Report - nofile.org/v/0c2dd7

Report Overview

Visited public
2024-07-27 22:36:55
Tags
URL
nofile.org/v/0c2dd7
Finishing URL
nofile.org/v/0c2dd7
IP / ASN
172.67.139.39
#13335 CLOUDFLARENET
Title
IuJyuujuJJJuu mp4

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
jwpltx.com	2651	2012-08-14	2015-01-29 10:22:25	2024-07-26 18:42:31	731 B	292 B	143.204.55.22
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-07-27 18:12:19	2.6 kB	7.1 kB	23.33.119.57
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-07-27 18:22:34	2.3 kB	4.9 kB	142.250.74.67
accounts.google.com	81	1997-09-15	2016-03-20 13:44:49	2024-07-27 18:23:58	3.7 kB	62 kB	74.125.205.84
static.addtoany.com	4091	2006-03-10	2012-05-21 14:58:18	2024-07-27 21:11:39	3.7 kB	92 kB	104.22.70.197
ad.a-ads.com	26970	2012-07-07	2013-04-19 23:54:57	2024-07-27 20:47:19	515 B	6.5 kB	148.251.1.246
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-07-27 18:17:04	530 B	48 kB	216.58.207.227
www.hcaptcha.com	91052	2018-01-12	2019-09-05 07:55:07	2024-07-27 23:17:06	396 B	390 kB	104.19.230.21
malsup.github.io	46665	2013-03-08	2013-04-11 13:15:03	2024-07-26 15:11:40	400 B	13 kB	185.199.109.153
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2024-07-27 21:47:35	426 B	34 kB	142.250.74.106
rkskillsombineukd.com	unknown	unknown	No data	No data	963 B	1.8 kB	54.240.174.98
hyistkechaukrguke.com	unknown	2024-04-01	2024-07-27 11:19:05	2024-07-27 14:22:29	1.6 kB	1.9 kB	172.67.189.231
getrunkhomuto.info	unknown	2024-03-31	2024-03-31 12:52:35	2024-07-27 11:20:38	925 B	3.7 kB	143.204.55.8
pogothere.xyz	unknown	2022-08-22	2022-09-04 21:11:25	2024-07-27 14:22:29	828 B	104 kB	172.67.220.203
ssl.p.jwpcdn.com	2512	2012-08-07	2017-01-30 06:00:14	2024-07-27 18:14:10	1.2 kB	100 kB	151.101.130.114
rawcdn.githack.com	72170	2013-10-12	2016-07-04 13:09:52	2024-07-27 16:57:50	481 B	3.2 kB	104.21.234.231
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18 02:37:31	2024-07-27 18:59:21	1.4 kB	80 kB	104.18.10.207
nofile.org	unknown	2019-06-28	2019-08-14 00:08:41	2024-04-16 06:57:39	2.8 kB	13 kB	172.67.139.39
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-07-27 18:22:31	451 B	5.5 kB	142.250.74.74
d1u5ibtsigyagv.cloudfront.net	unknown	2008-04-25	2024-03-09 07:27:21	2024-05-31 21:00:28	1.1 kB	70 kB	54.230.241.217

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-07-27	medium	getrunkhomuto.info	Sinkholed

ThreatFox

No alerts detected

JavaScript (41)

	URL	From	Size	First Seen	Last Seen
	unknown	Function	106 B	2023-05-09	2025-01-08
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-09 01:21 Last Seen2025-01-08 23:18 Times Seen17 Hash 41a5bd9e1771755e21d4cc301750b1d8 d504a72cce3689b9dc61b41389b193df042dbd3b 2202affee99f734d357182ee8184fe04e4a089efba7166a41b482998bcc67272 Loading...

	unknown	Function	112 B	2023-05-09	2025-01-08
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-09 01:21 Last Seen2025-01-08 23:18 Times Seen17 Hash 567190aff3acb0e6081929eeccb6347f a4d95d0dee7baa8688a27b3f0f2617f6bdf3bdea 8b8f89dfd6e6078e028e0ddd7236b0efcced1396044742b285f18db8a217111e Loading...

	unknown	Function	110 B	2023-05-09	2025-01-08
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-09 01:21 Last Seen2025-01-08 23:18 Times Seen17 Hash a46730bf49cd447c8197cc8e728cdfa4 e00dd3faed8382be142b54472304821dd3540585 30ab054f68b3bc4b346017a420b5414614eb7e13676358dc2a89c48ad35af381 Loading...

	unknown	Function	106 B	2023-05-09	2025-01-08
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-09 01:21 Last Seen2025-01-08 23:18 Times Seen17 Hash 5237b3ed01f6637875a3722a9dc72e6b 892882c31f0d987351eeaef0251ce6046a6f3aaf ddcee9ae41481a99fcc5eb18c32ccd9ecc1bbd6b51314587f0f31a79e95f9582 Loading...

	unknown	Function	109 B	2023-05-09	2025-01-08
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-09 01:21 Last Seen2025-01-08 23:18 Times Seen17 Hash 61bb29f489d7fe2b5973dacdc0ce415c a0e1879f31dba85b8d304700d9f54534d6c10d68 6f1916a60acc7ae0bb28968555ee140e0884836e1bd376a978bf6fc75e2ddece Loading...

	unknown	Function	109 B	2023-05-09	2025-01-08
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-09 01:21 Last Seen2025-01-08 23:18 Times Seen17 Hash 5e0ceba598893e9955bd8c320492445e 3c71c8ad22d5e9ef7ddc192ecf08fa93b28f4979 3e1b7f09d8d6113e7e36f8f9bfc69406732b21baf710cd893a9cf790265606cb Loading...

	unknown	Function	111 B	2023-05-09	2025-01-08
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-09 01:21 Last Seen2025-01-08 23:18 Times Seen17 Hash e8935a991363311b8c349b96d3997d88 a46923adfc9d789fb06afa4f77fcfa3d9afb6ae7 4441afd67b7872f1aa8a1f6477a6e06068d15f1d15396601b65e29b590cb4322 Loading...

	unknown	Function	113 B	2023-05-09	2025-01-08
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-09 01:21 Last Seen2025-01-08 23:18 Times Seen17 Hash 11ddf44e7e2b455ef9d21f7a920b0a8c b553906404b474dfaccf06d3623eaf8663df82ae 0152f762719f4d83cdc1acfb55907ed5a7e9100ab73addc09a2bcdc76f4a0de1 Loading...

	unknown	Function	112 B	2023-05-09	2025-01-08
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-09 01:21 Last Seen2025-01-08 23:18 Times Seen17 Hash fe8578795681a82ec696d7e231dc6633 badfa0e1571142e38d6d55883a2c61fbd5e3b9e4 e1c82b94dbc22154e37da0ee7da67f7c5a0fec2214bb57f440e8fcbd78e674f3 Loading...

	nofile.org/libs/ie10-viewport-bug-workaround.js	ScriptElement	693 B	2023-03-08	2025-06-21
Pretty URL nofile.org/libs/ie10-viewport-bug-workaround.js IP 172.67.139.39 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:55 Last Seen2025-06-21 03:06 Times Seen72 Hash 36ceac21142b5547f3a64680ac32dd44 d2eeabb9a4011e5355b6f8b358de77fcabfb5876 55e8b904ad883620452aba4c984b3d489d13078645db0da58647e50ed7e83e24 Loading...

	rawcdn.githack.com/grevory/bootstrap-file-input/2b38ec89c615045f6df6f98732fc189f310e394b/bootstrap.file-input.js	ScriptElement	5.2 kB	2023-03-07	2025-05-09
Pretty URL rawcdn.githack.com/grevory/bootstrap-file-input/2b38ec89c615045f6df6f98732fc189f310e394b/bootstrap.file-input.js IP 104.21.234.231 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42 Last Seen2025-05-09 21:24 Times Seen110 Hash ff43197a8b7f0aee9eadaa54b7084e04 3ddf3a440456fb7f9dfdd0f29d75b1d8c3bbf28a 8aca2158ffba4d335017abc99fa87b343dd130da12869ffa9a4d180f0366a016 Loading...

	unknown	Function	106 B	2023-05-09	2025-01-08
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-09 01:21 Last Seen2025-01-08 23:18 Times Seen17 Hash e7191a12ec15b0943ac57c2dec33836a 6a8982088e9087e2db5f91c12618996e81a18f1b a05d86479550016a59289da0bd883ddb94b6b279edde30b95a8d12940e5368a1 Loading...

	static.addtoany.com/menu/svg/icons/facebook.js	ScriptElement	429 B	2024-04-12	2025-06-21
Pretty URL static.addtoany.com/menu/svg/icons/facebook.js IP 104.22.70.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 16:11 Last Seen2025-06-21 01:45 Times Seen1705 Hash 014bcc757e484e12e3aea6c9d768fd4b 4c17157d0012f8002e4e6cf77c5f4a9747792cf4 4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49 Loading...

	static.addtoany.com/menu/svg/icons/twitter.js	ScriptElement	645 B	2024-04-12	2025-06-20
Pretty URL static.addtoany.com/menu/svg/icons/twitter.js IP 104.22.70.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 16:11 Last Seen2025-06-20 23:41 Times Seen1289 Hash ca05cf90bd32d6134c0b92464c343f9a 187feb5cc71d225717838268487a0abc9b8d405c 3003867b66a32c12fdafeefc27cf06d906e5a99ba275550ab757f4bb04834636 Loading...

	static.addtoany.com/menu/svg/icons/facebook_messenger.js	ScriptElement	377 B	2024-04-16	2025-06-20
Pretty URL static.addtoany.com/menu/svg/icons/facebook_messenger.js IP 104.22.70.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 17:58 Last Seen2025-06-20 11:36 Times Seen246 Hash 343f07ed0eba2eac4b6168f910356a92 824b0a6b38a723309895aa82470316dac9fdd233 9b0725996689167816d5e5cff57ebee596e1fd353e96cbcdfa8f816a9228a678 Loading...

	unknown	Function	107 B	2023-05-09	2025-01-08
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-09 01:21 Last Seen2025-01-08 23:18 Times Seen17 Hash 9bc8b233fc157403572a19636f9346a1 59f7ba7af561e22baa171b58f1b1b1f5995f07e4 32dc5b6405dc662fb46d043c48c00a362e57819ec4e724f12f9ec37a289008e8 Loading...

	static.addtoany.com/menu/page.js	ScriptElement	3.1 kB	2024-07-25	2024-08-21
Pretty URL static.addtoany.com/menu/page.js IP 104.22.70.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-25 11:37 Last Seen2024-08-21 10:21 Times Seen778 Hash c4f8d64d11917b9ddc0b520c7f9fb970 a509f08ab3a7b780755ce0f8f24685f4c18ff633 f06bf06915359224831501cef5d0c410b2dccf80d1b6082b776f6147e18ee524 Loading...

	d1u5ibtsigyagv.cloudfront.net/?tbiud=958756	ScriptElement	210 kB	2024-08-19	2024-08-19
Pretty URL d1u5ibtsigyagv.cloudfront.net/?tbiud=958756 IP 54.230.241.217 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 15:32 Last Seen2024-08-19 15:32 Times Seen2 Hash 6d56e51ff105777f986ad1149eefd802 07318162a6b67153ae48fabe766c721c40c12c27 fb40b2bbcd7e7742aa03aac3408ac3919afc5c88a66a01795be4302f873eebbb Loading...

	ssl.p.jwpcdn.com/6/11/jwpsrv.js	ScriptElement	19 kB	2023-03-07	2025-03-06
Pretty URL ssl.p.jwpcdn.com/6/11/jwpsrv.js IP 151.101.130.114 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42 Last Seen2025-03-06 10:23 Times Seen39 Hash 4e18a2b8e1355456b70e8d9687d81dd4 de74359bb38893ec08d52e883138383b37a91ba3 ccc2823ad12a8cbdfce2bf08af6e7ae645b568b0b85bab0c8b4c068a568f97df Loading...

	unknown	Function	108 B	2023-05-09	2025-01-08
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-09 01:21 Last Seen2025-01-08 23:18 Times Seen17 Hash 0d585f1d4d69f252a5ce34160133d3d6 0ae8b5f8868eabf647a7ddb3a54cdcb44ee693fe 2d79b3e3db549f446c6499a1f714b091273aa2b1acff0afea89b1ac6eccf2f00 Loading...

	unknown	Function	111 B	2023-05-09	2025-01-08
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-09 01:21 Last Seen2025-01-08 23:18 Times Seen17 Hash bb237c25923bbc79374f36f088449e08 f0c1f63d841b224939a2c6c5d73d49f2dc216212 10bc183db93313611be8b31bcd8950869997c6f498352c7644557f3d00687109 Loading...

	unknown	Function	109 B	2023-05-09	2025-01-08
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-09 01:21 Last Seen2025-01-08 23:18 Times Seen17 Hash 83c3113a356e3f23464f9c05c9119c7d e631b50e234922cb5db12d247dd7ba4fdd90b946 45ba5c6bc3c409cd30aae2e90fc9f77840faa9964626cd1942a8a4ffed5a080e Loading...

	static.addtoany.com/menu/svg/icons/whatsapp.js	ScriptElement	1.1 kB	2024-04-12	2025-06-20
Pretty URL static.addtoany.com/menu/svg/icons/whatsapp.js IP 104.22.70.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 13:25 Last Seen2025-06-20 21:04 Times Seen989 Hash 0e8b3ac6bda5451ff39c5ecd6d7b3873 fb477a11167000a30e45369e686ec43dd62d026b c15e1379ca2c59f99912500bbc23a0d1d88f43198cbe1b53d87776fa351385eb Loading...

	unknown	Function	105 B	2023-05-09	2025-01-08
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-09 01:21 Last Seen2025-01-08 23:18 Times Seen17 Hash 5bf2a3f05dff2bbc2f76c6136d7e0493 0ddf01bf4bc796f325f8c5e5baf08567985daea0 8e6d361730f2f3dd4781d93602b1e276da88d5de80502458b7a437fa7d954d69 Loading...

	unknown	Function	109 B	2023-05-09	2025-01-08
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-09 01:21 Last Seen2025-01-08 23:18 Times Seen17 Hash be913a0c795fa6ee2f4afb99d402f07b 5e4d4ddbdc4254a424a13b0b15c5faa20c842c0e fa466b3647fcf4c4e6213395fc4f07eb7ab52b39204188dc13f099ff82b79e8e Loading...

	unknown	Function	111 B	2023-05-09	2025-01-08
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-09 01:21 Last Seen2025-01-08 23:18 Times Seen17 Hash 183cea04abf91689ee8d25ad2b8fa6c4 b634c813d8ed61262017357592b672bf05d44f0f 2ebdd4331122583dc37127a53ce9db481bc13691e7096871b26ad985df3dc332 Loading...

	unknown	Function	112 B	2023-05-09	2025-01-08
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-09 01:21 Last Seen2025-01-08 23:18 Times Seen17 Hash b12c82b74b823de113b6e60537f83bf8 bdf4baed00353ccd3072f384ae900f3da265d038 8e73e8dca0ba33bd7484f33552b684b437b346124d1441fdc137302b27837a3d Loading...

	nofile.org/libs/custom-1.0.js	ScriptElement	1.4 kB	2023-03-26	2025-04-29
Pretty URL nofile.org/libs/custom-1.0.js IP 172.67.139.39 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 06:48 Last Seen2025-04-29 16:36 Times Seen36 Hash b2cae7b6100ec74588020f10299d720d b0d149ec97a43d57ce8f2c56b2e183c2b5ce224e c7d136b706b41fa7e80008fcb5c96bd7fca9e1776fd2bb6aa8776220a21738f7 Loading...

	static.addtoany.com/menu/sm.25.html#type=core&event=load	ScriptElement	0 B	0001-01-01	2025-06-21
Pretty URL static.addtoany.com/menu/sm.25.html#type=core&event=load IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-06-21 03:41 Times Seen5048535 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.hcaptcha.com/1/api.js	ScriptElement	390 kB	2024-07-25	2024-08-19
Pretty URL www.hcaptcha.com/1/api.js IP 104.19.230.21 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-25 10:52 Last Seen2024-08-19 15:48 Times Seen76 Hash 123006a01c146b4b06c7b50dfa432154 cfc1bb08ac4643dd6db3d80d7d3c9475f86405e5 a0aa0ea86b380542a85e18bd0a1a3d09c98c82cdb4fa59661db51a47b662a7c4 Loading...

	unknown	Function	109 B	2023-05-09	2025-01-08
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-09 01:21 Last Seen2025-01-08 23:18 Times Seen17 Hash 827ad4ac540441310de4957224f474e6 fe65e03580fd34602a3fdd24d7c8ff4418042457 261a5f3761c253f3a34d015cc9ed7c5806ff8f51bed48d78500070fd447657c5 Loading...

	unknown	Function	106 B	2023-05-09	2025-01-08
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-09 01:21 Last Seen2025-01-08 23:18 Times Seen17 Hash b56eee16cd9b26998dac5a02af8347f2 57c3fc512a2ce74f856b6600b69d265f12104a3b cdb69a110381cda02a7cd36e54b4118a393726e13390f77276783189f1b71ae1 Loading...

	nofile.org/v/0c2dd7	ScriptElement	417 B	2024-08-19	2024-08-19
Pretty URL nofile.org/v/0c2dd7 IP 172.67.139.39 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 15:32 Last Seen2024-08-19 15:32 Times Seen1 Hash fdd0f24d2c0875e1408ee13f68a69297 d48116ded2e103b33c58e4546ad47d1f2a549e5f 6333ff8041feb7ef568ccc8c9f96bcfee7c4b29bf6ac633204a222b239ed6258 Loading...

	malsup.github.io/jquery.form.js	ScriptElement	44 kB	2023-03-07	2025-06-20
Pretty URL malsup.github.io/jquery.form.js IP 185.199.109.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26 Last Seen2025-06-20 07:21 Times Seen382 Hash 08a24670beb2eae7ef79a6d5ac23874b eca8a1978457941622833130e92b9b274e2b3a36 3a16fd80d67008f1c947cf93ebb20e2af2ed1a6317e194d35ed15046076c4211 Loading...

	nofile.org/libs/panel-search.js	ScriptElement	306 B	2023-03-07	2025-05-09
Pretty URL nofile.org/libs/panel-search.js IP 172.67.139.39 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42 Last Seen2025-05-09 21:24 Times Seen52 Hash aafa81c5eb3a51fa2127bb6a297cc966 fc8aa3b7a809f3fa873662601478744d9f99a692 e16b9edaf0a11ba29ed22b735e882d2e34c1e0a22e4adf6db1cf54fd7fa600a8 Loading...

	static.addtoany.com/menu/modules/core.D0Uc7kY6.js	ScriptElement	71 kB	2024-07-24	2025-04-11
Pretty URL static.addtoany.com/menu/modules/core.D0Uc7kY6.js IP 104.22.70.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-24 09:41 Last Seen2025-04-11 12:35 Times Seen1789 Hash 4c62aecc026617eea577f89b2340ce8c cbfd9cf6455f136a142ced83c59559cb63b8dc8c d07ac60d7d494f8688e4844d51b988f6a2f95b5e9435880e628eb8966e091382 Loading...

	static.addtoany.com/menu/svg/icons/wechat.js	ScriptElement	1.2 kB	2024-04-27	2025-06-19
Pretty URL static.addtoany.com/menu/svg/icons/wechat.js IP 104.22.70.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 04:58 Last Seen2025-06-19 04:55 Times Seen94 Hash b0e286d45d3573a78afc388522472eac 0981eaedebb795e282ce807724037b8088adf405 315a36857f81419cc32e1f7bf3caf201f1c28fb86e534d4084cea148cd3f4269 Loading...

	ssl.p.jwpcdn.com/6/11/jwplayer.html5.js	ScriptElement	174 kB	2023-03-07	2025-01-08
Pretty URL ssl.p.jwpcdn.com/6/11/jwplayer.html5.js IP 151.101.130.114 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42 Last Seen2025-01-08 23:18 Times Seen22 Hash 502a17cd6e1801aa6e245e8fc79ab7c3 172393829cc71a154d01f7d4c364b6e72bd71d08 4c255c929b42b4e498b958177f68595cd2c833e4768e58e3b7b3a20449aa1e45 Loading...

	ssl.p.jwpcdn.com/6/11/jwplayer.js	ScriptElement	72 kB	2023-03-07	2025-06-12
Pretty URL ssl.p.jwpcdn.com/6/11/jwplayer.js IP 151.101.130.114 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42 Last Seen2025-06-12 17:56 Times Seen123 Hash 0529b2abc1e42b6739b9daa410de76eb 6c1e77f43caf36281ca02c2ae07fdbbbf277a627 c1170b83dab1a0d7b672925cc3883b8ab6560240ac09a605860f060b61aa022e Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js	ScriptElement	96 kB	2023-03-07	2025-06-21
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-21 03:13 Times Seen26264 Hash 8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js	ScriptElement	32 kB	2023-03-07	2025-06-21
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-21 03:06 Times Seen3078 Hash abda843684d022f3bc22bc83927fe05f 26908395e7a9a4eab607d80aa50a81d65f3017cb 24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f Loading...

HTTP Transactions (58)

URL IP Response Size

r10.o.lencr.org/

23.33.119.57

504 B

URL
r10.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
1923cde36555abe065c52a358521a6f5
1cfff065ff7d9706aa7142cc99855769a50f642e
9bdc1a9c47d76dc96134b04996050573491d15a2d8b6be4157791b9d6f0766c9

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "9BDC1A9C47D76DC96134B04996050573491D15A2D8B6BE4157791B9D6F0766C9"
Last-Modified: Sat, 27 Jul 2024 06:56:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11056
Expires: Sun, 28 Jul 2024 01:40:44 GMT
Date: Sat, 27 Jul 2024 22:36:28 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.57

504 B

URL
r10.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
b8e31d15afcf09f5bb82859001dd8709
9cbcde3c0dfe955fa6116416d94a7a18746b50c7
552c092e8f81ebcd4575f45f58dbbc32e2813e6e6a988adf173122916658ae47

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "552C092E8F81EBCD4575F45F58DBBC32E2813E6E6A988ADF173122916658AE47"
Last-Modified: Sat, 27 Jul 2024 06:58:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16323
Expires: Sun, 28 Jul 2024 03:08:31 GMT
Date: Sat, 27 Jul 2024 22:36:28 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.57

504 B

URL
r10.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
182b9c01b864c7d116c3fc28cbb58d6e
644efdd1cd6ee4e5d5ec976387b3dbf47ed51dc1
5d2cc1a96f886c04483d570f2fba83b9b430796d2faf9d6d115cca98bc6b713f

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5D2CC1A96F886C04483D570F2FBA83B9B430796D2FAF9D6D115CCA98BC6B713F"
Last-Modified: Sat, 27 Jul 2024 06:58:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2841
Expires: Sat, 27 Jul 2024 23:23:49 GMT
Date: Sat, 27 Jul 2024 22:36:28 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.57

504 B

URL
r10.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
0b1ec2ddc6f2bdcb53c4a68f0dadfffa
6e2cca0a8a8c68f778c60628583b1c944c3cc2fc
7d7df3345b5736ccce59d0996a373c2ccc915b51d725a47131936cb170207467

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "7D7DF3345B5736CCCE59D0996A373C2CCC915B51D725A47131936CB170207467"
Last-Modified: Sat, 27 Jul 2024 06:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6990
Expires: Sun, 28 Jul 2024 00:32:59 GMT
Date: Sat, 27 Jul 2024 22:36:29 GMT
Connection: keep-alive

GET ssl.p.jwpcdn.com/6/11/jwplayer.js

151.101.130.114

25 kB

URL GET
ssl.p.jwpcdn.com/6/11/jwplayer.js
IP
151.101.130.114:0
ASN
#54113 FASTLY

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerGlobalSign nv-sa
Subject*.jwplayer.com
FingerprintEB:7D:6F:C0:96:2F:66:35:5C:60:21:FF:31:D2:7A:D1:4F:C7:CF:96
ValidityTue, 02 Jul 2024 18:10:25 GMT - Sun, 03 Aug 2025 18:10:24 GMT

File type
JavaScript source, ASCII text, with very long lines (1160)
Size
25 kB (24829 bytes)
Hash
0529b2abc1e42b6739b9daa410de76eb
6c1e77f43caf36281ca02c2ae07fdbbbf277a627
c1170b83dab1a0d7b672925cc3883b8ab6560240ac09a605860f060b61aa022e

HTTP Headers

GET /6/11/jwplayer.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nofile.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Mon, 22 Jun 2015 14:09:42 GMT
etag: "0529b2abc1e42b6739b9daa410de76eb"
content-type: text/plain
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sat, 27 Jul 2024 22:36:30 GMT
via: 1.1 varnish
age: 365
x-served-by: cache-hel1410027-HEL
x-cache: HIT
x-cache-hits: 1
x-timer: S1722119790.021547,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 24829
X-Firefox-Spdy: h2

GET d1u5ibtsigyagv.cloudfront.net/?tbiud=958756

54.230.241.217

200 OK

69 kB

URL GET HTTP/2
d1u5ibtsigyagv.cloudfront.net/?tbiud=958756
IP
54.230.241.217:443
ASN
#16509 AMAZON-02

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (15945)
Size
69 kB (69340 bytes)
Hash
6d56e51ff105777f986ad1149eefd802
07318162a6b67153ae48fabe766c721c40c12c27
fb40b2bbcd7e7742aa03aac3408ac3919afc5c88a66a01795be4302f873eebbb

HTTP Headers

GET /?tbiud=958756 HTTP/1.1
Host: d1u5ibtsigyagv.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nofile.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 69340
date: Sat, 27 Jul 2024 22:36:20 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9ay64Vr9IAYiKBSrQIN7uFgLDdG-AfTfkSkWrApT-r0GvlUDsPp-UQ==
age: 10
X-Firefox-Spdy: h2

GET rawcdn.githack.com/grevory/bootstrap-file-input/2b38ec89c615045f6df6f98732fc189f310e394b/bootstrap.file-input.js

104.21.234.231

200 OK

2.0 kB

URL GET HTTP/2
rawcdn.githack.com/grevory/bootstrap-file-input/2b38ec89c615045f6df6f98732fc189f310e394b/bootstrap.file-input.js
IP
104.21.234.231:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerGoogle Trust Services
Subjectgithack.com
Fingerprint81:A1:1E:C4:CE:89:1F:C2:7A:D2:AD:43:87:E4:AF:9E:6E:D9:71:97
ValidityThu, 27 Jun 2024 11:49:53 GMT - Wed, 25 Sep 2024 11:49:52 GMT

File type
JavaScript source, ASCII text
Size
2.0 kB (1956 bytes)
Hash
ff43197a8b7f0aee9eadaa54b7084e04
3ddf3a440456fb7f9dfdd0f29d75b1d8c3bbf28a
8aca2158ffba4d335017abc99fa87b343dd130da12869ffa9a4d180f0366a016

HTTP Headers

GET /grevory/bootstrap-file-input/2b38ec89c615045f6df6f98732fc189f310e394b/bootstrap.file-input.js HTTP/1.1
Host: rawcdn.githack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nofile.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 Jul 2024 22:36:30 GMT
content-type: application/javascript; charset=utf-8
content-length: 1956
etag: W/"f03b0647e61d80b13ea762c046dab403f07e9da731fefd014862e7f87fab7802"
x-content-type-options: nosniff
x-github-request-id: 1282:0E60:4B7481:5044CC:65DB07A0
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-hel1410027-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1708853153.983835,VS0,VE212
vary: Authorization,Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
x-fastly-request-id: dc6625838b775c5de4bf14c4b082321951b82a01
source-age: 0
expires: Mon, 24 Feb 2025 14:52:08 GMT
cache-control: max-age=31536000, public, immutable
x-robots-tag: none
access-control-allow-origin: *
x-githack-cache-status: STALE
cf-cache-status: HIT
age: 10988850
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7POwHE8qLOsqTOZOnRGNp1gLJnVejnK8AUMNE8yHsjngKwTZYg9E2gJtQhjVjkA9LPPEUFSrRiHBC5xH6tktOlBxvz%2FAqoe5Q4qvsExiLQzuiOSrtOFYRcPv1RK4cUIisNnWY70%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aa01bcfcc09719c-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET malsup.github.io/jquery.form.js

185.199.109.153

200 OK

12 kB

URL GET HTTP/2
malsup.github.io/jquery.form.js
IP
185.199.109.153:443
ASN
#54113 FASTLY

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerDigiCert Inc
Subject*.github.io
Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28
ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
12 kB (12365 bytes)
Hash
08a24670beb2eae7ef79a6d5ac23874b
eca8a1978457941622833130e92b9b274e2b3a36
3a16fd80d67008f1c947cf93ebb20e2af2ed1a6317e194d35ed15046076c4211

HTTP Headers

GET /jquery.form.js HTTP/1.1
Host: malsup.github.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nofile.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Tue, 17 Oct 2023 01:04:50 GMT
access-control-allow-origin: *
etag: W/"652dddb2-ab74"
expires: Thu, 25 Jul 2024 03:07:38 GMT
cache-control: max-age=600
content-encoding: gzip
x-hosts-log-append: pages_hosts_ips:{ [1] = 10.0.18.189,[2] = 10.0.3.165,[3] = 10.0.34.187,}
x-proxy-cache: HIT
x-github-request-id: E876:3E4DF9:11BB452:124786B:66A1BF5A
accept-ranges: bytes
date: Sat, 27 Jul 2024 22:36:30 GMT
via: 1.1 varnish
age: 543
x-served-by: cache-hel1410025-HEL
x-cache: HIT
x-cache-hits: 7
x-timer: S1722119790.080664,VS0,VE0
vary: Accept-Encoding
x-fastly-request-id: 2945e270ba25bd65cf571cdd8955782763f14538
content-length: 12365
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.67

472 B

URL
o.pki.goog/wr2
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
aa415caf3697de24046a03ea827ed913
b8a639f90d545b5d48173cd5afbd160864da60ee
ae451a7da80c434ab007e5bceae84b5a132a2948bd1613f339cc8faead1e09a8

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 Jul 2024 22:36:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

142.250.74.106

200 OK

33 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint05:EB:36:6C:36:86:24:74:94:BB:40:A9:5B:70:D4:0B:D6:3D:9E:39
ValidityMon, 01 Jul 2024 07:31:02 GMT - Mon, 23 Sep 2024 07:31:01 GMT

File type
JavaScript source, ASCII text, with very long lines (32086)
Size
33 kB (33434 bytes)
Hash
8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

HTTP Headers

GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nofile.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Jul 2024 20:44:28 GMT
expires: Thu, 24 Jul 2025 20:44:28 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 265922
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.67

472 B

URL
o.pki.goog/wr2
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
aa415caf3697de24046a03ea827ed913
b8a639f90d545b5d48173cd5afbd160864da60ee
ae451a7da80c434ab007e5bceae84b5a132a2948bd1613f339cc8faead1e09a8

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 Jul 2024 22:36:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET ssl.p.jwpcdn.com/6/11/jwpsrv.js

151.101.130.114

200 OK

7.3 kB

URL GET HTTP/2
ssl.p.jwpcdn.com/6/11/jwpsrv.js
IP
151.101.130.114:443
ASN
#54113 FASTLY

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerGlobalSign nv-sa
Subject*.jwplayer.com
FingerprintEB:7D:6F:C0:96:2F:66:35:5C:60:21:FF:31:D2:7A:D1:4F:C7:CF:96
ValidityTue, 02 Jul 2024 18:10:25 GMT - Sun, 03 Aug 2025 18:10:24 GMT

File type
JavaScript source, ASCII text, with very long lines (19092), with no line terminators
Size
7.3 kB (7297 bytes)
Hash
4e18a2b8e1355456b70e8d9687d81dd4
de74359bb38893ec08d52e883138383b37a91ba3
ccc2823ad12a8cbdfce2bf08af6e7ae645b568b0b85bab0c8b4c068a568f97df

HTTP Headers

GET /6/11/jwpsrv.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nofile.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 12 Feb 2016 02:28:44 GMT
etag: "4e18a2b8e1355456b70e8d9687d81dd4"
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sat, 27 Jul 2024 22:36:30 GMT
via: 1.1 varnish
age: 709
x-served-by: cache-hel1410027-HEL
x-cache: HIT
x-cache-hits: 1149
x-timer: S1722119790.338715,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 7297
X-Firefox-Spdy: h2

GET maxcdn.bootstrapcdn.com/bootstrap/3.2.0/fonts/glyphicons-halflings-regular.woff

104.18.10.207

200 OK

23 kB

URL GET HTTP/3
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/fonts/glyphicons-halflings-regular.woff
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerGoogle Trust Services
Subjectbootstrapcdn.com
FingerprintBE:14:2A:D4:32:CD:FF:FE:ED:79:48:4F:5C:7B:C4:52:09:C8:58:96
ValidityTue, 23 Jul 2024 01:50:30 GMT - Mon, 21 Oct 2024 01:50:29 GMT

File type
Web Open Font Format, TrueType, length 23320, version 1.0
Size
23 kB (23320 bytes)
Hash
68ed1dac06bf0409c18ae7bc62889170
22037a3455914e5662fa51a596677bdb329e2c5c
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

HTTP Headers

GET /bootstrap/3.2.0/fonts/glyphicons-halflings-regular.woff HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nofile.org
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 Jul 2024 22:36:30 GMT
content-type: font/woff
content-length: 23320
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "68ed1dac06bf0409c18ae7bc62889170"
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
cdn-cachedat: 08/20/2022 02:40:02
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 865
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 9abd12c54571a83fc35840e5d32f0f61
cdn-cache: HIT
cf-cache-status: HIT
age: 3843477
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8aa01bd20ccf56bb-OSL
alt-svc: h3=":443"; ma=86400

GET ssl.p.jwpcdn.com/6/11/jwplayer.html5.js

151.101.130.114

66 kB

URL GET
ssl.p.jwpcdn.com/6/11/jwplayer.html5.js
IP
151.101.130.114:0
ASN
#54113 FASTLY

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerGlobalSign nv-sa
Subject*.jwplayer.com
FingerprintEB:7D:6F:C0:96:2F:66:35:5C:60:21:FF:31:D2:7A:D1:4F:C7:CF:96
ValidityTue, 02 Jul 2024 18:10:25 GMT - Sun, 03 Aug 2025 18:10:24 GMT

File type
JavaScript source, ASCII text, with very long lines (12528)
Size
66 kB (66189 bytes)
Hash
502a17cd6e1801aa6e245e8fc79ab7c3
172393829cc71a154d01f7d4c364b6e72bd71d08
4c255c929b42b4e498b958177f68595cd2c833e4768e58e3b7b3a20449aa1e45

HTTP Headers

GET /6/11/jwplayer.html5.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nofile.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 22 Jun 2015 14:09:42 GMT
etag: "502a17cd6e1801aa6e245e8fc79ab7c3"
content-type: text/plain
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sat, 27 Jul 2024 22:36:30 GMT
via: 1.1 varnish
age: 734
x-served-by: cache-hel1410027-HEL
x-cache: HIT
x-cache-hits: 2
x-timer: S1722119791.549367,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 66189
X-Firefox-Spdy: h2

GET rkskillsombineukd.com/SXdLUWsoFSg8VChKKXceOxt2dFkPUnkXD3gCfjgJPQQiNhIoED1/CCUYPjUNOxglJUUnEj90WQ8jEgYTBiATHCgIDgp0WQ8jCQQtAhoZGj0PJX4zLh8/AxUccTEdJigAI3MwLxgbLB8MDDAYODo4PwppCCoNHgYlGkZ8GS95Jw0AIjoxHRMgBh4GCTMPDyQfOQAnCGIlbEUNFwxxJyhjAx82CjYYEzIvGSwNQ3kWLT4TBRImLDYzCF8CJhoJOCMEfwUMPjMFFSovMxpgGSgNHQQ6J0JzAD0PMgU8AwolDWkmLzINAyoKFHgTAyU9LRYABSAdPjkrRy8UMz5aM2k6HzIuHiMxNgIXPX0Tex8iGi8zIS0IJhsbPxMgHigbcRYeGzkRP3IhOiIlLjcBcRYOJgAmOSwlLhEQIzY5HE4oMCgxOB4QTSMEJD8bdBsuBSp8MgU/EgUCLWA

54.240.174.98

200 OK

1.2 kB

URL GET HTTP/2
rkskillsombineukd.com/SXdLUWsoFSg8VChKKXceOxt2dFkPUnkXD3gCfjgJPQQiNhIoED1/CCUYPjUNOxglJUUnEj90WQ8jEgYTBiATHCgIDgp0WQ8jCQQtAhoZGj0PJX4zLh8/AxUccTEdJigAI3MwLxgbLB8MDDAYODo4PwppCCoNHgYlGkZ8GS95Jw0AIjoxHRMgBh4GCTMPDyQfOQAnCGIlbEUNFwxxJyhjAx82CjYYEzIvGSwNQ3kWLT4TBRImLDYzCF8CJhoJOCMEfwUMPjMFFSovMxpgGSgNHQQ6J0JzAD0PMgU8AwolDWkmLzINAyoKFHgTAyU9LRYABSAdPjkrRy8UMz5aM2k6HzIuHiMxNgIXPX0Tex8iGi8zIS0IJhsbPxMgHigbcRYeGzkRP3IhOiIlLjcBcRYOJgAmOSwlLhEQIzY5HE4oMCgxOB4QTSMEJD8bdBsuBSp8MgU/EgUCLWA
IP
54.240.174.98:443
ASN
#16509 AMAZON-02

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerAmazon
Subjectrkskillsombineukd.com
Fingerprint84:C4:7A:DE:AD:29:0D:C4:83:BD:C9:43:00:C8:1D:81:87:DE:8D:0D
ValidityTue, 18 Jun 2024 00:00:00 GMT - Thu, 17 Jul 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3042), with no line terminators
Size
1.2 kB (1196 bytes)
Hash
ff8187c798123d1f441703801b4e040e
491de1d188c98e8dc7c354769d34c6740dabacbd
a32a17bf592ecdfdd8c029ca44cc0a5b38b1d5dc26eda38f327bc24d732a9d3d

HTTP Headers

GET /SXdLUWsoFSg8VChKKXceOxt2dFkPUnkXD3gCfjgJPQQiNhIoED1/CCUYPjUNOxglJUUnEj90WQ8jEgYTBiATHCgIDgp0WQ8jCQQtAhoZGj0PJX4zLh8/AxUccTEdJigAI3MwLxgbLB8MDDAYODo4PwppCCoNHgYlGkZ8GS95Jw0AIjoxHRMgBh4GCTMPDyQfOQAnCGIlbEUNFwxxJyhjAx82CjYYEzIvGSwNQ3kWLT4TBRImLDYzCF8CJhoJOCMEfwUMPjMFFSovMxpgGSgNHQQ6J0JzAD0PMgU8AwolDWkmLzINAyoKFHgTAyU9LRYABSAdPjkrRy8UMz5aM2k6HzIuHiMxNgIXPX0Tex8iGi8zIS0IJhsbPxMgHigbcRYeGzkRP3IhOiIlLjcBcRYOJgAmOSwlLhEQIzY5HE4oMCgxOB4QTSMEJD8bdBsuBSp8MgU/EgUCLWA HTTP/1.1
Host: rkskillsombineukd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nofile.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1196
date: Sat, 27 Jul 2024 22:36:30 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rPih2Ohi97EkLOHMxUlOWutmWXF0lbIq2dcwerq_ZEK9CX64pqa4ZQ==
X-Firefox-Spdy: h2

GET hyistkechaukrguke.com/eDlUWGNXBjcrXjZDPAwuMHQRGzQLcAUJWzZjBQIhOmgWNiEtVnIsChwEbW1bTwxifhMRXWlpRQtNNSwWCwRlfgoWXztlRQ4EZXZQTBdnbk1MHyFlUl5NJDkERQhyKBcMVWlpVEoLZWlaTwBkbFNB

172.67.189.231

204 No Content

0 B

URL GET HTTP/2
hyistkechaukrguke.com/eDlUWGNXBjcrXjZDPAwuMHQRGzQLcAUJWzZjBQIhOmgWNiEtVnIsChwEbW1bTwxifhMRXWlpRQtNNSwWCwRlfgoWXztlRQ4EZXZQTBdnbk1MHyFlUl5NJDkERQhyKBcMVWlpVEoLZWlaTwBkbFNB
IP
172.67.189.231:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerLet's Encrypt
Subjecthyistkechaukrguke.com
FingerprintC9:E2:67:2F:C1:92:FB:F0:E9:8A:9A:62:6C:16:5C:2E:73:52:D3:B7
ValidityThu, 30 May 2024 12:20:13 GMT - Wed, 28 Aug 2024 12:20:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /eDlUWGNXBjcrXjZDPAwuMHQRGzQLcAUJWzZjBQIhOmgWNiEtVnIsChwEbW1bTwxifhMRXWlpRQtNNSwWCwRlfgoWXztlRQ4EZXZQTBdnbk1MHyFlUl5NJDkERQhyKBcMVWlpVEoLZWlaTwBkbFNB HTTP/1.1
Host: hyistkechaukrguke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nofile.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 27 Jul 2024 22:36:30 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CC7TP5SUU3sV19n2AVlspiAo1NevuJ6QkSX1oqiLsCXuhiyAFsmXXhtGtqDGePdXpogIr4HT7AgQQJgUagE7OsRazIOiEio0Sn8Ugah11eIbyp4fWSVkKCqFlt6Cn2INlRKa3MjRUPs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aa01bd25a9056b1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css

104.18.10.207

200 OK

22 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerGoogle Trust Services
Subjectbootstrapcdn.com
FingerprintBE:14:2A:D4:32:CD:FF:FE:ED:79:48:4F:5C:7B:C4:52:09:C8:58:96
ValidityTue, 23 Jul 2024 01:50:30 GMT - Mon, 21 Oct 2024 01:50:29 GMT

File type
ASCII text, with very long lines (65371)
Size
22 kB (21833 bytes)
Hash
385b964b68acb68d23cb43a5218fade9
58a360d7ef24d8d05737db1712dd5c086597e862
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732

HTTP Headers

GET /bootstrap/3.2.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nofile.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 Jul 2024 22:36:29 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"385b964b68acb68d23cb43a5218fade9"
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
cdn-cachedat: 03/18/2024 12:56:56
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1055
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 86f17a78549de5598d31afa7193d2cd9
cdn-cache: HIT
cf-cache-status: HIT
age: 3854504
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8aa01bcf5a12b518-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET nofile.org/libs/ie10-viewport-bug-workaround.js

172.67.139.39

200 OK

388 B

URL GET HTTP/3
nofile.org/libs/ie10-viewport-bug-workaround.js
IP
172.67.139.39:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerGoogle Trust Services
Subjectnofile.org
FingerprintEC:5F:F0:0A:7B:D2:5C:75:B2:41:C8:2F:16:DB:70:01:09:45:BF:19
ValidityWed, 12 Jun 2024 04:40:29 GMT - Tue, 10 Sep 2024 04:40:28 GMT

File type
JavaScript source, ASCII text
Size
388 B (388 bytes)
Hash
36ceac21142b5547f3a64680ac32dd44
d2eeabb9a4011e5355b6f8b358de77fcabfb5876
55e8b904ad883620452aba4c984b3d489d13078645db0da58647e50ed7e83e24

HTTP Headers

GET /libs/ie10-viewport-bug-workaround.js HTTP/1.1
Host: nofile.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nofile.org/v/0c2dd7
Cookie: PHPSESSID=es29jc7eph8f5jscvdsvrm82st
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 Jul 2024 22:36:29 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 21 Mar 2024 04:34:17 GMT
etag: W/"2b5-6142438610ba6"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 1636
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iW%2Fc02elzUAUOqjgjdsSiW9NtBGFZnblZ3x0%2BlFXeIwnhgTx2q2uWaSWcyB5x0iAmM5p3tncP8fPHtWwW6aZrfXOOpnbr1v1fKS%2FogblEfjPy1xakT1nnPXwbAM6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8aa01bcf3d3256c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

o.pki.goog/wr2

142.250.74.67

471 B

URL
o.pki.goog/wr2
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1cff8c8187db0a29f1879c4c100ce6de
290e49493694248232327c22dedcdb98cb8205b6
1adb5e067c06c932b22316e949587408fa528a74e1b627b81852e80ae0b8f86d

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 Jul 2024 22:36:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r10.o.lencr.org/

23.33.119.27

504 B

URL
r10.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
9a7aa74598eea5bc84f07fc2318a2e3c
5de3cab9a17f1d5becc592a7e890fdf7270f6f68
b91855e23d5499619d9f797b60209740f0c9b5c3514d0939124ac1afa6b577bf

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "B91855E23D5499619D9F797B60209740F0C9B5C3514D0939124AC1AFA6B577BF"
Last-Modified: Sat, 27 Jul 2024 06:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11558
Expires: Sun, 28 Jul 2024 01:49:08 GMT
Date: Sat, 27 Jul 2024 22:36:30 GMT
Connection: keep-alive

GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

74.125.205.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
74.125.205.84:443
ASN
#15169 GOOGLE

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintC7:B5:1D:39:6A:EF:62:C1:4B:8E:27:0C:FC:B1:21:C1:F7:C3:99:FB
ValidityMon, 01 Jul 2024 07:34:55 GMT - Mon, 23 Sep 2024 07:34:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nofile.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:HhwuqW1qrFdxFDWydxdITUZJgJ8fLQ:zIwX9Sb1QJ16LlBH; Expires=Mon, 27-Jul-2026 22:36:30 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 Jul 2024 22:36:30 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AdF4I76SIcaLC10o7XzjJbPhwhpy4voaQzEfAbB8AuudBLmUuSfsgc-7Q6usKXuEKQkNeSF9SIjGJQ
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'nonce-RPcW9Uw1LHCqRph8mwhX0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.33.119.27

504 B

URL
r10.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
9a7aa74598eea5bc84f07fc2318a2e3c
5de3cab9a17f1d5becc592a7e890fdf7270f6f68
b91855e23d5499619d9f797b60209740f0c9b5c3514d0939124ac1afa6b577bf

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "B91855E23D5499619D9F797B60209740F0C9B5C3514D0939124AC1AFA6B577BF"
Last-Modified: Sat, 27 Jul 2024 06:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11558
Expires: Sun, 28 Jul 2024 01:49:08 GMT
Date: Sat, 27 Jul 2024 22:36:30 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.27

504 B

URL
r10.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
9a7aa74598eea5bc84f07fc2318a2e3c
5de3cab9a17f1d5becc592a7e890fdf7270f6f68
b91855e23d5499619d9f797b60209740f0c9b5c3514d0939124ac1afa6b577bf

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "B91855E23D5499619D9F797B60209740F0C9B5C3514D0939124AC1AFA6B577BF"
Last-Modified: Sat, 27 Jul 2024 06:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11558
Expires: Sun, 28 Jul 2024 01:49:08 GMT
Date: Sat, 27 Jul 2024 22:36:30 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.27

504 B

URL
r10.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
9a7aa74598eea5bc84f07fc2318a2e3c
5de3cab9a17f1d5becc592a7e890fdf7270f6f68
b91855e23d5499619d9f797b60209740f0c9b5c3514d0939124ac1afa6b577bf

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "B91855E23D5499619D9F797B60209740F0C9B5C3514D0939124AC1AFA6B577BF"
Last-Modified: Sat, 27 Jul 2024 06:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11558
Expires: Sun, 28 Jul 2024 01:49:08 GMT
Date: Sat, 27 Jul 2024 22:36:30 GMT
Connection: keep-alive

o.pki.goog/wr2

142.250.74.67

471 B

URL
o.pki.goog/wr2
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1cff8c8187db0a29f1879c4c100ce6de
290e49493694248232327c22dedcdb98cb8205b6
1adb5e067c06c932b22316e949587408fa528a74e1b627b81852e80ae0b8f86d

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 Jul 2024 22:36:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET static.addtoany.com/menu/svg/icons/facebook_messenger.js

104.22.70.197

200 OK

246 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/facebook_messenger.js
IP
104.22.70.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint14:B4:2D:C0:D8:5C:4D:D7:2B:F4:D6:6A:73:75:EA:82:45:76:84:EA
ValidityFri, 21 Jun 2024 09:05:07 GMT - Thu, 19 Sep 2024 09:05:06 GMT

File type
ASCII text, with very long lines (377), with no line terminators
Size
246 B (246 bytes)
Hash
343f07ed0eba2eac4b6168f910356a92
824b0a6b38a723309895aa82470316dac9fdd233
9b0725996689167816d5e5cff57ebee596e1fd353e96cbcdfa8f816a9228a678

HTTP Headers

GET /menu/svg/icons/facebook_messenger.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nofile.org
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 Jul 2024 22:36:30 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"f483bc9dc6e969b7039e6a0cc1b8a62c"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yqRNUlzV%2BUmYMuky3S9Ytt6pTKpeKIjKkCm2NOmi%2BCbxaAjfZi%2BrtjJGsJGXKjDO6K%2B2KAAabRcNGP%2B1GzyqePjF1tI4PZqYJAXMqY0GTOOGdyfiA09gEIJfNgD%2BZqrfEquVRhaoZHWjURJa2hZqoirA"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4512
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8aa01bd30f619308-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AdF4I76SIcaLC10o7XzjJbPhwhpy4voaQzEfAbB8AuudBLmUuSfsgc-7Q6usKXuEKQkNeSF9SIjGJQ

74.125.205.84

302 Found

419 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AdF4I76SIcaLC10o7XzjJbPhwhpy4voaQzEfAbB8AuudBLmUuSfsgc-7Q6usKXuEKQkNeSF9SIjGJQ
IP
74.125.205.84:443
ASN
#15169 GOOGLE

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintC7:B5:1D:39:6A:EF:62:C1:4B:8E:27:0C:FC:B1:21:C1:F7:C3:99:FB
ValidityMon, 01 Jul 2024 07:34:55 GMT - Mon, 23 Sep 2024 07:34:54 GMT

File type
HTML document, ASCII text, with very long lines (391)
Size
419 B (419 bytes)
Hash
9dabc612d77376394bd3f9aa68f4f3a0
2374ccef7ebafef1d1fc86a7f1892280a137cbeb
f9e44bb7d6dbd3e733e4556ec637fbb88efd5130b9ea14e5815d95192c9cf41e

HTTP Headers

GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AdF4I76SIcaLC10o7XzjJbPhwhpy4voaQzEfAbB8AuudBLmUuSfsgc-7Q6usKXuEKQkNeSF9SIjGJQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nofile.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:8nWA9WVGJHfScGMPmllX9AkQQvGy1g:4YBXEFb7tUTsBlgw;Path=/;Expires=Mon, 27-Jul-2026 22:36:30 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 Jul 2024 22:36:30 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AdF4I76PkjFjPNnZ0urLOWkgrBEIpspLPq8DTdVYoXrXjTsTY-dv6Xk-G9-DPmerEfxSvwucEoULoQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2059971807%3A1722119790958131&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-7o1L2DsvD-3mXs_zISXyZQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 419
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AdF4I77R6J01auwulCz3Fqrxyivn4RMRIZSrX-bCrvIp7vt0A1-sBWsJ4RdBusmLtXf_TjrdNfugtw

74.125.205.84

302 Found

420 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AdF4I77R6J01auwulCz3Fqrxyivn4RMRIZSrX-bCrvIp7vt0A1-sBWsJ4RdBusmLtXf_TjrdNfugtw
IP
74.125.205.84:443
ASN
#15169 GOOGLE

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintC7:B5:1D:39:6A:EF:62:C1:4B:8E:27:0C:FC:B1:21:C1:F7:C3:99:FB
ValidityMon, 01 Jul 2024 07:34:55 GMT - Mon, 23 Sep 2024 07:34:54 GMT

File type
HTML document, ASCII text, with very long lines (392)
Size
420 B (420 bytes)
Hash
e9f2c145fcfcb5111c0c405ed45c3283
1e1bc2c7e0db9fbf7628002762017a953a79821a
57d05491aec7bb8f98ceea6a2aefa699faf53cc7a5677e0f3075b69bf2aa224c

HTTP Headers

GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AdF4I77R6J01auwulCz3Fqrxyivn4RMRIZSrX-bCrvIp7vt0A1-sBWsJ4RdBusmLtXf_TjrdNfugtw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nofile.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:iXsqy-Arhag37zKdhFA0WVNEzHtjxw:6t6ZsgNvjawY-tlE;Path=/;Expires=Mon, 27-Jul-2026 22:36:30 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 Jul 2024 22:36:31 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AdF4I76xkf7GJ5X839PHNSY6R5CqsXVzAYL79e1Wm7Q26CclsgJnvgplimoFMTz7SqJyBg7iH6Cp&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-952713596%3A1722119791004146&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-jnvaul1rSxkIeKjqc9JaVQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 420
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET ad.a-ads.com/1430973?size=300x250

148.251.1.246

200 OK

6.1 kB

URL GET HTTP/2
ad.a-ads.com/1430973?size=300x250
IP
148.251.1.246:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6
ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (11039)
Size
6.1 kB (6108 bytes)
Hash
8b6a56115cd988691164f3e43e0055dd
7951ce2500d4ad80bc22d4db3f5944863933c07e
71ff3d6891114743c511737da445b3af3534d735fd0215ad9f8f3029ef04383f

HTTP Headers

GET /1430973?size=300x250 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nofile.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 27 Jul 2024 22:36:30 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://nofile.org/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.67

472 B

URL
o.pki.goog/wr2
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ab402d3ba3b6a14caeba895d89742372
ce9a8d14b1dc215011c79288ed68de4bb0112ea7
ca539cec345a8887f6b0dfd8f237f1c5f1c76046609c1c6840d869aaff59d333

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 Jul 2024 22:36:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

d1u5ibtsigyagv.cloudfront.net/7Y3Bic2oAHwwVVRcZBk5TVkhVRl1FABAWDF4eDRUDDxVMHBgEVggABQ0AXwETJDwJNj9QRSc5P0UEGBdXU1YOEgQETUQWBABNU1ULBxJfR0wWEV8eBRkZDh8LRkIkRkRTVVBDQhtBU1ZZIVVQQwYKHhcLT1FAGktcPEZWVlkhVVBDGBVVUTJTVV5SWk9RQA-UWCQgfR0EsUUBTQ1pSQFNWWFMWCwEPBR8aVlglSVRdWkUFX0I

54.230.241.217

194 B

URL
d1u5ibtsigyagv.cloudfront.net/7Y3Bic2oAHwwVVRcZBk5TVkhVRl1FABAWDF4eDRUDDxVMHBgEVggABQ0AXwETJDwJNj9QRSc5P0UEGBdXU1YOEgQETUQWBABNU1ULBxJfR0wWEV8eBRkZDh8LRkIkRkRTVVBDQhtBU1ZZIVVQQwYKHhcLT1FAGktcPEZWVlkhVVBDGBVVUTJTVV5SWk9RQA-UWCQgfR0EsUUBTQ1pSQFNWWFMWCwEPBR8aVlglSVRdWkUFX0I
IP
54.230.241.217:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
194 B (194 bytes)
Hash
0d09f61d04c2c94b7ffbe60ac9326c6b
ec4f9f8a863ed678fe6a3cea205f3a30b393a193
cf42fcd658122c8fd9451b00fe180b19c92aa3071c7ab5a946a2ef3e8e2888c2

HTTP Headers

GET /7Y3Bic2oAHwwVVRcZBk5TVkhVRl1FABAWDF4eDRUDDxVMHBgEVggABQ0AXwETJDwJNj9QRSc5P0UEGBdXU1YOEgQETUQWBABNU1ULBxJfR0wWEV8eBRkZDh8LRkIkRkRTVVBDQhtBU1ZZIVVQQwYKHhcLT1FAGktcPEZWVlkhVVBDGBVVUTJTVV5SWk9RQA-UWCQgfR0EsUUBTQ1pSQFNWWFMWCwEPBR8aVlglSVRdWkUFX0I HTTP/1.1
Host: d1u5ibtsigyagv.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getrunkhomuto.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 194
date: Sat, 27 Jul 2024 22:36:31 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: M1AZFpJv20QCDXIfLi-lbocBQHwilxz0OwC8DJjNMWWXJOhbDJ6a7g==
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.67

471 B

URL
o.pki.goog/wr2
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c7d1e94b7932a8c815f6085c75f084ff
6e7e880a0203d1224bbd70e7687b672a1064389e
8181e97b5f1ee6a081caa4ed931d15bfdbe4fe871791581ca9f7284292661150

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 Jul 2024 22:36:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AdF4I76xkf7GJ5X839PHNSY6R5CqsXVzAYL79e1Wm7Q26CclsgJnvgplimoFMTz7SqJyBg7iH6Cp&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-952713596%3A1722119791004146&ddm=0

74.125.205.84

403 Forbidden

1.3 kB

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AdF4I76xkf7GJ5X839PHNSY6R5CqsXVzAYL79e1Wm7Q26CclsgJnvgplimoFMTz7SqJyBg7iH6Cp&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-952713596%3A1722119791004146&ddm=0
IP
74.125.205.84:443
ASN
#15169 GOOGLE

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint0E:B6:5C:7B:0B:AC:B5:AF:1F:DF:47:14:61:B7:0D:4C:41:6F:47:53
ValidityMon, 01 Jul 2024 06:35:43 GMT - Mon, 23 Sep 2024 06:35:42 GMT

File type
gzip compressed data, max compression
Size
1.3 kB (1278 bytes)
Hash
3063a1bbadb15de81106711ea072d33d
e8e0edaba2c2cd461deb5ebfee5ee76eb0c573b3
99e0ac24e1736dba8f1e083235dcf8a01e2a24e17e30216dc98da2d2bc816d9b

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AdF4I76xkf7GJ5X839PHNSY6R5CqsXVzAYL79e1Wm7Q26CclsgJnvgplimoFMTz7SqJyBg7iH6Cp&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-952713596%3A1722119791004146&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nofile.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 Jul 2024 22:36:31 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: script-src 'nonce-Q2jHe0szQRBfNYLpsge9ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/main_light_binary.js https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/main_light_binary.js https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.5_pF0xwhc8s.es5.O/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

216.58.207.227

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ad.a-ads.com/1430973?size=300x250
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint7C:32:9F:9C:78:5C:00:05:2B:B3:0F:CD:46:FF:78:83:BC:E3:DE:79
ValidityMon, 01 Jul 2024 07:30:56 GMT - Mon, 23 Sep 2024 07:30:55 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ad.a-ads.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Jul 2024 19:09:42 GMT
expires: Thu, 24 Jul 2025 19:09:42 GMT
cache-control: public, max-age=31536000
age: 271609
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AdF4I76PkjFjPNnZ0urLOWkgrBEIpspLPq8DTdVYoXrXjTsTY-dv6Xk-G9-DPmerEfxSvwucEoULoQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2059971807%3A1722119790958131&ddm=0

74.125.205.84

403 Forbidden

48 kB

URL GET HTTP/2
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AdF4I76PkjFjPNnZ0urLOWkgrBEIpspLPq8DTdVYoXrXjTsTY-dv6Xk-G9-DPmerEfxSvwucEoULoQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2059971807%3A1722119790958131&ddm=0
IP
74.125.205.84:443
ASN
#15169 GOOGLE

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintC7:B5:1D:39:6A:EF:62:C1:4B:8E:27:0C:FC:B1:21:C1:F7:C3:99:FB
ValidityMon, 01 Jul 2024 07:34:55 GMT - Mon, 23 Sep 2024 07:34:54 GMT

File type
gzip compressed data, max compression
Size
48 kB (47508 bytes)
Hash
e76a22aa7e9728cb5d2978a720d8a519
8d467e41305d05d9a1ca47550960f11074cee36d
f6f50418a96692ea667ebba5a9c351420c456c2da0635b080e4948c230cb09c4

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AdF4I76PkjFjPNnZ0urLOWkgrBEIpspLPq8DTdVYoXrXjTsTY-dv6Xk-G9-DPmerEfxSvwucEoULoQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2059971807%3A1722119790958131&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nofile.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 Jul 2024 22:36:31 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-UUQMykntGGdp6Za8hqtfmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/main_light_binary.js https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/main_light_binary.js https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.5_pF0xwhc8s.es5.O/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.67

471 B

URL
o.pki.goog/wr2
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c7d1e94b7932a8c815f6085c75f084ff
6e7e880a0203d1224bbd70e7687b672a1064389e
8181e97b5f1ee6a081caa4ed931d15bfdbe4fe871791581ca9f7284292661150

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 Jul 2024 22:36:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET hyistkechaukrguke.com/popunder.gif

172.67.189.231

58 B

URL GET
hyistkechaukrguke.com/popunder.gif
IP
172.67.189.231:0
ASN
#13335 CLOUDFLARENET

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerLet's Encrypt
Subjecthyistkechaukrguke.com
FingerprintC9:E2:67:2F:C1:92:FB:F0:E9:8A:9A:62:6C:16:5C:2E:73:52:D3:B7
ValidityThu, 30 May 2024 12:20:13 GMT - Wed, 28 Aug 2024 12:20:12 GMT

File type
GIF image data, version 89a, 1 x 1
Size
58 B (58 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: hyistkechaukrguke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nofile.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 Jul 2024 22:36:31 GMT
content-type: image/gif
content-length: 58
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
content-encoding: gzip
cf-cache-status: HIT
age: 119551
last-modified: Fri, 26 Jul 2024 13:24:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UE4ZQw7W5ndaqh%2F9kr0Jr3yq6LgRT4j3OIBAnQ5gxXy5yTGX8FrHPdonO7Fad%2FfAmOrLp3R3nRuJCvqnuhA4M%2Bm%2FPVEdgry9aNhw%2BUjEwAxpvE%2FWd8S2aH6y5pltiYcjw8GMUWKgREE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8aa01bd8ca8056bf-OSL
alt-svc: h3=":443"; ma=86400

GET jwpltx.com/v1/jwplayer6/ping.gif?tv=1.1.0&n=9518731303130767&aid=_&e=e&i=0&ifd=0&pv=6.11.4923&m=1&d=1&t=&ed=0&ph=0&ps=4&fv=&pl=624&wd=1108&sdk=0&emi=b3dhgb825qi0&pli=0v8vyqb5anhl&mu=https%3A%2F%2Fnofile.org%2Fp%2F0c2dd7%2F6d4525d707895103d26a0a6b80a9b81c%2Fpreview.mp4&eb=0&pu=https%3A%2F%2Fnofile.org%2Fv%2F0c2dd7&id=&pt=IuJyuujuJJJuu%20mp4

143.204.55.22

204 No Content

0 B

URL GET HTTP/2
jwpltx.com/v1/jwplayer6/ping.gif?tv=1.1.0&n=9518731303130767&aid=_&e=e&i=0&ifd=0&pv=6.11.4923&m=1&d=1&t=&ed=0&ph=0&ps=4&fv=&pl=624&wd=1108&sdk=0&emi=b3dhgb825qi0&pli=0v8vyqb5anhl&mu=https%3A%2F%2Fnofile.org%2Fp%2F0c2dd7%2F6d4525d707895103d26a0a6b80a9b81c%2Fpreview.mp4&eb=0&pu=https%3A%2F%2Fnofile.org%2Fv%2F0c2dd7&id=&pt=IuJyuujuJJJuu%20mp4
IP
143.204.55.22:443
ASN
#16509 AMAZON-02

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerAmazon
Subjectjwpltx.com
Fingerprint08:F2:27:E1:0C:A3:8D:CD:35:18:A0:B0:21:C0:81:21:CA:75:F4:4F
ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v1/jwplayer6/ping.gif?tv=1.1.0&n=9518731303130767&aid=_&e=e&i=0&ifd=0&pv=6.11.4923&m=1&d=1&t=&ed=0&ph=0&ps=4&fv=&pl=624&wd=1108&sdk=0&emi=b3dhgb825qi0&pli=0v8vyqb5anhl&mu=https%3A%2F%2Fnofile.org%2Fp%2F0c2dd7%2F6d4525d707895103d26a0a6b80a9b81c%2Fpreview.mp4&eb=0&pu=https%3A%2F%2Fnofile.org%2Fv%2F0c2dd7&id=&pt=IuJyuujuJJJuu%20mp4 HTTP/1.1
Host: jwpltx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nofile.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 27 Jul 2024 22:36:31 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xaTe5TdVim_reGFbv2VHuu0ZClqY1URs7DQmMqRBQDPrZl3fkQd0YA==
X-Firefox-Spdy: h2

GET static.addtoany.com/menu/svg/icons/twitter.js

104.22.70.197

200 OK

6.6 kB

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/twitter.js
IP
104.22.70.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint14:B4:2D:C0:D8:5C:4D:D7:2B:F4:D6:6A:73:75:EA:82:45:76:84:EA
ValidityFri, 21 Jun 2024 09:05:07 GMT - Thu, 19 Sep 2024 09:05:06 GMT

File type
ASCII text, with very long lines (645), with no line terminators
Size
6.6 kB (6592 bytes)
Hash
ca05cf90bd32d6134c0b92464c343f9a
187feb5cc71d225717838268487a0abc9b8d405c
3003867b66a32c12fdafeefc27cf06d906e5a99ba275550ab757f4bb04834636

HTTP Headers

GET /menu/svg/icons/twitter.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nofile.org
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 Jul 2024 22:36:30 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"af2b829f9b79fabec7c0148a8b7e444b"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AsrVJAWdzlBM6ziswPABuldxWDyN4uaHnJ0ivEeh7iT6qVEpt2FhqaQKiaOc9M9IpiMfjW7SIDybixixM9UpApp2uZSA6nHAKlRL%2BCIZTO9k2iPTTHoik4aPZ5QtI9B6vjT%2BSYc7GATQoeXNaFVdjtPb"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4512
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8aa01bd30f589308-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET getrunkhomuto.info/NUFKWk1UIyk3clR8KHw4Ry13f39zZHgcKQQ0fzMvQTIjPTRUJjx0LlkuPz4rRy4kLmNbJD5/f3N2E2kPXCJ4NQx9Nj0MG2ciEBgmABUcMSVjEyZrC3QDCw0Jc3UvHh9gBQ4iG3gJCD0IYyYtGw9kcQsCOnAVAB46fw8gYxxnEilvHQUUDx0PURkfaxR6BC0LCGEUGw0PdAMED3xgDQgiB1MTei0acBdyPw9nKhAeJQ0NGDEEXhMhCBljFwgeHF01CA98bxsDDBtkED0DBn0pKRYZBAcLHSZBIhofF2IXJjElYxcIHgp3FxwPGX8VHAx4ZhYhYx9kAGcPGnYQLTwfBQQ5Dxh3FRtrPWYQDBQaYgcHDQ5CBBoYHw0gHDYqWRIcCCliKh8cFQUIbDA+Wi86Zz9MBgYxCGByfx8HYA

143.204.55.8

200 OK

3.0 kB

URL GET HTTP/2
getrunkhomuto.info/NUFKWk1UIyk3clR8KHw4Ry13f39zZHgcKQQ0fzMvQTIjPTRUJjx0LlkuPz4rRy4kLmNbJD5/f3N2E2kPXCJ4NQx9Nj0MG2ciEBgmABUcMSVjEyZrC3QDCw0Jc3UvHh9gBQ4iG3gJCD0IYyYtGw9kcQsCOnAVAB46fw8gYxxnEilvHQUUDx0PURkfaxR6BC0LCGEUGw0PdAMED3xgDQgiB1MTei0acBdyPw9nKhAeJQ0NGDEEXhMhCBljFwgeHF01CA98bxsDDBtkED0DBn0pKRYZBAcLHSZBIhofF2IXJjElYxcIHgp3FxwPGX8VHAx4ZhYhYx9kAGcPGnYQLTwfBQQ5Dxh3FRtrPWYQDBQaYgcHDQ5CBBoYHw0gHDYqWRIcCCliKh8cFQUIbDA+Wi86Zz9MBgYxCGByfx8HYA
IP
143.204.55.8:443
ASN
#16509 AMAZON-02

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerAmazon
Subjectgetrunkhomuto.info
Fingerprint07:6C:15:28:EC:56:65:DE:8C:55:1C:BF:A5:DB:7B:96:8F:38:56:0E
ValidityMon, 01 Apr 2024 00:00:00 GMT - Wed, 30 Apr 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3044), with no line terminators
Size
3.0 kB (3018 bytes)
Hash
07219aa13f3d8e4e9cdfb415d4e24dcf
e3ab11dc35df3af4d2bcdc6244eeb3d779d8e611
2934ae7a7ce83a814cc97055ff1f231af9770d08c500382b825eb5d8b165ad04

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /NUFKWk1UIyk3clR8KHw4Ry13f39zZHgcKQQ0fzMvQTIjPTRUJjx0LlkuPz4rRy4kLmNbJD5/f3N2E2kPXCJ4NQx9Nj0MG2ciEBgmABUcMSVjEyZrC3QDCw0Jc3UvHh9gBQ4iG3gJCD0IYyYtGw9kcQsCOnAVAB46fw8gYxxnEilvHQUUDx0PURkfaxR6BC0LCGEUGw0PdAMED3xgDQgiB1MTei0acBdyPw9nKhAeJQ0NGDEEXhMhCBljFwgeHF01CA98bxsDDBtkED0DBn0pKRYZBAcLHSZBIhofF2IXJjElYxcIHgp3FxwPGX8VHAx4ZhYhYx9kAGcPGnYQLTwfBQQ5Dxh3FRtrPWYQDBQaYgcHDQ5CBBoYHw0gHDYqWRIcCCliKh8cFQUIbDA+Wi86Zz9MBgYxCGByfx8HYA HTTP/1.1
Host: getrunkhomuto.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nofile.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1169
date: Sat, 27 Jul 2024 22:36:30 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DuS0NNDwF-M6gboY-vyE9OW8dZBxIzatygWYsQNGIelIyn5tAV_yDA==
X-Firefox-Spdy: h2

GET static.addtoany.com/menu/svg/icons/facebook.js

104.22.70.197

200 OK

429 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/facebook.js
IP
104.22.70.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint14:B4:2D:C0:D8:5C:4D:D7:2B:F4:D6:6A:73:75:EA:82:45:76:84:EA
ValidityFri, 21 Jun 2024 09:05:07 GMT - Thu, 19 Sep 2024 09:05:06 GMT

File type
ASCII text, with very long lines (439), with no line terminators
Size
429 B (429 bytes)
Hash
874e1638740e061f9fa55eda3180724c
108a7e30fa0f7d50b961845ec970a2745f3c821f
d1bf990d09417220fcb615079a569e0a403c75beef0eac536e5976b7751c0370

HTTP Headers

GET /menu/svg/icons/facebook.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nofile.org
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 Jul 2024 22:36:30 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"68925fa8e347041c6006837e73c518bc"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7GDWawFfQww%2B2QtdXgWjw72yDbx8p5XkZ%2BbAZQK3sg31sCQzOUSJvFQPT0rMFiq4%2FjGN50Cd2a1JLXmw1Rnjk5elqFu0qbn5q7TDvN4vsRIWmCCc2RpbtNPUrxszFTqJpUQkjQzhHHHUZnC5qCwF7DuF"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4512
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8aa01bd2ff539308-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET pogothere.xyz/

172.67.220.203

200 OK

27 B

URL GET HTTP/2
pogothere.xyz/
IP
172.67.220.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerGoogle Trust Services
Subjectpogothere.xyz
Fingerprint07:B6:9C:F9:CF:D9:C8:A6:57:9C:E3:13:F4:CD:43:4A:94:CE:06:6A
ValidityTue, 23 Jul 2024 05:27:01 GMT - Mon, 21 Oct 2024 05:27:00 GMT

File type
ASCII text, with no line terminators
Size
27 B (27 bytes)
Hash
dc157d127ff32b5e40b93d4e512f2eae
d612229e214043ef60f506ad88cb37d5dba27c16
529f5fb3ddce322b1d14b7bd5c14785aa83c64b8ebd1300ad0dd83c3d46affed

HTTP Headers

GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nofile.org/
Origin: https://nofile.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 Jul 2024 22:36:30 GMT
content-type: text/plain
set-cookie: csu=2211380301976324@1@1722119790; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://nofile.org
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X3KiYpXQnKmw4XK%2B6taHovjenDoFXE0WELEZQZEjdzluimwWojOMq6IVYKcFQzmuzhfPoIr0srOO41Xnx61qrcWnVMJRQLRL2nlv5tfjc4pqcGMW12hIx1FgWMgyH9CL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aa01bd4df8bb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET nofile.org/libs/panel-search.js

172.67.139.39

200 OK

306 B

URL GET HTTP/3
nofile.org/libs/panel-search.js
IP
172.67.139.39:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerGoogle Trust Services
Subjectnofile.org
FingerprintEC:5F:F0:0A:7B:D2:5C:75:B2:41:C8:2F:16:DB:70:01:09:45:BF:19
ValidityWed, 12 Jun 2024 04:40:29 GMT - Tue, 10 Sep 2024 04:40:28 GMT

File type
JavaScript source, ASCII text, with very long lines (319), with no line terminators
Size
306 B (306 bytes)
Hash
d10aa98773c8394e2fca5c2beaa617e1
2d66fc7df27154ab78b87ea85a0194181371f569
145be92bab45c45b72b4f0190f043480fc30c77393fdfe71783582cec6c14f69

HTTP Headers

GET /libs/panel-search.js HTTP/1.1
Host: nofile.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nofile.org/v/0c2dd7
Cookie: PHPSESSID=es29jc7eph8f5jscvdsvrm82st
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 Jul 2024 22:36:29 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 21 Mar 2024 04:34:17 GMT
etag: W/"132-6142438645f36"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 1636
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DocqATKZDjg5I0bKSBgHQFT0%2BGItJuCVkDVsoth%2Bbjt0yMxYApHU8nGochX5Kl0d3PPOehgFpmS8TVLfz2wLbu%2FwP0Q%2FCN%2FWC6RxzTZpuwc3Kx%2BUyqKDDmrmY220"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8aa01bcf5d4b56c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET static.addtoany.com/menu/sm.25.html

104.22.70.197

200 OK

716 B

URL GET HTTP/3
static.addtoany.com/menu/sm.25.html
IP
104.22.70.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint14:B4:2D:C0:D8:5C:4D:D7:2B:F4:D6:6A:73:75:EA:82:45:76:84:EA
ValidityFri, 21 Jun 2024 09:05:07 GMT - Thu, 19 Sep 2024 09:05:06 GMT

File type
HTML document, ASCII text, with very long lines (744), with no line terminators
Size
716 B (716 bytes)
Hash
c3c97893ca5c74e7504aa4ec474ea41b
cdccb12d7e73682e0e807107243ede7d5e14c962
b79f65e9ffe3bad9bd9cdcffed0758430f7eb1a630c368dc173eecdeb2821f00

HTTP Headers

GET /menu/sm.25.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nofile.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 Jul 2024 22:36:30 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wvqsqJtKXVyXEfK3DC%2FfCJY9wAq6SkvLoDvCA2KFbcdpkeje8c91xQzxUECuUFT29mc08yNj96p6pZes%2BLr8guUtwuH8sw4nslf7t80fWvMMRLk5Mo%2BBystpD8Edy%2FJ87MsTU3ULq2F6SL9N2AgCI3N2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 22867
last-modified: Sat, 27 Jul 2024 16:15:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8aa01bd1de8d9308-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET static.addtoany.com/menu/svg/icons/whatsapp.js

104.22.70.197

200 OK

1.1 kB

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/whatsapp.js
IP
104.22.70.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint14:B4:2D:C0:D8:5C:4D:D7:2B:F4:D6:6A:73:75:EA:82:45:76:84:EA
ValidityFri, 21 Jun 2024 09:05:07 GMT - Thu, 19 Sep 2024 09:05:06 GMT

File type
ASCII text, with very long lines (1122), with no line terminators
Size
1.1 kB (1108 bytes)
Hash
d822c46f36a55fdbfcc5029e62e19937
c575da68fa99eeb33863f281395755cbf20004d4
062ec1f7c3acea435122961b771eb2e4d136a3e870b17d3e811413f5aa78ed3e

HTTP Headers

GET /menu/svg/icons/whatsapp.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nofile.org
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 Jul 2024 22:36:30 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"83af4df8173e43227812296bb8542dcf"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w5QgMfpExbkMN0u6UDJNAnamsr2LZekOVN88L6SGJyD6uwsILM0Wl9zfgy%2BOScP70%2BkdShndnKLkWKZJjXfIBCb8D3RHeZ4BlVTPyfJasf3pHXCPVGXwhd3TEsmvIxVhdR7%2BCbVwSiu1jihuuYLBu6Qa"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4512
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8aa01bd30f5d9308-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET static.addtoany.com/menu/page.js

104.22.70.197

200 OK

3.1 kB

URL GET HTTP/2
static.addtoany.com/menu/page.js
IP
104.22.70.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint14:B4:2D:C0:D8:5C:4D:D7:2B:F4:D6:6A:73:75:EA:82:45:76:84:EA
ValidityFri, 21 Jun 2024 09:05:07 GMT - Thu, 19 Sep 2024 09:05:06 GMT

File type
JavaScript source, ASCII text, with very long lines (3233), with no line terminators
Size
3.1 kB (3102 bytes)
Hash
fc1776530d7690ccbc3315ff0113f7a8
95978ebe7a824ded62f683a8c0430d530d1816ed
9db355faf58edd90723c1a0d8864033c81a0d0fefccdb16b8c2ee9b39bba9c45

HTTP Headers

GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nofile.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 Jul 2024 22:36:30 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"3b1eac2bad1254b5d88c9f99d5f79d65"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VdGrNUSCz7ShJSD%2BuzImKa43peO52OZnf53ica%2BYJljUlWi5rPArrN3gXKrAhCOvn8CLwnPFxZ35b0mUyO0poSNo7iBqPxPysEKR1fBBPCNZXRDH%2BR429943W1vwneVmgI8hKhbb"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 25972
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8aa01bcffc9c1d0a-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET static.addtoany.com/menu/modules/core.D0Uc7kY6.js

104.22.70.197

200 OK

71 kB

URL GET HTTP/3
static.addtoany.com/menu/modules/core.D0Uc7kY6.js
IP
104.22.70.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint14:B4:2D:C0:D8:5C:4D:D7:2B:F4:D6:6A:73:75:EA:82:45:76:84:EA
ValidityFri, 21 Jun 2024 09:05:07 GMT - Thu, 19 Sep 2024 09:05:06 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
71 kB (71398 bytes)
Hash
4c62aecc026617eea577f89b2340ce8c
cbfd9cf6455f136a142ced83c59559cb63b8dc8c
d07ac60d7d494f8688e4844d51b988f6a2f95b5e9435880e628eb8966e091382

HTTP Headers

GET /menu/modules/core.D0Uc7kY6.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nofile.org
DNT: 1
Connection: keep-alive
Referer: https://nofile.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 Jul 2024 22:36:30 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-bgj: minify
etag: W/"6fea96ea56ee4fff557b8776f9c8c3a6"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KBUcd3beKq5lYzdF1Mw9hGFYp8p0tZxnVsqJIkij%2BVOMwTlsPQNQ7GFuLUFq4xaV9OizjE63F1ubhLqaNLifVFb8SV%2FaBQC3uXSxJIxyf4ANU%2BzLgGG%2BhCSXz%2By2AcxDb856PqOKx1Exh%2Bz%2F9Ab%2FTBg9"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19178
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8aa01bd1de909308-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET static.addtoany.com/menu/svg/icons/wechat.js

104.22.70.197

200 OK

1.2 kB

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/wechat.js
IP
104.22.70.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint14:B4:2D:C0:D8:5C:4D:D7:2B:F4:D6:6A:73:75:EA:82:45:76:84:EA
ValidityFri, 21 Jun 2024 09:05:07 GMT - Thu, 19 Sep 2024 09:05:06 GMT

File type
ASCII text, with very long lines (1205), with no line terminators
Size
1.2 kB (1193 bytes)
Hash
755d9c16bf7f2dded6abe9550ceea337
a07ff499164fc3d5f0b29361fb584e8d24d8be06
deb2100907b47d2baca0e7885c209205c9572e67ea4f8f7f19536888530e28c6

HTTP Headers

GET /menu/svg/icons/wechat.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nofile.org
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 Jul 2024 22:36:30 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"9c881a24f86ad7f3784640135b65b7a0"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UrAr%2BOMwRGZYQLHcaeXrKWxQtRvH5BK7uFoD2NBMBYWxUg0OyvNDHrUR%2F3CFzPFzR2BcnsQuyzE9HSaiJHxzPQ%2BYdxaARgNaSNBrGlCRnFYwWRzBx5HX84aPVjSOVq7reDIIqcVb3P6IR8gtUKG%2FCJMT"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4512
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8aa01bd30f629308-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET www.hcaptcha.com/1/api.js

104.19.230.21

200 OK

390 kB

URL GET HTTP/2
www.hcaptcha.com/1/api.js
IP
104.19.230.21:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerGoogle Trust Services
Subjecthcaptcha.com
Fingerprint33:9C:F7:07:CF:EB:C3:FB:6B:EE:F2:6E:BC:2C:34:61:A4:16:49:FB
ValidityWed, 10 Jul 2024 22:55:08 GMT - Tue, 08 Oct 2024 22:55:07 GMT

File type

Size
390 kB (389551 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1/api.js HTTP/1.1
Host: www.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nofile.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 Jul 2024 22:36:30 GMT
content-type: application/javascript
cf-ray: 8aa01bcf6d20b505-OSL
cf-cache-status: HIT
age: 0
cache-control: max-age=300
etag: W/"b28638edf126bf22d652b4f3432b0406"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Accept-Encoding
alt-svc: h3=":443"; ma=86400
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cross-origin-opener-policy: same-origin
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

GET nofile.org/v/0c2dd7

172.67.139.39

200 OK

5.5 kB

URL User Request GET HTTP/2
nofile.org/v/0c2dd7
IP
172.67.139.39:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectnofile.org
FingerprintEC:5F:F0:0A:7B:D2:5C:75:B2:41:C8:2F:16:DB:70:01:09:45:BF:19
ValidityWed, 12 Jun 2024 04:40:29 GMT - Tue, 10 Sep 2024 04:40:28 GMT

File type
HTML document, ASCII text, with very long lines (5963), with no line terminators
Size
5.5 kB (5536 bytes)
Hash
b37769178b44388ed22f7e3235b41f45
13e9aa8f3038e45838b48902d8f90825f9f7d7b9
b676652de3a7400331ba221ac22434e7cf24238e1b35846b736e5b1fff176158

HTTP Headers

GET /v/0c2dd7 HTTP/1.1
Host: nofile.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 Jul 2024 22:36:29 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/8.1.29
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=es29jc7eph8f5jscvdsvrm82st; path=/
strict-transport-security: max-age=31536000;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b4s1xZ4S8%2B3sY1GaXVB2Gxr9Tv%2Fevof%2B1e%2FdujZBkZ9bkopFJS%2BJWBrgJgNGarM7Bo7iNMIExVpixSYqkSKa5EU0Ww7DkivqyoJacLgP0wCzj8598HBkpOjw7cbj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aa01bca6a840b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

142.250.74.74

200 OK

4.8 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://ad.a-ads.com/1430973?size=300x250
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint05:EB:36:6C:36:86:24:74:94:BB:40:A9:5B:70:D4:0B:D6:3D:9E:39
ValidityMon, 01 Jul 2024 07:31:02 GMT - Mon, 23 Sep 2024 07:31:01 GMT

File type
ASCII text, with very long lines (4954), with no line terminators
Size
4.8 kB (4828 bytes)
Hash
e2b76956a2f401d42266e922a300fae3
5cb0f3ee8ad65388ed9575419d24c08e9a890b15
1081acb8e37966be8d88856aac1ec4aa5051600dfa001e82765114a15b397f6e

HTTP Headers

GET /css2?family=Inter:wght@400;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 27 Jul 2024 22:36:31 GMT
date: Sat, 27 Jul 2024 22:36:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js

104.18.10.207

200 OK

32 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerGoogle Trust Services
Subjectbootstrapcdn.com
FingerprintBE:14:2A:D4:32:CD:FF:FE:ED:79:48:4F:5C:7B:C4:52:09:C8:58:96
ValidityTue, 23 Jul 2024 01:50:30 GMT - Mon, 21 Oct 2024 01:50:29 GMT

File type
JavaScript source, ASCII text, with very long lines (31650)
Size
32 kB (31819 bytes)
Hash
abda843684d022f3bc22bc83927fe05f
26908395e7a9a4eab607d80aa50a81d65f3017cb
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

HTTP Headers

GET /bootstrap/3.2.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nofile.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 Jul 2024 22:36:30 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: gzip
etag: W/"abda843684d022f3bc22bc83927fe05f"
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
cdn-cachedat: 05/01/2023 21:10:53
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 874
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 58faf08cc82ef1a549ecd53f62ce3ac9
cdn-cache: HIT
cf-cache-status: HIT
age: 1950387
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8aa01bcf9a55b518-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET hyistkechaukrguke.com/RjR3TklpCxQ9dBJhIQQsLGJSfAslWkYACB5ERysMcnESfQNxZxAfbzJdE3NwcwxAe35gRB4qdHcMUT09J0ACPXR3Eh4gLykJUTh0dxpHYHtoAVE7dHcSAz4oIQlGaDkyQBtzeHEGRX94fwNOfn11BA

172.67.189.231

204 No Content

0 B

URL GET HTTP/2
hyistkechaukrguke.com/RjR3TklpCxQ9dBJhIQQsLGJSfAslWkYACB5ERysMcnESfQNxZxAfbzJdE3NwcwxAe35gRB4qdHcMUT09J0ACPXR3Eh4gLykJUTh0dxpHYHtoAVE7dHcSAz4oIQlGaDkyQBtzeHEGRX94fwNOfn11BA
IP
172.67.189.231:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerLet's Encrypt
Subjecthyistkechaukrguke.com
FingerprintC9:E2:67:2F:C1:92:FB:F0:E9:8A:9A:62:6C:16:5C:2E:73:52:D3:B7
ValidityThu, 30 May 2024 12:20:13 GMT - Wed, 28 Aug 2024 12:20:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /RjR3TklpCxQ9dBJhIQQsLGJSfAslWkYACB5ERysMcnESfQNxZxAfbzJdE3NwcwxAe35gRB4qdHcMUT09J0ACPXR3Eh4gLykJUTh0dxpHYHtoAVE7dHcSAz4oIQlGaDkyQBtzeHEGRX94fwNOfn11BA HTTP/1.1
Host: hyistkechaukrguke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nofile.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 27 Jul 2024 22:36:30 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FXkEUX3tDCSxpyGwbzcCElMm26OQ5qS%2B1cQqlyKYZ7j%2Ff%2BCG1O92no6Pg9a1QakSEOeiukDjJMpoewU3rKdSGIm6s3JWjXK9KfOKGq0MeZhnE358wuYaFWfyLjAeurnCUmlCmL2yKFk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aa01bd26aa656b1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET nofile.org/css/custom.css

172.67.139.39

200 OK

268 B

URL GET HTTP/3
nofile.org/css/custom.css
IP
172.67.139.39:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerGoogle Trust Services
Subjectnofile.org
FingerprintEC:5F:F0:0A:7B:D2:5C:75:B2:41:C8:2F:16:DB:70:01:09:45:BF:19
ValidityWed, 12 Jun 2024 04:40:29 GMT - Tue, 10 Sep 2024 04:40:28 GMT

File type
ASCII text, with no line terminators
Size
268 B (268 bytes)
Hash
63022e7a5a52fdbf3491d9ff0d17c2af
f76ea90a9b93f44b0c6189419ec1facff75dbe58
2d8d69ba61354a053dbf5a234aff0537342796b4ea235955c396d997dd5e4136

HTTP Headers

GET /css/custom.css HTTP/1.1
Host: nofile.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nofile.org/v/0c2dd7
Cookie: PHPSESSID=es29jc7eph8f5jscvdsvrm82st
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 Jul 2024 22:36:29 GMT
content-type: text/css
last-modified: Thu, 21 Mar 2024 04:34:10 GMT
etag: W/"10c-6142437f4a991"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 5218
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v5FzcAxZop4Jcd6zXNCCSPU2jlBduR7UVGu9jFawKpRyjQOXXXyDKTHsdgZttWhopLhndguNTbQEXBYmhFYjgYZDFP%2FiyBoOqPkNr4L1QE9kNw%2BuWiw8%2F43OTcvN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8aa01bcf2d2356c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET nofile.org/libs/custom-1.0.js

172.67.139.39

200 OK

1.4 kB

URL GET HTTP/3
nofile.org/libs/custom-1.0.js
IP
172.67.139.39:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerGoogle Trust Services
Subjectnofile.org
FingerprintEC:5F:F0:0A:7B:D2:5C:75:B2:41:C8:2F:16:DB:70:01:09:45:BF:19
ValidityWed, 12 Jun 2024 04:40:29 GMT - Tue, 10 Sep 2024 04:40:28 GMT

File type
JavaScript source, ASCII text, with very long lines (1514), with no line terminators
Size
1.4 kB (1365 bytes)
Hash
12c9483ad885022c34da23a832c3b28d
6fa9eef51fbbc9af756824345e3209a142e90808
edbad2fa5ffdd097b44a0573e0e4ba4ec265b2bb8073d24087a2a40ece86baf0

HTTP Headers

GET /libs/custom-1.0.js HTTP/1.1
Host: nofile.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nofile.org/v/0c2dd7
Cookie: PHPSESSID=es29jc7eph8f5jscvdsvrm82st
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 Jul 2024 22:36:29 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 21 Mar 2024 04:34:17 GMT
etag: W/"555-61424385de30e"
strict-transport-security: max-age=31536000;
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 1636
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ArwlruyL5iDQZdczh3XT3fFWMNxjv%2FnpopazQspw653%2F9PirpTU2ZG1TlBIz2hAWh0VPs4OW%2BS38F2J24DVRhhA8LVkZWHFJX%2FWA5ncTfkVCvBIIRaB%2Fcanvx89B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aa01bcf3d3556c0-OSL
alt-svc: h3=":443"; ma=86400

GET nofile.org/images/favicon.ico

172.67.139.39

200 OK

318 B

URL GET HTTP/3
nofile.org/images/favicon.ico
IP
172.67.139.39:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerGoogle Trust Services
Subjectnofile.org
FingerprintEC:5F:F0:0A:7B:D2:5C:75:B2:41:C8:2F:16:DB:70:01:09:45:BF:19
ValidityWed, 12 Jun 2024 04:40:29 GMT - Tue, 10 Sep 2024 04:40:28 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel
Size
318 B (318 bytes)
Hash
0eb6a3e58fb0f61f080bfd48d9be4a2d
669802179243bd9c47aae26d03090f5f8e40a015
3755ed10fae26af17e06f7ff740b9138c0f6b47b524d6bbbaae98f999433e1ea

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: nofile.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nofile.org/v/0c2dd7
Cookie: PHPSESSID=es29jc7eph8f5jscvdsvrm82st
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 Jul 2024 22:36:30 GMT
content-type: image/vnd.microsoft.icon
last-modified: Thu, 21 Mar 2024 04:34:11 GMT
etag: W/"13e-6142437ff82e8"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 5218
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xeLrck%2FXQCMUCsmAU122Xhc1ahPpptcPkaDb%2B%2BXWUBwfEoE9g11R0fF%2BizGHrGLukx9%2B6NOn%2F05eaOSkxsZTI5FKuHdSZA1Qqtn92TA5VfmVo%2BmfH29MMzVhKVD9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8aa01bd48bcb56c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

74.125.205.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
74.125.205.84:443
ASN
#15169 GOOGLE

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintC7:B5:1D:39:6A:EF:62:C1:4B:8E:27:0C:FC:B1:21:C1:F7:C3:99:FB
ValidityMon, 01 Jul 2024 07:34:55 GMT - Mon, 23 Sep 2024 07:34:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nofile.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:yJTGGiA-2dmOBY62Rr413deB9phK1A:htpMlbqUBKpMOpgE; Expires=Mon, 27-Jul-2026 22:36:30 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 Jul 2024 22:36:30 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AdF4I77R6J01auwulCz3Fqrxyivn4RMRIZSrX-bCrvIp7vt0A1-sBWsJ4RdBusmLtXf_TjrdNfugtw
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-M4LC8now8nDFeUzKracFXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET pogothere.xyz/asd100.bin

172.67.220.203

200 OK

102 kB

URL GET HTTP/2
pogothere.xyz/asd100.bin
IP
172.67.220.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nofile.org/v/0c2dd7
Certificate
IssuerGoogle Trust Services
Subjectpogothere.xyz
Fingerprint07:B6:9C:F9:CF:D9:C8:A6:57:9C:E3:13:F4:CD:43:4A:94:CE:06:6A
ValidityTue, 23 Jul 2024 05:27:01 GMT - Mon, 21 Oct 2024 05:27:00 GMT

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nofile.org/
Origin: https://nofile.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 Jul 2024 22:36:30 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://nofile.org
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 7041
last-modified: Sat, 27 Jul 2024 20:39:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lEPU%2Bd70DP4XjgFGtLwv42P6AkgBiQnYjpGlwgSBYAfyZV5wO3AJhkSDFsQVGsv8GY%2BU4nCALPQVB3RldxnzweQ0u7vt5NdTSRiLbrc8wO0nw0Mu%2FCYdBurQCeVbgKs4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8aa01bd4df83b50f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (41)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations