12502
content-type: text/css
date: Fri, 01 Aug 2025 23:00:19 GMT
server: Apache
X-Firefox-Spdy: h2

GET loadedfiles.org/cache/themes/spirit/custom_css.css?r=f55906d02b1bb7f090a86f22096a7bac

195.230.23.84

200 OK

2.9 kB

URL GET HTTPS

loadedfiles.org/cache/themes/spirit/custom_css.css?r=f55906d02b1bb7f090a86f22096a7bac

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeASCII text, with very long lines (319)

First Seen2024-02-22

Last Seen2025-08-01

Times Seen16

Size2.9 kB (2892 bytes)

MD532165ed1913d2734828bd438e3de425b

SHA1a9664134d42c4f4f2b3fdc00cf304fb21aefe237

SHA256729d220f71646ad804180fb9c1cf378dd3dbbb8e6b10629556bfc1712c9b1136

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

Apache HTTP Server (Web servers)

HTTP Headers

GET /cache/themes/spirit/custom_css.css?r=f55906d02b1bb7f090a86f22096a7bac HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=
Cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Thu, 18 Apr 2024 22:08:54 GMT
etag: "b4c-616663781e980-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 754
content-type: text/css
date: Fri, 01 Aug 2025 23:00:19 GMT
server: Apache
X-Firefox-Spdy: h2

GET loadedfiles.org/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js

195.230.23.84

200 OK

87 kB

URL GET HTTPS

loadedfiles.org/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeJavaScript source, ASCII text, with very long lines (32030), with CRLF line terminators

First Seen2023-03-07

Last Seen2025-08-10

Times Seen3030

Size87 kB (86713 bytes)

MD55b5a269bd363e0886c17d855c2aab241

SHA1042dd055cd289215835a58507c9531f808e1648a

SHA2561cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

Apache HTTP Server (Web servers)

HTTP Headers

GET /themes/spirit/assets/frontend/js/jquery-3.1.1.min.js HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=
Cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 15 Apr 2022 11:04:00 GMT
etag: "152b9-5dcaf5e1e8800-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 30089
content-type: text/javascript
date: Fri, 01 Aug 2025 23:00:19 GMT
server: Apache
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/opensans/v43/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2

142.250.178.99

200 OK

19 kB

URL GET HTTPS

fonts.gstatic.com/s/opensans/v43/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2

IP / ASN

142.250.178.99

#15169 GOOGLE

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeWeb Open Font Format (Version 2), TrueType, length 19276, version 1.0

First Seen2025-05-29

Last Seen2025-08-10

Times Seen1337

Size19 kB (19276 bytes)

MD5266d9ceb5c3c51971e2a9e13b7ec5883

SHA1091a3b35321cb3e7b11034a091964e795c4b74ac

SHA256f93e2585efd0318f328e3431482382c66dfe89ac387060e88116cdd18a18b933

Certificate Info

IssuerGoogle Trust Services

Subject*.gstatic.com

Fingerprint43:A0:95:35:FB:C7:02:15:92:9E:20:20:0D:0A:E7:8F:93:61:52:CD

ValidityMon, 07 Jul 2025 08:35:11 GMT - Mon, 29 Sep 2025 08:35:10 GMT

HTTP Headers

GET /s/opensans/v43/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://loadedfiles.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19276
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 31 Jul 2025 17:16:29 GMT
expires: Fri, 31 Jul 2026 17:16:29 GMT
cache-control: public, max-age=31536000
age: 107030
last-modified: Wed, 28 May 2025 17:52:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET professionaltrafficmonitor.com/stats

18.194.162.133

200 OK

40 B

URL GET HTTPS

professionaltrafficmonitor.com/stats

IP / ASN

18.194.162.133

#16509 AMAZON-02

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeASCII text, with no line terminators

First Seen2025-08-01

Last Seen2025-08-01

Times Seen1

Size40 B (40 bytes)

MD591febad385cd1def4b307b69a66c4ffe

SHA1d39907bf9741de92ba89f61cf6c5765a2a96a4fe

SHA2565b9725265cb3c20b7147f6fb0036ebb1e8b76bd2b2ea4d62c75160537f0973d9

Certificate Info

IssuerAmazon

Subjectprotrafficinspector.com

Fingerprint5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6

ValidityTue, 01 Jul 2025 00:00:00 GMT - Thu, 30 Jul 2026 23:59:59 GMT

HTTP Headers

GET /stats HTTP/1.1
Host: professionaltrafficmonitor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://loadedfiles.org
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Aug 2025 23:00:20 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://loadedfiles.org
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=f993bf72-2f11-4d15-93bd-688e6c4691b4:2:1; expires=Mon, 30 Jul 2035 23:00:20 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=G-W330KW4RQ2&cx=c&gtm=45je57u1v9181252087za200&tag_exp=101509157~103116026~103200004~103233427~104684208~104684211~105033766~105033768~105087538~105087540~105103161~105103163

142.250.74.168

200 OK

405 kB

URL GET HTTPS

www.googletagmanager.com/gtag/js?id=G-W330KW4RQ2&cx=c&gtm=45je57u1v9181252087za200&tag_exp=101509157~103116026~103200004~103233427~104684208~104684211~105033766~105033768~105087538~105087540~105103161~105103163

IP / ASN

142.250.74.168

#15169 GOOGLE

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeJavaScript source, ASCII text, with very long lines (6006)

First Seen2025-08-01

Last Seen2025-08-01

Times Seen1

Size405 kB (405121 bytes)

MD5059e8ac067067277f093a00ce33a67e1

SHA1494c5636da334aa6dafeb57806495383a8383be6

SHA2561e04508cdf97c51f2490e83828961b62a763e4724636c002076334f6490b5339

Certificate Info

IssuerGoogle Trust Services

Subject*.google-analytics.com

FingerprintA2:8A:24:AD:51:7D:A4:62:BB:34:6F:C9:21:A1:B9:E1:2D:A6:0E:C1

ValidityMon, 07 Jul 2025 08:34:03 GMT - Mon, 29 Sep 2025 08:34:02 GMT

Technology Fingerprints

HTTP Headers

GET /gtag/js?id=G-W330KW4RQ2&cx=c&gtm=45je57u1v9181252087za200&tag_exp=101509157~103116026~103200004~103233427~104684208~104684211~105033766~105033768~105087538~105087540~105103161~105103163 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 01 Aug 2025 23:00:20 GMT
expires: Fri, 01 Aug 2025 23:00:20 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1099:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1099:0
report-to: {"group":"ascgcycc:1099:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1099:0"}],}
server: Google Tag Manager
content-length: 135244
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET flushpersist.com/pxf.gif?uuid=b8fde2c5-34d5-4738-a267-7f9be79cd404&eb=bff3d6bf6d16c0bb5e58232c1a99ef63&te=fe015aeda515c30449c87b1701cc307f&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=1ff6363a986e7aa87f530defe2094722&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23

192.243.61.227

200 OK

0 B

URL GET HTTPS

flushpersist.com/pxf.gif?uuid=b8fde2c5-34d5-4738-a267-7f9be79cd404&eb=bff3d6bf6d16c0bb5e58232c1a99ef63&te=fe015aeda515c30449c87b1701cc307f&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=1ff6363a986e7aa87f530defe2094722&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23

IP / ASN

192.243.61.227

#39572 DataWeb Global Group B.V.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-10

Times Seen5753523

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerLet's Encrypt

Subjectflushpersist.com

Fingerprint9E:08:20:A0:75:ED:21:51:E0:3D:DE:29:CD:B0:11:01:4D:04:77:0A

ValidityTue, 01 Jul 2025 15:12:33 GMT - Mon, 29 Sep 2025 15:12:32 GMT

Technology Fingerprints

Nginx:1.21.6 (Web servers, Reverse proxies)

HTTP Headers

GET /pxf.gif?uuid=b8fde2c5-34d5-4738-a267-7f9be79cd404&eb=bff3d6bf6d16c0bb5e58232c1a99ef63&te=fe015aeda515c30449c87b1701cc307f&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=1ff6363a986e7aa87f530defe2094722&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23 HTTP/1.1
Host: flushpersist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Aug 2025 23:00:21 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: flushpersist.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: bdcbe1f65125ba12a93f8d220d89a684
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET kettledroopingcontinuation.com/pixel/sbs?c=1

192.243.59.20

200 OK

0 B

URL GET HTTPS

kettledroopingcontinuation.com/pixel/sbs?c=1

IP / ASN

192.243.59.20

#39572 DataWeb Global Group B.V.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-10

Times Seen5753523

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerLet's Encrypt

Subjectkettledroopingcontinuation.com

Fingerprint38:55:0E:5D:7C:E7:08:BA:9A:77:8D:79:E7:3A:6B:27:F8:97:E4:89

ValiditySat, 28 Jun 2025 21:49:55 GMT - Fri, 26 Sep 2025 21:49:54 GMT

Technology Fingerprints

Nginx:1.19.5 (Web servers, Reverse proxies)

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: kettledroopingcontinuation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/
Cookie: uid_id2=b8fde2c5-34d5-4738-a267-7f9be79cd404:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl20132884=1; slec1ff6363a986e7aa87f530defe2094722=[6073101]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 01 Aug 2025 23:00:22 GMT
Content-Length: 0
Connection: keep-alive
Host: kettledroopingcontinuation.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET loadedfiles.org/themes/spirit/assets/frontend/css/lightbox.min.css

195.230.23.84

200 OK

3.9 kB

URL GET HTTPS

loadedfiles.org/themes/spirit/assets/frontend/css/lightbox.min.css

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeASCII text, with CRLF line terminators

First Seen2023-04-11

Last Seen2025-08-10

Times Seen1833

Size3.9 kB (3889 bytes)

MD530265c8089a8f3e871d0873ef6a5b944

SHA12804a2fe5a6a956626ce6a46adf6b1a0676ee13d

SHA256f9f33dca7f9a5a735a0a03502993e0a092df81d820beb1ed4071e4611a9630ed

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

Apache HTTP Server (Web servers)

HTTP Headers

GET /themes/spirit/assets/frontend/css/lightbox.min.css HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=
Cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 15 Apr 2022 11:04:00 GMT
etag: "f31-5dcaf5e1e8800-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 924
content-type: text/css
date: Fri, 01 Aug 2025 23:00:19 GMT
server: Apache
X-Firefox-Spdy: h2

GET loadedfiles.org/themes/spirit/assets/frontend/css/iconsmind.css

195.230.23.84

200 OK

103 kB

URL GET HTTPS

loadedfiles.org/themes/spirit/assets/frontend/css/iconsmind.css

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeASCII text, with CRLF line terminators

First Seen2023-04-11

Last Seen2025-08-10

Times Seen1942

Size103 kB (102727 bytes)

MD5c9b1c618a7b12bd7ecf6034164b29164

SHA1f7a4a8bbc3aab1d7bb44659c40a8702f3aa56c99

SHA256fc190f724340fc20fd1d175f49c70e70f4acfdd9303ae4f68d9765a2a5958d9b

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

Apache HTTP Server (Web servers)

HTTP Headers

GET /themes/spirit/assets/frontend/css/iconsmind.css HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=
Cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 15 Apr 2022 11:04:00 GMT
etag: "19147-5dcaf5e1e8800-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 16131
content-type: text/css
date: Fri, 01 Aug 2025 23:00:19 GMT
server: Apache
X-Firefox-Spdy: h2

GET kettledroopingcontinuation.com/sbar.json?key=1ff6363a986e7aa87f530defe2094722&uuid=b8fde2c5-34d5-4738-a267-7f9be79cd404%3A3%3A1

192.243.61.227

200 OK

6.3 kB

URL GET HTTPS

kettledroopingcontinuation.com/sbar.json?key=1ff6363a986e7aa87f530defe2094722&uuid=b8fde2c5-34d5-4738-a267-7f9be79cd404%3A3%3A1

IP / ASN

192.243.61.227

#39572 DataWeb Global Group B.V.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeJSON text data

First Seen2025-08-01

Last Seen2025-08-01

Times Seen1

Size6.3 kB (6297 bytes)

MD5259a03de8b5cc8a0bd8accea0bf05fcc

SHA15ce63020857f551846f2aa825bf817a5894a71f1

SHA256a4d7a591ecec5a0be87f27afa3c8a467adf38c3210d5687c9b5810be34318ba0

Certificate Info

IssuerLet's Encrypt

Subjectkettledroopingcontinuation.com

Fingerprint38:55:0E:5D:7C:E7:08:BA:9A:77:8D:79:E7:3A:6B:27:F8:97:E4:89

ValiditySat, 28 Jun 2025 21:49:55 GMT - Fri, 26 Sep 2025 21:49:54 GMT

Technology Fingerprints

Nginx:1.21.6 (Web servers, Reverse proxies)

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=1ff6363a986e7aa87f530defe2094722&uuid=b8fde2c5-34d5-4738-a267-7f9be79cd404%3A3%3A1 HTTP/1.1
Host: kettledroopingcontinuation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://loadedfiles.org
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Aug 2025 23:00:20 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Access-Control-Allow-Origin: https://loadedfiles.org
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=b8fde2c5-34d5-4738-a267-7f9be79cd404:3:1; expires=Fri, 08 Aug 2025 23:00:20 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Sat, 02 Aug 2025 23:00:20 GMT; path=/; secure; SameSite=None
uncs=1; expires=Sat, 02 Aug 2025 23:00:20 GMT; path=/; secure; SameSite=None
pdhtkv29=true; expires=Sat, 02 Aug 2025 23:00:20 GMT; path=/; secure; SameSite=None
uncs29=1; expires=Sat, 02 Aug 2025 23:00:20 GMT; path=/; secure; SameSite=None
u_pl20132884=1; expires=Sat, 02 Aug 2025 23:00:20 GMT; path=/; secure; SameSite=None
slec1ff6363a986e7aa87f530defe2094722=[6073101]; expires=Fri, 01 Aug 2025 23:00:25 GMT; path=/; secure; SameSite=None
Host: kettledroopingcontinuation.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: d727b0867d7907c71e0a40c0d6d226cf
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET loadedfiles.org/themes/spirit/assets/frontend/css/cookiealert.css

195.230.23.84

200 OK

12 kB

URL GET HTTPS

loadedfiles.org/themes/spirit/assets/frontend/css/cookiealert.css

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeASCII text, with very long lines (11486), with CRLF line terminators

First Seen2023-04-05

Last Seen2025-08-09

Times Seen2669

Size12 kB (12369 bytes)

MD53d2946aeae3cc8f43e2acf82ea029bd4

SHA1c25a0bd445ff9e6034d34e8f388f5565515a2783

SHA256705d9fc8952ac3bf3d9300e3d9ea6753284cdd920c34be0213ec8bc862df7a28

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

Apache HTTP Server (Web servers)

HTTP Headers

GET /themes/spirit/assets/frontend/css/cookiealert.css HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=
Cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 15 Apr 2022 11:04:00 GMT
etag: "3051-5dcaf5e1e8800-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8885
content-type: text/css
date: Fri, 01 Aug 2025 23:00:19 GMT
server: Apache
X-Firefox-Spdy: h2

GET loadedfiles.org/themes/spirit/assets/frontend/js/flickity.min.js

195.230.23.84

200 OK

54 kB

URL GET HTTPS

loadedfiles.org/themes/spirit/assets/frontend/js/flickity.min.js

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeJavaScript source, ASCII text, with very long lines (32032), with CRLF line terminators

First Seen2023-03-07

Last Seen2025-08-10

Times Seen2230

Size54 kB (53873 bytes)

MD58c1e666176ac7bdce67d58b45823ffac

SHA175947e4316427ce0c5e33300aeb4dc4d7d54dd09

SHA256c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

Apache HTTP Server (Web servers)

HTTP Headers

GET /themes/spirit/assets/frontend/js/flickity.min.js HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=
Cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 15 Apr 2022 11:04:00 GMT
etag: "d271-5dcaf5e1e8800-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 13504
content-type: text/javascript
date: Fri, 01 Aug 2025 23:00:19 GMT
server: Apache
X-Firefox-Spdy: h2

GET kettledroopingcontinuation.com/ren.gif?sid=H4sIAAAAAAAC_1RSMW8cRRSetd0hFAERBRLSFRQg8Hlvd2_vlhQRTuLIwthWEuQCmtmd2fPkZneWmd3b81UWllAapEtHuf7OjgUJCHqQ0JnOElKOykXc8BOQ0tCgs0868or33jffjPS97803h8UFcVHQ8-3P1EBISVeadbv2_o5ImSpNbfNBrWHX7Ru1HZH63o1af5p07-OG69XtD2p3edRVK47dsO2G3aitCc1j1V-5ZCGyZ0GjHth1z6k3mh76-lVsCguGWmC9C_ImBJtc-zv-AiIaI01-vs1NN1fZR3eSQtJcafTYyedpN1VlimTextpCnJ7MbkOZCSHfLUClJ7MJoHpH0wkQiglZePsFwvRkJhNh7_hKaSjBU4TsNZS9MbgcQ9AxInUAwZ4TIGLY3EKaPNlUuqR7VyydshOy9PIfiHJCll5cR5r8tCpFv3ZfySIXKjXoxxVEfwzRGSMrTpEPFiDKU0T51xDsT7LycgNpcrRlpIJg5--F7ZhxJ2ouux5rLnstt71MHb-13IqDkLeCiHm2d2mRiMegZhGFsVAIC0VsocgsJOy85tltL2pQ148DFrVsj3oe46EdtB3bpkHUQhFNtQ-RZ0NEcohI7yPT--iKIXTxO8xuBcMsmJygxyqUnKA0BCUlKAVBmROUveqYSeOY6gmTpggbs-rMqluNVN45pMcq7_CUgOohNKuORPaVOUCUL44GsWEjNU00zKsRDVl1mF2QN6a2Wq53HV1-XmvEse_6Lg3aPm9R2m7FTddmPOaOHXgtx4ERFYRZADUWBmJCPrx2C5mYkCX_DkJ6CiNPEQkLtHgXtKxAdysM0h-TveAh1SrqmnoZg6kKWb6EfM86lBfkncvNfvn0dfDo7OapexmIdIVMV3go_iDoyEeje6okR_dUacgvW1kuEjGg063fz2nOF3_4lO-VSrP122b4_SfRlJi2zx5wk2_QlIm0Y8jTVcEY12tKR5z8tm52eLhdmN3VQqdFtrF9a209yTQ3Rqh0DCqe1x8jEhPyVuffy__sJb9C6DF0USEpzsgsEGX7MNkcG0Wg5RyHmYWyqEbaCeeHUhBIPsc0rGD-h8N5P9J0-pqK6tA8QkdboPkB0qRCT1foyQpUDmGKxVGe6bObf80MDKU1CqW2jkKp5eMrg404rzWd0PXbbZ_HPotd5jouC5o2Dzwa-F7gNZGbye63d5f-CwAA___F24T7rQQAAA==

192.243.61.227

200 OK

0 B

URL GET HTTPS

kettledroopingcontinuation.com/ren.gif?sid=H4sIAAAAAAAC_1RSMW8cRRSetd0hFAERBRLSFRQg8Hlvd2_vlhQRTuLIwthWEuQCmtmd2fPkZneWmd3b81UWllAapEtHuf7OjgUJCHqQ0JnOElKOykXc8BOQ0tCgs0868or33jffjPS97803h8UFcVHQ8-3P1EBISVeadbv2_o5ImSpNbfNBrWHX7Ru1HZH63o1af5p07-OG69XtD2p3edRVK47dsO2G3aitCc1j1V-5ZCGyZ0GjHth1z6k3mh76-lVsCguGWmC9C_ImBJtc-zv-AiIaI01-vs1NN1fZR3eSQtJcafTYyedpN1VlimTextpCnJ7MbkOZCSHfLUClJ7MJoHpH0wkQiglZePsFwvRkJhNh7_hKaSjBU4TsNZS9MbgcQ9AxInUAwZ4TIGLY3EKaPNlUuqR7VyydshOy9PIfiHJCll5cR5r8tCpFv3ZfySIXKjXoxxVEfwzRGSMrTpEPFiDKU0T51xDsT7LycgNpcrRlpIJg5--F7ZhxJ2ouux5rLnstt71MHb-13IqDkLeCiHm2d2mRiMegZhGFsVAIC0VsocgsJOy85tltL2pQ148DFrVsj3oe46EdtB3bpkHUQhFNtQ-RZ0NEcohI7yPT--iKIXTxO8xuBcMsmJygxyqUnKA0BCUlKAVBmROUveqYSeOY6gmTpggbs-rMqluNVN45pMcq7_CUgOohNKuORPaVOUCUL44GsWEjNU00zKsRDVl1mF2QN6a2Wq53HV1-XmvEse_6Lg3aPm9R2m7FTddmPOaOHXgtx4ERFYRZADUWBmJCPrx2C5mYkCX_DkJ6CiNPEQkLtHgXtKxAdysM0h-TveAh1SrqmnoZg6kKWb6EfM86lBfkncvNfvn0dfDo7OapexmIdIVMV3go_iDoyEeje6okR_dUacgvW1kuEjGg063fz2nOF3_4lO-VSrP122b4_SfRlJi2zx5wk2_QlIm0Y8jTVcEY12tKR5z8tm52eLhdmN3VQqdFtrF9a209yTQ3Rqh0DCqe1x8jEhPyVuffy__sJb9C6DF0USEpzsgsEGX7MNkcG0Wg5RyHmYWyqEbaCeeHUhBIPsc0rGD-h8N5P9J0-pqK6tA8QkdboPkB0qRCT1foyQpUDmGKxVGe6bObf80MDKU1CqW2jkKp5eMrg404rzWd0PXbbZ_HPotd5jouC5o2Dzwa-F7gNZGbye63d5f-CwAA___F24T7rQQAAA==

IP / ASN

192.243.61.227

#39572 DataWeb Global Group B.V.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-10

Times Seen5753523

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerLet's Encrypt

Subjectkettledroopingcontinuation.com

Fingerprint38:55:0E:5D:7C:E7:08:BA:9A:77:8D:79:E7:3A:6B:27:F8:97:E4:89

ValiditySat, 28 Jun 2025 21:49:55 GMT - Fri, 26 Sep 2025 21:49:54 GMT

Technology Fingerprints

Nginx:1.21.6 (Web servers, Reverse proxies)

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC_1RSMW8cRRSetd0hFAERBRLSFRQg8Hlvd2_vlhQRTuLIwthWEuQCmtmd2fPkZneWmd3b81UWllAapEtHuf7OjgUJCHqQ0JnOElKOykXc8BOQ0tCgs0868or33jffjPS97803h8UFcVHQ8-3P1EBISVeadbv2_o5ImSpNbfNBrWHX7Ru1HZH63o1af5p07-OG69XtD2p3edRVK47dsO2G3aitCc1j1V-5ZCGyZ0GjHth1z6k3mh76-lVsCguGWmC9C_ImBJtc-zv-AiIaI01-vs1NN1fZR3eSQtJcafTYyedpN1VlimTextpCnJ7MbkOZCSHfLUClJ7MJoHpH0wkQiglZePsFwvRkJhNh7_hKaSjBU4TsNZS9MbgcQ9AxInUAwZ4TIGLY3EKaPNlUuqR7VyydshOy9PIfiHJCll5cR5r8tCpFv3ZfySIXKjXoxxVEfwzRGSMrTpEPFiDKU0T51xDsT7LycgNpcrRlpIJg5--F7ZhxJ2ouux5rLnstt71MHb-13IqDkLeCiHm2d2mRiMegZhGFsVAIC0VsocgsJOy85tltL2pQ148DFrVsj3oe46EdtB3bpkHUQhFNtQ-RZ0NEcohI7yPT--iKIXTxO8xuBcMsmJygxyqUnKA0BCUlKAVBmROUveqYSeOY6gmTpggbs-rMqluNVN45pMcq7_CUgOohNKuORPaVOUCUL44GsWEjNU00zKsRDVl1mF2QN6a2Wq53HV1-XmvEse_6Lg3aPm9R2m7FTddmPOaOHXgtx4ERFYRZADUWBmJCPrx2C5mYkCX_DkJ6CiNPEQkLtHgXtKxAdysM0h-TveAh1SrqmnoZg6kKWb6EfM86lBfkncvNfvn0dfDo7OapexmIdIVMV3go_iDoyEeje6okR_dUacgvW1kuEjGg063fz2nOF3_4lO-VSrP122b4_SfRlJi2zx5wk2_QlIm0Y8jTVcEY12tKR5z8tm52eLhdmN3VQqdFtrF9a209yTQ3Rqh0DCqe1x8jEhPyVuffy__sJb9C6DF0USEpzsgsEGX7MNkcG0Wg5RyHmYWyqEbaCeeHUhBIPsc0rGD-h8N5P9J0-pqK6tA8QkdboPkB0qRCT1foyQpUDmGKxVGe6bObf80MDKU1CqW2jkKp5eMrg404rzWd0PXbbZ_HPotd5jouC5o2Dzwa-F7gNZGbye63d5f-CwAA___F24T7rQQAAA== HTTP/1.1
Host: kettledroopingcontinuation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/
Cookie: uid_id2=b8fde2c5-34d5-4738-a267-7f9be79cd404:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl20132884=1; slec1ff6363a986e7aa87f530defe2094722=[6073101]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Aug 2025 23:00:21 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
Access-Control-Allow-Origin: *
Vary: Origin
Access-Control-Allow-Credentials: true
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: kettledroopingcontinuation.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: f234d519488cd6cc4958c64b98896866
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET cdn.creative-sb1.com/sb/ssp/interstitial/background_image/1/js/jquery-3.2.1.min.js

104.21.64.1

200 OK

130 kB

URL GET HTTPS

cdn.creative-sb1.com/sb/ssp/interstitial/background_image/1/js/jquery-3.2.1.min.js

IP / ASN

104.21.64.1

#13335 CLOUDFLARENET

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeJavaScript source, ASCII text, with very long lines (745)

First Seen2023-03-08

Last Seen2025-08-10

Times Seen180

Size130 kB (129575 bytes)

MD5e59a2e92b4756cc61e2e4f3082ee1360

SHA1c96d002f642bd85adf1e5326bcc0679f9c3ee001

SHA25642173a3ca70c715370ce99071f892ad61d3fee33dbf15426fa7eee549a4afca2

Certificate Info

IssuerGoogle Trust Services

Subjectcreative-sb1.com

FingerprintCD:76:E0:2A:28:09:08:24:2D:4C:A1:14:B2:AE:6C:39:A4:CC:2F:6B

ValidityTue, 01 Jul 2025 14:01:22 GMT - Mon, 29 Sep 2025 14:59:36 GMT

Technology Fingerprints

Cloudflare (CDN)

HTTP Headers

GET /sb/ssp/interstitial/background_image/1/js/jquery-3.2.1.min.js HTTP/1.1
Host: cdn.creative-sb1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Aug 2025 23:00:21 GMT
content-type: application/javascript
server: cloudflare
last-modified: Mon, 09 Oct 2023 10:29:55 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=mToO00mEn6Ey9a7EL12FOtmwgFJWj2mORp1r9xFtfzZ264iTpm2hCDvoDJt1vPlMzTKlmmtctJrm5mYp6qaeGWdlrRHIoOWAUmnqkc21HEDB5Q%3D%3D"}]}
age: 246603
cf-cache-status: HIT
etag: W/"6523d623-1fa27"
content-encoding: br
cf-ray: 9688f3828e5c5690-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET weirdopt.com/ad/advertisers.js

185.196.197.71

200 OK

0 B

URL GET HTTPS

weirdopt.com/ad/advertisers.js

IP / ASN

185.196.197.71

#39572 DataWeb Global Group B.V.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-10

Times Seen5753523

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerLet's Encrypt

Subjectweirdopt.com

Fingerprint1A:27:71:C0:8E:44:D4:6B:F5:AA:49:F0:F1:AF:E5:5F:30:23:A4:D4

ValidityTue, 01 Jul 2025 15:18:37 GMT - Mon, 29 Sep 2025 15:18:36 GMT

Technology Fingerprints

Nginx:1.21.6 (Web servers, Reverse proxies)

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ad/advertisers.js HTTP/1.1
Host: weirdopt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Aug 2025 23:00:19 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 72524d9927f25f10669129d7253f17cd
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET cdn.creative-sb1.com/sb/ssp/interstitial/background_image/1/img/close.svg

104.21.64.1

200 OK

1.3 kB

URL GET HTTPS

cdn.creative-sb1.com/sb/ssp/interstitial/background_image/1/img/close.svg

IP / ASN

104.21.64.1

#13335 CLOUDFLARENET

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeSVG Scalable Vector Graphics image

First Seen2023-04-07

Last Seen2025-08-10

Times Seen2130

Size1.3 kB (1279 bytes)

MD5369850b9873659adf0951d845f57dba1

SHA1a64257186daa33b6b318943a457b6cf8d80b26b6

SHA2569630c142a8c074cc1809ebf4109538cf29cc0baeb6c27726191f1cf5376e2e21

Certificate Info

IssuerGoogle Trust Services

Subjectcreative-sb1.com

FingerprintCD:76:E0:2A:28:09:08:24:2D:4C:A1:14:B2:AE:6C:39:A4:CC:2F:6B

ValidityTue, 01 Jul 2025 14:01:22 GMT - Mon, 29 Sep 2025 14:59:36 GMT

Technology Fingerprints

Cloudflare (CDN)

HTTP Headers

GET /sb/ssp/interstitial/background_image/1/img/close.svg HTTP/1.1
Host: cdn.creative-sb1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Aug 2025 23:00:21 GMT
content-type: image/svg+xml
server: cloudflare
last-modified: Mon, 09 Oct 2023 10:29:53 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=wdGQtqFipSdtE3y%2BizHvDneGb%2BwzzhK4BviddzKUQRIvBPSxe3P2LazOJvtML66%2F7C6BgHsMsCuW%2FiwUNjqSCFX4moo8PIgSfHd0xMP2ZmJMhA%3D%3D"}]}
age: 232210
cf-cache-status: HIT
etag: W/"6523d621-4ff"
content-encoding: br
cf-ray: 9688f3827e4c5690-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdn.storageimagedisplay.com/si/0e/a4/c3/0ea4c3edf7f201773853eb1d1f8a0ecf25c5fb6a7994516dc19f6499ec4d90a0.png

45.133.44.1

200 OK

123 kB

URL GET HTTPS

cdn.storageimagedisplay.com/si/0e/a4/c3/0ea4c3edf7f201773853eb1d1f8a0ecf25c5fb6a7994516dc19f6499ec4d90a0.png

IP / ASN

45.133.44.1

#39572 DataWeb Global Group B.V.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x400, components 3

First Seen2025-07-24

Last Seen2025-08-10

Times Seen100

Size123 kB (123127 bytes)

MD55f98e58819eb88d27bd1233c2cb6acb9

SHA1204f00828e916757824e138952dd087e560965f4

SHA25682b35b44d3c80d3fe9d3d1a2fd39eb84ee6044437bf482418ab81e66ccf1bd69

Certificate Info

IssuerLet's Encrypt

Subjectcdn.storageimagedisplay.com

Fingerprint06:D8:07:0F:AB:BF:D8:7F:C5:38:82:AC:A7:8A:20:4D:83:6C:EA:C9

ValidityThu, 10 Jul 2025 02:33:11 GMT - Wed, 08 Oct 2025 02:33:10 GMT

Technology Fingerprints

Nginx:1.21.6 (Web servers, Reverse proxies)

HTTP Headers

GET /si/0e/a4/c3/0ea4c3edf7f201773853eb1d1f8a0ecf25c5fb6a7994516dc19f6499ec4d90a0.png HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Aug 2025 23:00:21 GMT
content-type: image/png
content-length: 123127
server: nginx/1.21.6
last-modified: Sat, 19 Jul 2025 15:26:10 GMT
etag: "687bb912-1e0f7"
expires: Sun, 03 Aug 2025 23:00:21 GMT
cache-control: max-age=172800
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET loadedfiles.org/themes/spirit/assets/frontend/js/jquery.steps.min.js

195.230.23.84

200 OK

14 kB

URL GET HTTPS

loadedfiles.org/themes/spirit/assets/frontend/js/jquery.steps.min.js

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeJavaScript source, ASCII text, with very long lines (13686), with CRLF line terminators

First Seen2023-03-07

Last Seen2025-08-10

Times Seen2249

Size14 kB (13862 bytes)

MD50eef6fe46d14f860d5666d2c7b13a564

SHA17ab5f7deaca2f71efbc3bf9f5ba27b89d4697dbe

SHA25695a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

Apache HTTP Server (Web servers)

HTTP Headers

GET /themes/spirit/assets/frontend/js/jquery.steps.min.js HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=
Cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 15 Apr 2022 11:04:00 GMT
etag: "3626-5dcaf5e1e8800-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4921
content-type: text/javascript
date: Fri, 01 Aug 2025 23:00:19 GMT
server: Apache
X-Firefox-Spdy: h2

GET loadedfiles.org/dwn.gif

195.230.23.84

404 Not Found

13 kB

URL GET HTTPS

loadedfiles.org/dwn.gif

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeHTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators

First Seen2025-08-01

Last Seen2025-08-01

Times Seen1

Size13 kB (12971 bytes)

MD5644a88c2f222f4a2f990ace033ca0d09

SHA160c8fe6526d83f8490939333a48cd8fba0ef0590

SHA256d967f3a36b6eef7945a2cab51bd296714bb67d6765efae121e9a357d1a121d3b

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

Apache HTTP Server (Web servers)

HTTP Headers

GET /dwn.gif HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=
Cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, no-cache, private
pragma: no-cache
access-control-allow-origin: https://loadedfiles.org
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description
access-control-allow-credentials: true
date: Fri, 01 Aug 2025 23:00:19 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2656
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2

GET besideunderstatement.com/1f/f6/36/1ff6363a986e7aa87f530defe2094722.js

172.240.108.68

200 OK

30 kB

URL GET HTTPS

besideunderstatement.com/1f/f6/36/1ff6363a986e7aa87f530defe2094722.js

IP / ASN

172.240.108.68

#7979 SERVERS-COM

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeJavaScript source, ASCII text, with very long lines (30170), with no line terminators

First Seen2025-08-01

Last Seen2025-08-01

Times Seen1

Size30 kB (30170 bytes)

MD500906cec04464bc2b5dd3d9d76794ce3

SHA1e03c238f86dfad2e58afdafa61ca72b2fc1592ef

SHA256a9796c566ea7881009781486998fe78ff0fe9b16e1352e7107d120b59a5552f2

Certificate Info

IssuerLet's Encrypt

Subjectbesideunderstatement.com

Fingerprint70:98:D5:46:9C:64:3E:4B:0F:17:49:0A:8C:E0:83:D2:F7:F9:81:72

ValiditySun, 08 Jun 2025 20:44:49 GMT - Sat, 06 Sep 2025 20:44:48 GMT

Technology Fingerprints

Envoy (Reverse proxies)

Nginx:1.21.6 (Web servers, Reverse proxies)

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1f/f6/36/1ff6363a986e7aa87f530defe2094722.js HTTP/1.1
Host: besideunderstatement.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Aug 2025 23:00:19 GMT
Content-Type: application/javascript
Content-Length: 11500
Connection: keep-alive
content-encoding: gzip
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 2
Host: besideunderstatement.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 2e1c3859716bac162ff854b42b08fbb9
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET loadedfiles.org/themes/spirit/assets/frontend/css/font-awesome.min.css

195.230.23.84

200 OK

59 kB

URL GET HTTPS

loadedfiles.org/themes/spirit/assets/frontend/css/font-awesome.min.css

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeASCII text, with very long lines (58929), with CRLF line terminators

First Seen2023-04-11

Last Seen2025-08-10

Times Seen2194

Size59 kB (59119 bytes)

MD5879812fc22af75aa3ae7b5666ca4f4b8

SHA1df27469a952b7ee36cc03db471c6198f577186a8

SHA256c5d7f0d9e646698b20734ce6dcc2c0a8ecf6ebe27b4b7625bfcf42c4416fb7ed

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

Apache HTTP Server (Web servers)

HTTP Headers

GET /themes/spirit/assets/frontend/css/font-awesome.min.css HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=
Cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 15 Apr 2022 11:04:00 GMT
etag: "e6ef-5dcaf5e1e8800-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12774
content-type: text/css
date: Fri, 01 Aug 2025 23:00:19 GMT
server: Apache
X-Firefox-Spdy: h2

GET loadedfiles.org/themes/spirit/assets/frontend/js/datepicker.js

195.230.23.84

200 OK

21 kB

URL GET HTTPS

loadedfiles.org/themes/spirit/assets/frontend/js/datepicker.js

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeJavaScript source, ASCII text, with very long lines (12692), with CRLF line terminators

First Seen2023-03-07

Last Seen2025-08-10

Times Seen4319

Size21 kB (20975 bytes)

MD58cfe207a6a21c7495cfb751c761217a6

SHA135d686a6c4ecc9946c35444ce93e110cb0e1611c

SHA256804e3c2608de23694fa71684178e2f9815115d56ee022ec770e1fcb208847acc

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

Apache HTTP Server (Web servers)

HTTP Headers

GET /themes/spirit/assets/frontend/js/datepicker.js HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=
Cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 15 Apr 2022 11:04:00 GMT
etag: "51ef-5dcaf5e1e8800-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7392
content-type: text/javascript
date: Fri, 01 Aug 2025 23:00:19 GMT
server: Apache
X-Firefox-Spdy: h2

GET oy.archeusdungs.com/1clkn/70008

23.109.170.60

200 OK

6 B

URL GET HTTPS

oy.archeusdungs.com/1clkn/70008

IP / ASN

23.109.170.60

#7979 SERVERS-COM

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeASCII text, with no line terminators

First Seen2023-03-07

Last Seen2025-08-10

Times Seen13800

Size6 B (6 bytes)

MD59082dc37e5e8046929da411544ad071a

SHA141e0e3963ed94e59e8a2f115994c382712411537

SHA256b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Certificate Info

IssuerLet's Encrypt

Subjectoy.archeusdungs.com

FingerprintFD:68:79:92:83:AB:73:3A:F6:53:74:07:61:55:D4:DC:94:20:A2:8A

ValiditySun, 13 Jul 2025 07:38:32 GMT - Sat, 11 Oct 2025 07:38:31 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1clkn/70008 HTTP/1.1
Host: oy.archeusdungs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 01 Aug 2025 23:00:19 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2BWdcFnYQDeASKQHj1xSv4SAr9g3Wh3ZQKensbE32bTH6T8TwvKB7g78kZ4Sdv8MRY13Z1U3VlPXa8GoaubZtyaLqSVc00NbiTW2%2F5sJCNcNpWbmxv9wiXmRQZOfajFpTh0am%2F5qr0oSLEg%2BFKZIhXJ5YM6WD0sZEpQkSKr4T0VRqa9JcT%2FEMbhOy5dlkql%2F0Sgd6KMD8jfZNKuGV%2BQcDKPE883N8Wbidt1l6KxEc8Gy4I%2FgtOI7c0a%2FONVNB2tfoG6EX0%2F%2F73ODxYiUTQLkdCrO07mR%2B4dk3m; expires=Sat, 02-Aug-2025 23:00:19 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjA9l6BadnCbbYMXXgFZhEDwxyZGfu5%2B2zxLp5XKcVpAjYTkrrM6yKvDnl5qkBPcNuBRwfdin8PX5AHF0ewd9h0wUrWyOzi8kes%2FgYZbM%2FWfLJe7ByNuABeWjfDzT72l%2F4KmjSBo2gGh3uqQC%2B9%2BwFe7x3U; expires=Sat, 02-Aug-2025 23:00:19 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET fonts.googleapis.com/icon?family=Material+Icons

142.250.74.10

200 OK

565 B

URL GET HTTPS

fonts.googleapis.com/icon?family=Material+Icons

IP / ASN

142.250.74.10

#15169 GOOGLE

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeASCII text

First Seen2025-01-17

Last Seen2025-08-10

Times Seen10903

Size565 B (565 bytes)

MD5736c83e15fc300de505f6ce9762a9396

SHA131c0f11ada78e92970ff42d990116d77c169c6d7

SHA256c31266310101d0b1607937a7baf07f1601b7637bd2373176696488a07d7b4302

Certificate Info

IssuerGoogle Trust Services

Subjectupload.video.google.com

FingerprintDF:A1:DB:1F:BC:5E:31:D7:F8:FE:26:E3:B9:B3:02:98:B1:C8:50:EC

ValidityMon, 07 Jul 2025 08:35:11 GMT - Mon, 29 Sep 2025 08:35:10 GMT

Technology Fingerprints

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 01 Aug 2025 23:00:19 GMT
date: Fri, 01 Aug 2025 23:00:19 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET loadedfiles.org/themes/spirit/assets/frontend/css/theme.css

195.230.23.84

200 OK

207 kB

URL GET HTTPS

loadedfiles.org/themes/spirit/assets/frontend/css/theme.css

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeassembler source, ASCII text, with CRLF line terminators

First Seen2024-10-17

Last Seen2025-08-01

Times Seen155

Size207 kB (206626 bytes)

MD587981b3f15f39f65197856273cf93624

SHA127e914e726d688240139e18a8c54c0d72f5683fb

SHA256007cfd8d83e35df667e32e3de7586daf621f3a85845327f7510627a1873491d8

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

Apache HTTP Server (Web servers)

HTTP Headers

GET /themes/spirit/assets/frontend/css/theme.css HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=
Cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 21 Jun 2024 10:54:40 GMT
etag: "32722-61b64421adc00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 30734
content-type: text/css
date: Fri, 01 Aug 2025 23:00:19 GMT
server: Apache
X-Firefox-Spdy: h2

GET loadedfiles.org/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png

195.230.23.84

200 OK

5.0 kB

URL GET HTTPS

loadedfiles.org/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced

First Seen2023-05-01

Last Seen2025-08-09

Times Seen970

Size5.0 kB (5016 bytes)

MD5a9a8c24cea41bed7ef78ed1d12d48291

SHA1cd86d71e15b97ab602e0e39bb6e9bbaf6779f4d7

SHA2563b379c83d1c0b117cec88debed9390723daffc2fb99cf51cc2175c47169d190e

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

Apache HTTP Server (Web servers)

HTTP Headers

GET /themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=
Cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe; _ga_HD48XQQR2V=GS2.1.s1754089220$o1$g0$t1754089220$j60$l0$h0; _ga=GA1.1.1263307868.1754089220
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 15 Apr 2022 11:04:00 GMT
etag: "1398-5dcaf5e1e8800"
accept-ranges: bytes
content-length: 5016
content-type: image/png
date: Fri, 01 Aug 2025 23:00:20 GMT
server: Apache
X-Firefox-Spdy: h2

GET push-sdk.com/f/sdk.js?z=1670726

157.90.33.72

200 OK

55 kB

URL GET HTTPS

push-sdk.com/f/sdk.js?z=1670726

IP / ASN

157.90.33.72

#24940 Hetzner Online GmbH

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (54745), with no line terminators

First Seen2025-04-01

Last Seen2025-08-10

Times Seen400

Size55 kB (54787 bytes)

MD5f4d87b22393ed5eef57d01d86c6a88f6

SHA15e1aaee78cd735c23cc423fc863decca30aee219

SHA25691cf9b34af48f3b62d706127b1140c89d8bb3a5455120acd2cfcfc41ab4ad5ee

Certificate Info

IssuerLet's Encrypt

Subjectpush-sdk.com

Fingerprint2E:9A:67:76:0E:42:81:D5:30:A2:76:47:85:CA:6C:D7:FD:FF:38:9C

ValidityThu, 05 Jun 2025 03:47:05 GMT - Wed, 03 Sep 2025 03:47:04 GMT

Technology Fingerprints

Angie (Web servers)

C (Programming languages)

Perl (Programming languages)

HTTP Headers

GET /f/sdk.js?z=1670726 HTTP/1.1
Host: push-sdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Angie
date: Fri, 01 Aug 2025 23:00:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 15242
content-encoding: gzip
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate
vary: Accept-Encoding
X-Firefox-Spdy: h2

GET loadedfiles.org/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631

195.230.23.84

200 OK

4.3 kB

URL GET HTTPS

loadedfiles.org/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeWeb Open Font Format (Version 2), TrueType, length 4292, version 1.0

First Seen2023-04-20

Last Seen2025-08-10

Times Seen4931

Size4.3 kB (4292 bytes)

MD5ae072782b361d2afdbf43db08d3cfb73

SHA1f3db2e65b53d97491672f8631e21d6d05905cc88

SHA25631205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

Apache HTTP Server (Web servers)

HTTP Headers

GET /themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631 HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/themes/spirit/assets/frontend/css/stack-interface.css
Cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 15 Apr 2022 11:04:00 GMT
etag: "10c4-5dcaf5e1e8800"
accept-ranges: bytes
content-length: 4292
vary: Accept-Encoding
content-type: font/woff2
date: Fri, 01 Aug 2025 23:00:19 GMT
server: Apache
X-Firefox-Spdy: h2

GET cdn.creative-sb1.com/sb/ssp/interstitial/background_image/1/css/animate.css

104.21.64.1

200 OK

79 kB

URL GET HTTPS

cdn.creative-sb1.com/sb/ssp/interstitial/background_image/1/css/animate.css

IP / ASN

104.21.64.1

#13335 CLOUDFLARENET

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeASCII text

First Seen2023-04-05

Last Seen2025-08-10

Times Seen2568

Size79 kB (79249 bytes)

MD5e1d8acd5ee9d1a90ea09313cbd8f2b02

SHA18a8327b115d1356715e63270d1ce6d46124c7b1a

SHA2563028c87fc798ac3741f02079034e6c23462afc0c5e6c8d321188ce3716c8472a

Certificate Info

IssuerGoogle Trust Services

Subjectcreative-sb1.com

FingerprintCD:76:E0:2A:28:09:08:24:2D:4C:A1:14:B2:AE:6C:39:A4:CC:2F:6B

ValidityTue, 01 Jul 2025 14:01:22 GMT - Mon, 29 Sep 2025 14:59:36 GMT

Technology Fingerprints

Cloudflare (CDN)

HTTP Headers

GET /sb/ssp/interstitial/background_image/1/css/animate.css HTTP/1.1
Host: cdn.creative-sb1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://loadedfiles.org
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Aug 2025 23:00:21 GMT
content-type: text/css
server: cloudflare
last-modified: Mon, 09 Oct 2023 10:29:56 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"6523d624-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
age: 11198
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=P71ZhOJbErPWtG0M%2Bhq8nsJVBeg9GojeqXmarmgQV9z2DfCflp2wMpBeHI8eDBtUuw3MgRZQHD5TzF%2FBI8MkSg1bQ7%2FY9jYCIuEMqUNfMvhwig%3D%3D"}]}
cf-ray: 9688f381dda55690-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.10

200 OK

17 kB

URL GET HTTPS

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

IP / ASN

142.250.74.10

#15169 GOOGLE

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeASCII text, with very long lines (1572)

First Seen2025-06-02

Last Seen2025-08-10

Times Seen2713

Size17 kB (16755 bytes)

MD5e9d2e14beb088f37fae98294940a9dcd

SHA11dafc3c55550249c8c2d782d5616c7b445c8e005

SHA256f2e491cc46d3fcba81f729065d622bd722751d4a2e7f80b479aa64a92c17b5c7

Certificate Info

IssuerGoogle Trust Services

Subjectupload.video.google.com

FingerprintDF:A1:DB:1F:BC:5E:31:D7:F8:FE:26:E3:B9:B3:02:98:B1:C8:50:EC

ValidityMon, 07 Jul 2025 08:35:11 GMT - Mon, 29 Sep 2025 08:35:10 GMT

Technology Fingerprints

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 01 Aug 2025 23:00:21 GMT
date: Fri, 01 Aug 2025 23:00:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET kettledroopingcontinuation.com/impr.gif?sid=H4sIAAAAAAAC_1RSvW8cxRuetd399FMERBRISFdQgMDn_bovUkTkUxHGtpIgF9DMzsyeJze7s8zs3p6vsrCE0iBdOsr1c3YsSEDQg4TOdJaQclQu4oY_ASkNDTr7pIO3eN_3mWdGet7nna8OinMSoKBnW5_ooVSKrjXqbu3dbZlyXdraxsOa59bda7VtmTbDa7XBLJn-h14Q1t33ancF6-k13_Vc13O92h1pRKwHaxcsZPa849U7bj30614jxMD8F9vCgaUOeP-cvA7Jp1f-jD-DZBOkyY-3hO3lOvvgdlIommuDPj_-NO2lukyRLNrYOIjT4_ltaDsl5Jsl6PR4PgF0_3A2ASI5JUtvvkSUHs9lIuofXSqNFESKiP8PZX8CoSaQdAKm9yH5CwIwjo1NpMnTDW1KunvJ0hk7JSuv_oIsp2Tl5VWkyQ83lBzUHmhV5FKnFoO4ghxMILsTZMUJ8uESZHkCln8JyX8na6_WkSaHm1ZpSH72TtSOufBZYzUIeWM1bAXtVeo3W6utuBOJVofx0A0vLJLxBNQuo7AOCumgiB0UmYOEn9VCtx0yjwbNuMNZyw1pGHIRuZ2277q0w1oo2Ez7CHk2AlMjMLOHzOyhJ0cwxa-wOxUsd2Bzgj6vUAqC0hKUlKCUBGVOUParI66sb6unXNki8ubVn9egGuu8e0CPdN4VKQE1IxheHcrsC7sPli-Ph7HlYz1LNMqrMY14dZCdk9dmtjpBeBU9cVbz4rgZNAPaaTdFi9J2K24ELhex8N1O2PJ9WFlB2iVQ62Aop-T9KzeRySlZad5GRE9g1QmYdECLt0HLCnSnwjD9PtntPKJGs56tlzG4rpDlK8h3nQN1Tt662Oznz_4PwU6vnwQXAWYqZKbCI_kbQVc9Ht_XJTm8r0tLftrMcpnIIZ1t_UFOc7H83cdit9SG37tlR99-xGbErH3-UNh8naZcpl1Lnt2QnAtzRxsmyC_37LaItgq7c6MwaZGtb928cy_JjLBW6nQCKl_Un4DJKXmj-_fFfw6TnyHNBKaokBSnZB5g2R5stsBWExi1wFHmoCyqsfGjxaGSBEosMI0q2H_haNGPDZ29prI6sI_RNQ5ovo80qdA3FfqqAlUj2GJ5nGfm9PofcwMj5YwjZZzDSBn15NJgK89qcSB85rrtVtML2rHwgpCzuNEOO7xJ3SAQyO105-u7K_8EAAD__zmzFCWtBAAA

192.243.61.227

200 OK

0 B

URL GET HTTPS

kettledroopingcontinuation.com/impr.gif?sid=H4sIAAAAAAAC_1RSvW8cxRuetd399FMERBRISFdQgMDn_bovUkTkUxHGtpIgF9DMzsyeJze7s8zs3p6vsrCE0iBdOsr1c3YsSEDQg4TOdJaQclQu4oY_ASkNDTr7pIO3eN_3mWdGet7nna8OinMSoKBnW5_ooVSKrjXqbu3dbZlyXdraxsOa59bda7VtmTbDa7XBLJn-h14Q1t33ancF6-k13_Vc13O92h1pRKwHaxcsZPa849U7bj30614jxMD8F9vCgaUOeP-cvA7Jp1f-jD-DZBOkyY-3hO3lOvvgdlIommuDPj_-NO2lukyRLNrYOIjT4_ltaDsl5Jsl6PR4PgF0_3A2ASI5JUtvvkSUHs9lIuofXSqNFESKiP8PZX8CoSaQdAKm9yH5CwIwjo1NpMnTDW1KunvJ0hk7JSuv_oIsp2Tl5VWkyQ83lBzUHmhV5FKnFoO4ghxMILsTZMUJ8uESZHkCln8JyX8na6_WkSaHm1ZpSH72TtSOufBZYzUIeWM1bAXtVeo3W6utuBOJVofx0A0vLJLxBNQuo7AOCumgiB0UmYOEn9VCtx0yjwbNuMNZyw1pGHIRuZ2277q0w1oo2Ez7CHk2AlMjMLOHzOyhJ0cwxa-wOxUsd2Bzgj6vUAqC0hKUlKCUBGVOUParI66sb6unXNki8ubVn9egGuu8e0CPdN4VKQE1IxheHcrsC7sPli-Ph7HlYz1LNMqrMY14dZCdk9dmtjpBeBU9cVbz4rgZNAPaaTdFi9J2K24ELhex8N1O2PJ9WFlB2iVQ62Aop-T9KzeRySlZad5GRE9g1QmYdECLt0HLCnSnwjD9PtntPKJGs56tlzG4rpDlK8h3nQN1Tt662Oznz_4PwU6vnwQXAWYqZKbCI_kbQVc9Ht_XJTm8r0tLftrMcpnIIZ1t_UFOc7H83cdit9SG37tlR99-xGbErH3-UNh8naZcpl1Lnt2QnAtzRxsmyC_37LaItgq7c6MwaZGtb928cy_JjLBW6nQCKl_Un4DJKXmj-_fFfw6TnyHNBKaokBSnZB5g2R5stsBWExi1wFHmoCyqsfGjxaGSBEosMI0q2H_haNGPDZ29prI6sI_RNQ5ovo80qdA3FfqqAlUj2GJ5nGfm9PofcwMj5YwjZZzDSBn15NJgK89qcSB85rrtVtML2rHwgpCzuNEOO7xJ3SAQyO105-u7K_8EAAD__zmzFCWtBAAA

IP / ASN

192.243.61.227

#39572 DataWeb Global Group B.V.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-10

Times Seen5753523

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerLet's Encrypt

Subjectkettledroopingcontinuation.com

Fingerprint38:55:0E:5D:7C:E7:08:BA:9A:77:8D:79:E7:3A:6B:27:F8:97:E4:89

ValiditySat, 28 Jun 2025 21:49:55 GMT - Fri, 26 Sep 2025 21:49:54 GMT

Technology Fingerprints

Nginx:1.21.6 (Web servers, Reverse proxies)

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC_1RSvW8cxRuetd399FMERBRISFdQgMDn_bovUkTkUxHGtpIgF9DMzsyeJze7s8zs3p6vsrCE0iBdOsr1c3YsSEDQg4TOdJaQclQu4oY_ASkNDTr7pIO3eN_3mWdGet7nna8OinMSoKBnW5_ooVSKrjXqbu3dbZlyXdraxsOa59bda7VtmTbDa7XBLJn-h14Q1t33ancF6-k13_Vc13O92h1pRKwHaxcsZPa849U7bj30614jxMD8F9vCgaUOeP-cvA7Jp1f-jD-DZBOkyY-3hO3lOvvgdlIommuDPj_-NO2lukyRLNrYOIjT4_ltaDsl5Jsl6PR4PgF0_3A2ASI5JUtvvkSUHs9lIuofXSqNFESKiP8PZX8CoSaQdAKm9yH5CwIwjo1NpMnTDW1KunvJ0hk7JSuv_oIsp2Tl5VWkyQ83lBzUHmhV5FKnFoO4ghxMILsTZMUJ8uESZHkCln8JyX8na6_WkSaHm1ZpSH72TtSOufBZYzUIeWM1bAXtVeo3W6utuBOJVofx0A0vLJLxBNQuo7AOCumgiB0UmYOEn9VCtx0yjwbNuMNZyw1pGHIRuZ2277q0w1oo2Ez7CHk2AlMjMLOHzOyhJ0cwxa-wOxUsd2Bzgj6vUAqC0hKUlKCUBGVOUParI66sb6unXNki8ubVn9egGuu8e0CPdN4VKQE1IxheHcrsC7sPli-Ph7HlYz1LNMqrMY14dZCdk9dmtjpBeBU9cVbz4rgZNAPaaTdFi9J2K24ELhex8N1O2PJ9WFlB2iVQ62Aop-T9KzeRySlZad5GRE9g1QmYdECLt0HLCnSnwjD9PtntPKJGs56tlzG4rpDlK8h3nQN1Tt662Oznz_4PwU6vnwQXAWYqZKbCI_kbQVc9Ht_XJTm8r0tLftrMcpnIIZ1t_UFOc7H83cdit9SG37tlR99-xGbErH3-UNh8naZcpl1Lnt2QnAtzRxsmyC_37LaItgq7c6MwaZGtb928cy_JjLBW6nQCKl_Un4DJKXmj-_fFfw6TnyHNBKaokBSnZB5g2R5stsBWExi1wFHmoCyqsfGjxaGSBEosMI0q2H_haNGPDZ29prI6sI_RNQ5ovo80qdA3FfqqAlUj2GJ5nGfm9PofcwMj5YwjZZzDSBn15NJgK89qcSB85rrtVtML2rHwgpCzuNEOO7xJ3SAQyO105-u7K_8EAAD__zmzFCWtBAAA HTTP/1.1
Host: kettledroopingcontinuation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/
Cookie: uid_id2=b8fde2c5-34d5-4738-a267-7f9be79cd404:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl20132884=1; slec1ff6363a986e7aa87f530defe2094722=[6073101]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Aug 2025 23:00:21 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
Access-Control-Allow-Origin: *
Vary: Origin
Access-Control-Allow-Credentials: true
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: iprc_l+1172fb7a7004a8dfbeada28bdfc5f902=6073101; expires=Sat, 02 Aug 2025 23:00:21 GMT; path=/; secure; SameSite=None
iprc_l:6073101=1; expires=Sat, 02 Aug 2025 23:00:21 GMT; path=/; secure; SameSite=None
Host: kettledroopingcontinuation.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: f5f3af30bc12bd4527fe88df003f76f1
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET besideunderstatement.com/89/8e/5d/898e5d63a0695f6c0eb338be63784f41.js

172.240.108.68

200 OK

123 kB

URL GET HTTPS

besideunderstatement.com/89/8e/5d/898e5d63a0695f6c0eb338be63784f41.js

IP / ASN

172.240.108.68

#7979 SERVERS-COM

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators

First Seen2025-08-01

Last Seen2025-08-02

Times Seen2

Size123 kB (122660 bytes)

MD57af17494b77ac1f7f155e8954b415426

SHA19bc0da72c481ff98f01a303624d1460931742f96

SHA256ed42d71a4a3bdcbdc8ffb779a2e12964a66e4893088e4c8a37edb264b4ef9f40

Certificate Info

IssuerLet's Encrypt

Subjectbesideunderstatement.com

Fingerprint70:98:D5:46:9C:64:3E:4B:0F:17:49:0A:8C:E0:83:D2:F7:F9:81:72

ValiditySun, 08 Jun 2025 20:44:49 GMT - Sat, 06 Sep 2025 20:44:48 GMT

Technology Fingerprints

Nginx:1.21.6 (Web servers, Reverse proxies)

Envoy (Reverse proxies)

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /89/8e/5d/898e5d63a0695f6c0eb338be63784f41.js HTTP/1.1
Host: besideunderstatement.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Aug 2025 23:00:19 GMT
Content-Type: application/javascript
Content-Length: 39910
Connection: keep-alive
content-encoding: gzip
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 4
Host: besideunderstatement.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 1e3add2f54da8f9e4fb9db99d2f33c24
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET loadedfiles.org/dwn.gif

195.230.23.84

404 Not Found

13 kB

URL GET HTTPS

loadedfiles.org/dwn.gif

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeHTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators

First Seen2025-08-01

Last Seen2025-08-01

Times Seen1

Size13 kB (12971 bytes)

MD599fa5dc89a4592ba65753109dcd2df6e

SHA19f3d30190a5144063f722169bfaf7685824f8b07

SHA2562100187c30b2b271b323504631e604002e8ba61de6c3d8c6fd12e22e09e0a712

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

Apache HTTP Server (Web servers)

HTTP Headers

GET /dwn.gif HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=
Cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, no-cache, private
pragma: no-cache
access-control-allow-origin: https://loadedfiles.org
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description
access-control-allow-credentials: true
date: Fri, 01 Aug 2025 23:00:19 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2655
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.178.99

200 OK

48 kB

URL GET HTTPS

fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

IP / ASN

142.250.178.99

#15169 GOOGLE

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeWeb Open Font Format (Version 2), TrueType, length 48332, version 1.0

First Seen2025-05-29

Last Seen2025-08-10

Times Seen34603

Size48 kB (48332 bytes)

MD55734e133a619a6ae6ee21a6c00a95eba

SHA157c0ac17302d07bd4f968240098afe5ed53d4ad2

SHA256d7a547581722aa055a7fb5b9912aebf3f3e928e1db3e5af9e54cf158cb4c4c4a

Certificate Info

IssuerGoogle Trust Services

Subject*.gstatic.com

Fingerprint43:A0:95:35:FB:C7:02:15:92:9E:20:20:0D:0A:E7:8F:93:61:52:CD

ValidityMon, 07 Jul 2025 08:35:11 GMT - Mon, 29 Sep 2025 08:35:10 GMT

HTTP Headers

GET /s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://loadedfiles.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 31 Jul 2025 15:48:02 GMT
expires: Fri, 31 Jul 2026 15:48:02 GMT
cache-control: public, max-age=31536000
age: 112337
last-modified: Wed, 28 May 2025 18:06:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET cdn.creative-sb1.com/sb/ssp/interstitial/background_image/1/css/style.css

104.21.64.1

200 OK

2.5 kB

URL GET HTTPS

cdn.creative-sb1.com/sb/ssp/interstitial/background_image/1/css/style.css

IP / ASN

104.21.64.1

#13335 CLOUDFLARENET

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeASCII text

First Seen2024-02-19

Last Seen2025-08-10

Times Seen136

Size2.5 kB (2536 bytes)

MD599c4d51e8d827c6ef4c5da4a4c9c361c

SHA14858f7d40be16dceba76dd1104054633d723ae6e

SHA2566a8d79e72f05bf80fdabc33023c2002d93f89a6e55dd75d5fb7da2d78436a3b0

Certificate Info

IssuerGoogle Trust Services

Subjectcreative-sb1.com

FingerprintCD:76:E0:2A:28:09:08:24:2D:4C:A1:14:B2:AE:6C:39:A4:CC:2F:6B

ValidityTue, 01 Jul 2025 14:01:22 GMT - Mon, 29 Sep 2025 14:59:36 GMT

Technology Fingerprints

Cloudflare (CDN)

HTTP Headers

GET /sb/ssp/interstitial/background_image/1/css/style.css HTTP/1.1
Host: cdn.creative-sb1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://loadedfiles.org
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Aug 2025 23:00:21 GMT
content-type: text/css
server: cloudflare
last-modified: Tue, 14 Nov 2023 10:12:37 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"65534815-9e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
age: 11198
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=SqhH%2Ftf%2BvBSlaCY0g2ds32I2Ivyi5ud2fsLtJieNenyoL1AtkKCexbn4Mdy0SE9hMeXrMpSwX4FiAxOI0tE6DD%2FBuYaxZA3NDIyoKqAwZ2tspA%3D%3D"}]}
cf-ray: 9688f381edbe5690-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.178.99

200 OK

40 kB

URL GET HTTPS

fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

IP / ASN

142.250.178.99

#15169 GOOGLE

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeWeb Open Font Format (Version 2), TrueType, length 40128, version 1.0

First Seen2025-01-08

Last Seen2025-08-10

Times Seen103986

Size40 kB (40128 bytes)

MD59a01b69183a9604ab3a439e388b30501

SHA18ed1d59003d0dbe6360481017b44665153665fbe

SHA25620b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

Certificate Info

IssuerGoogle Trust Services

Subject*.gstatic.com

Fingerprint43:A0:95:35:FB:C7:02:15:92:9E:20:20:0D:0A:E7:8F:93:61:52:CD

ValidityMon, 07 Jul 2025 08:35:11 GMT - Mon, 29 Sep 2025 08:35:10 GMT

HTTP Headers

GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://loadedfiles.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 01 Aug 2025 08:13:09 GMT
expires: Sat, 01 Aug 2026 08:13:09 GMT
cache-control: public, max-age=31536000
age: 53232
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET loadedfiles.org/themes/spirit/assets/frontend/css/jquery.steps.css

195.230.23.84

200 OK

6.0 kB

URL GET HTTPS

loadedfiles.org/themes/spirit/assets/frontend/css/jquery.steps.css

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeASCII text, with CRLF line terminators

First Seen2023-04-11

Last Seen2025-08-10

Times Seen1801

Size6.0 kB (6019 bytes)

MD525cfe48e07622a00154b677afcbaeb47

SHA123e3ae1bd04ad1d00d25d30e39815104ceeae52f

SHA256709debbdebf13d8d6c85571caee6e44629142518e9336ed1aa01d6e94ab4d056

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

Apache HTTP Server (Web servers)

HTTP Headers

GET /themes/spirit/assets/frontend/css/jquery.steps.css HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=
Cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 15 Apr 2022 11:04:00 GMT
etag: "1783-5dcaf5e1e8800-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1165
content-type: text/css
date: Fri, 01 Aug 2025 23:00:19 GMT
server: Apache
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=G-HD48XQQR2V

142.250.74.168

200 OK

405 kB

URL GET HTTPS

www.googletagmanager.com/gtag/js?id=G-HD48XQQR2V

IP / ASN

142.250.74.168

#15169 GOOGLE

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeJavaScript source, ASCII text, with very long lines (6006)

First Seen2025-08-01

Last Seen2025-08-01

Times Seen1

Size405 kB (405158 bytes)

MD537a4521177f90374cf8944a2a004980b

SHA171cd3a41a36b2d83aeb7c4ce29310139c1fafc4b

SHA2567678ad42750e1af3f96b7d4044fb6a78c0d51ec2eedd3393ee92cee23bee74ab

Certificate Info

IssuerGoogle Trust Services

Subject*.google-analytics.com

FingerprintA2:8A:24:AD:51:7D:A4:62:BB:34:6F:C9:21:A1:B9:E1:2D:A6:0E:C1

ValidityMon, 07 Jul 2025 08:34:03 GMT - Mon, 29 Sep 2025 08:34:02 GMT

Technology Fingerprints

HTTP Headers

GET /gtag/js?id=G-HD48XQQR2V HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 01 Aug 2025 23:00:19 GMT
expires: Fri, 01 Aug 2025 23:00:19 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1099:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1099:0
report-to: {"group":"ascgcycc:1099:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1099:0"}],}
server: Google Tag Manager
content-length: 135165
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.178.99

200 OK

48 kB

URL GET HTTPS

fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

IP / ASN

142.250.178.99

#15169 GOOGLE

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeWeb Open Font Format (Version 2), TrueType, length 48332, version 1.0

First Seen2025-05-29

Last Seen2025-08-10

Times Seen34603

Size48 kB (48332 bytes)

MD55734e133a619a6ae6ee21a6c00a95eba

SHA157c0ac17302d07bd4f968240098afe5ed53d4ad2

SHA256d7a547581722aa055a7fb5b9912aebf3f3e928e1db3e5af9e54cf158cb4c4c4a

Certificate Info

IssuerGoogle Trust Services

Subject*.gstatic.com

Fingerprint43:A0:95:35:FB:C7:02:15:92:9E:20:20:0D:0A:E7:8F:93:61:52:CD

ValidityMon, 07 Jul 2025 08:35:11 GMT - Mon, 29 Sep 2025 08:35:10 GMT

HTTP Headers

GET /s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://loadedfiles.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 31 Jul 2025 15:48:02 GMT
expires: Fri, 31 Jul 2026 15:48:02 GMT
cache-control: public, max-age=31536000
age: 112337
last-modified: Wed, 28 May 2025 18:06:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i

142.250.74.10

200 OK

39 kB

URL GET HTTPS

fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i

IP / ASN

142.250.74.10

#15169 GOOGLE

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeASCII text, with very long lines (1572)

First Seen2025-06-02

Last Seen2025-08-10

Times Seen726

Size39 kB (39341 bytes)

MD50812d3cfd3d7800435f05536b513ecfd

SHA1e70839be86f9de0d31aa6b5f0903da7c1fc7c286

SHA25600e20cfbdec23113781e1620e51b3e336b15acd9a3c026a184390736b26dab70

Certificate Info

IssuerGoogle Trust Services

Subjectupload.video.google.com

FingerprintDF:A1:DB:1F:BC:5E:31:D7:F8:FE:26:E3:B9:B3:02:98:B1:C8:50:EC

ValidityMon, 07 Jul 2025 08:35:11 GMT - Mon, 29 Sep 2025 08:35:10 GMT

Technology Fingerprints

HTTP Headers

GET /css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 01 Aug 2025 23:00:19 GMT
date: Fri, 01 Aug 2025 23:00:19 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET loadedfiles.org/themes/spirit/assets/frontend/css/stack-interface.css

195.230.23.84

200 OK

3.2 kB

URL GET HTTPS

loadedfiles.org/themes/spirit/assets/frontend/css/stack-interface.css

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeUnicode text, UTF-8 text, with CRLF line terminators

First Seen2023-04-11

Last Seen2025-08-10

Times Seen1769

Size3.2 kB (3160 bytes)

MD54541b29b6040bc31b760f98e914fd1d7

SHA10521a4f98cdf5e1fde3eeb9cae64fd39075cd9ba

SHA2566910b6609166588208a24355d3c3666140dd0d7fcb3884b31eedb72773e44794

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

Apache HTTP Server (Web servers)

HTTP Headers

GET /themes/spirit/assets/frontend/css/stack-interface.css HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=
Cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 15 Apr 2022 11:04:00 GMT
etag: "c58-5dcaf5e1e8800-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1084
content-type: text/css
date: Fri, 01 Aug 2025 23:00:19 GMT
server: Apache
X-Firefox-Spdy: h2

GET loadedfiles.org/themes/spirit/assets/frontend/js/cookiealert.js

195.230.23.84

200 OK

1.8 kB

URL GET HTTPS

loadedfiles.org/themes/spirit/assets/frontend/js/cookiealert.js

IP / ASN

195.230.23.84

#58294 CloudWall Ltd.

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeJavaScript source, ASCII text, with CRLF line terminators

First Seen2023-03-07

Last Seen2025-08-09

Times Seen2692

Size1.8 kB (1836 bytes)

MD581279e22c8ece9e1d0536a402484daa3

SHA1911797507fb12d4f451d5900e32db96ad697c401

SHA2565c6237178e88ab7f1c6e26c9e99547e58782450b8f2a182129448ff4d99e89ab

Certificate Info

IssuerLet's Encrypt

Subjectloadedfiles.org

Fingerprint13:E3:23:ED:4D:FD:D3:35:D4:7C:D6:90:CB:88:4D:50:86:82:6D:19

ValiditySat, 19 Jul 2025 22:35:40 GMT - Fri, 17 Oct 2025 22:35:39 GMT

Technology Fingerprints

Apache HTTP Server (Web servers)

HTTP Headers

GET /themes/spirit/assets/frontend/js/cookiealert.js HTTP/1.1
Host: loadedfiles.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=
Cookie: filehosting=mvro6ug9mrkohfkocjvtlmuohe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 15 Apr 2022 11:04:00 GMT
etag: "72c-5dcaf5e1e8800-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 809
content-type: text/javascript
date: Fri, 01 Aug 2025 23:00:19 GMT
server: Apache
X-Firefox-Spdy: h2

GET cdn.creative-sb1.com/sb/ssp/interstitial/background_image/1/js/script.js

104.21.64.1

200 OK

569 B

URL GET HTTPS

cdn.creative-sb1.com/sb/ssp/interstitial/background_image/1/js/script.js

IP / ASN

104.21.64.1

#13335 CLOUDFLARENET

Requested byhttps://loadedfiles.org/0a0d406de6b39d36?pt=VGV4M1lsL0l3VE5vNkVmT3N2ZGpiV2xCTkV4QlZUaFBTbkpyVDJ4cFNsQk5hVGwwUVhjOVBRPT0=

Resource Info

File typeASCII text

First Seen2024-08-06

Last Seen2025-08-10

Times Seen134

Size569 B (569 bytes)

MD5f27e073eb67b2adf1f2192d35c0926f1

SHA1f2f86e7b02a549ad8ee59d30a181697c280b8bce

SHA2561ba076492d27e6cf42d837bc452fac345bb9e2a0416464a27291c2c7b75f699e

Certificate Info

IssuerGoogle Trust Services

Subjectcreative-sb1.com

FingerprintCD:76:E0:2A:28:09:08:24:2D:4C:A1:14:B2:AE:6C:39:A4:CC:2F:6B

ValidityTue, 01 Jul 2025 14:01:22 GMT - Mon, 29 Sep 2025 14:59:36 GMT

Technology Fingerprints

Cloudflare (CDN)

HTTP Headers

GET /sb/ssp/interstitial/background_image/1/js/script.js HTTP/1.1
Host: cdn.creative-sb1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://loadedfiles.org
DNT: 1
Connection: keep-alive
Referer: https://loadedfiles.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Aug 2025 23:00:21 GMT
content-type: application/javascript
server: cloudflare
last-modified: Mon, 09 Oct 2023 11:38:58 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=1BRHLyj%2BaZsfNQzUOVGm6q71Gy7gC6FXHpD1TL05oqIJ9nNGRGN0r8yUOXDZKY1JOLY4UfRRbFJdxbXoviafBv8jeKSbHEBPXnXg2WStzII27A%3D%3D"}]}
age: 11197
cf-cache-status: HIT
etag: W/"6523e652-239"
content-encoding: br
cf-ray: 9688f382fea95690-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2