urlscan.io logo urlscan.io
SecurityTrails logo

xfiles.io Open in urlscan Pro
2606:4700:3030::681b:9ddf  Public Scan

Go To Rescan Add Verdict Report
URL: https://xfiles.io/wbjzja2zdfj4
Submission: On January 24 via manual from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 15 domains to perform 47 HTTP transactions. The main IP is 2606:4700:3030::681b:9ddf, located in United States and belongs to CLOUDFLARENET, US. The main domain is xfiles.io.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on September 17th 2019. Valid for: a year.
This is the only time xfiles.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 173.192.101.24 36351 (SOFTLAYER)
1 2600:9000:205... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 54.87.84.107 14618 (AMAZON-AES)
4 54.175.43.212 14618 (AMAZON-AES)
2 94.31.29.128 33438 (HIGHWINDS2)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 3 37.252.173.38 29990 (ASN-APPNEX)
9 104.16.80.65 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 23.111.9.35 33438 (HIGHWINDS2)
47 13
20    2606:4700:3030::681b:9ddf (United States)

ASN13335 (CLOUDFLARENET, US)
xfiles.io
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    173.192.101.24 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
p221722.clksite.com
mybestdc.com
1    2600:9000:2057:dc00:1a:a6:7f00:21 (United States)

ASN16509 (AMAZON-02, US)
dc5k8fg5ioc8s.cloudfront.net
1    2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET, US)
ajax.cloudflare.com
3    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    54.87.84.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-84-107.compute-1.amazonaws.com
shutternsbe.info
4    54.175.43.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-43-212.compute-1.amazonaws.com
gexampletebaptin.info
2    94.31.29.128 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.128.IPYX-077437-ZYO.above.net
p221722.mycdn.co
1    2606:4700:3037::681f:5ee2 (United States)

ASN13335 (CLOUDFLARENET, US)
gsafe.getawesome1.com
3    37.252.173.38 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
9    104.16.80.65 (United States)

ASN13335 (CLOUDFLARENET, US)
seriorladded.info
2    2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
use.fontawesome.com
Domain Requested by
20 xfiles.io xfiles.io
ajax.cloudflare.com
9 seriorladded.info xfiles.io
dc5k8fg5ioc8s.cloudfront.net
4 gexampletebaptin.info xfiles.io
dc5k8fg5ioc8s.cloudfront.net
3 secure.adnxs.com 3 redirects
3 fonts.gstatic.com xfiles.io
dc5k8fg5ioc8s.cloudfront.net
2 ssl.google-analytics.com xfiles.io
2 p221722.mycdn.co mybestdc.com
p221722.mycdn.co
1 use.fontawesome.com ajax.cloudflare.com
1 gsafe.getawesome1.com mybestdc.com
1 shutternsbe.info dc5k8fg5ioc8s.cloudfront.net
1 ajax.cloudflare.com xfiles.io
1 dc5k8fg5ioc8s.cloudfront.net xfiles.io
1 mybestdc.com xfiles.io
1 p221722.clksite.com 1 redirects
1 fonts.googleapis.com xfiles.io
47 15

This site contains no links.

Subject Issuer Validity Valid
xfiles.io
CloudFlare Inc ECC CA-2		 2019-09-17 -
2020-09-16		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
*.mybestdc.com
Sectigo RSA Domain Validation Secure Server CA		 2019-07-11 -
2020-07-21		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
*.google.com
GTS CA 1O1		 2019-12-20 -
2020-03-13		 3 months crt.sh
shutternsbe.info
Amazon		 2019-12-01 -
2021-01-01		 a year crt.sh
gexampletebaptin.info
Amazon		 2019-12-02 -
2021-01-02		 a year crt.sh
*.mycdn.co
Sectigo RSA Domain Validation Secure Server CA		 2019-10-10 -
2020-10-21		 a year crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-04-18 -
2020-04-18		 a year crt.sh
ssl827200.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-01-19 -
2020-07-27		 6 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2019-10-28 -
2020-12-23		 a year crt.sh

This page contains 2 frames:

Primary Page: https://xfiles.io/wbjzja2zdfj4
Frame ID: BD66E26417FDC0034196F9E57FA1E933
Requests: 46 HTTP requests in this frame

Frame: https://shutternsbe.info/eHRkcDEZFgcdDhlJBlZEChhZVQM+UVY2VRtBD0hXH0ENH1JAB0oTXRcBABZDFxoQXl8dAEFCd0siMwh+NkQHQnABNjYVcj0yLxdBXUYiKgBNQyYofwI2DkFoMycyInMWGFc5XUg4JSN8EicOAH8xRgwUUD4HCT9GDA4hI3hPMFc9diEgNTl9OQQeE0kfUVYyZjsMCzZYQSIqGXAwOggHVigxC0dnFhtQMUsqES8KWjYVEyVzITEuVQM6MQomXSo3Kid7PAMnP10fRDQlXUEQMzpfIDcAKnwCNSURRi5HKzEBDDEKJl05DlQjVS8hMRFGLkc+NkYqNgo9ei8ZSRNiHCMxPmETFxY9cwsGMiNGQDMjA3c5IyYWVCoYVCkBFEwmQgldRiYydQgVL0NzHTA2OgAiJSUeaTs+EyhfTSUtGmgwPTZFWCJFEwRpAiFSMWILJwAifxoQHBwCHUVdQ3BLPlMmeSEnACdkHjhVNVwyAzICcykyAygCEy4AN38zOxMAAyITCwJwOzoQJ18fJAcKYx4RNURdIRhRSGcrMgk0aRQgLQpzIhEDPVgaJUIaQhcaFE15NkQTQXROEBI
Frame ID: 3F5360C3FB97501A452A86717090EBBC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

47
Requests

100 %
HTTPS

50 %
IPv6

15
Domains

15
Subdomains

13
IPs

4
Countries

907 kB
Transfer

2251 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://p221722.clksite.com/adServe/banners?tid=IF1CUTURLS_DI HTTP 301
  • https://mybestdc.com/adServe/banners?tid=IF1CUTURLS_DI
Request Chain 30
  • https://secure.adnxs.com/getuid?https://seriorladded.info/s?a=$UID&b=979804280574 HTTP 302
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fseriorladded.info%2Fs%3Fa%3D%24UID%26b%3D979804280574 HTTP 302
  • https://seriorladded.info/s?a=7914595187397962684&b=979804280574
Request Chain 38
  • https://secure.adnxs.com/getuid?https://seriorladded.info/s?a=$UID&b=812971736663 HTTP 302
  • https://seriorladded.info/s?a=7914595187397962684&b=812971736663

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wbjzja2zdfj4
xfiles.io/ 		11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xfiles.io/wbjzja2zdfj4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9ddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25cf4ca6a8df96633a145839899309104288a7586e4582c274501e78dd79dd25

Request headers

:method
GET
:authority
xfiles.io
:scheme
https
:path
/wbjzja2zdfj4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
date
Fri, 24 Jan 2020 00:03:42 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=db69ed1752ac5f7e1021826af6eee4a791579824222; expires=Sun, 23-Feb-20 00:03:42 GMT; path=/; domain=.xfiles.io; HttpOnly; SameSite=Lax; Secure aff=344; domain=.xfiles.io; path=/; expires=Fri, 07-Feb-2020 00:03:42 GMT
expires
Thu, 23 Jan 2020 00:03:42 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
559dbeebb8aa63fb-FRA
content-encoding
br
bootstrap.min.css
xfiles.io/ds1/css/ 		118 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xfiles.io/ds1/css/bootstrap.min.css?v=12
Requested by
Host: xfiles.io
URL: https://xfiles.io/wbjzja2zdfj4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9ddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 00:03:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Aug 2019 23:23:58 GMT
server
cloudflare
age
4454
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=86400
cf-ray
559dbeec08d963fb-FRA
ie10-viewport-bug-workaround.css
xfiles.io/ds1/css/ 		269 B
302 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xfiles.io/ds1/css/ie10-viewport-bug-workaround.css
Requested by
Host: xfiles.io
URL: https://xfiles.io/wbjzja2zdfj4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9ddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f83b89879bd67291f47a08942da41a1923b585338da2338b982f3450dd3a119

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 00:03:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Aug 2019 23:23:58 GMT
server
cloudflare
age
4454
cf-polished
origSize=446
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=86400
cf-ray
559dbeec08da63fb-FRA
cf-bgj
minify
theme.css
xfiles.io/ds1/css/ 		37 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xfiles.io/ds1/css/theme.css
Requested by
Host: xfiles.io
URL: https://xfiles.io/wbjzja2zdfj4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9ddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dd998f651fa249fb1cb59ae3ef400fa6c588495611e3211f46bcfd1836dd78f

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 00:03:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 Dec 2019 00:23:46 GMT
server
cloudflare
age
4454
cf-polished
origSize=48038
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=86400
cf-ray
559dbeec08dc63fb-FRA
cf-bgj
minify
hsn_style.min.css
xfiles.io/ds1/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xfiles.io/ds1/css/hsn_style.min.css?v=0.2
Requested by
Host: xfiles.io
URL: https://xfiles.io/wbjzja2zdfj4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9ddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34b8b8e98fce879b3a37d7ea42a9983196be510bc75b31cb30ea79f766c356c7

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 00:03:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 Dec 2019 00:24:25 GMT
server
cloudflare
age
4454
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=86400
cf-ray
559dbeec08dd63fb-FRA
css
fonts.googleapis.com/ 		15 KB
910 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700,900
Requested by
Host: xfiles.io
URL: https://xfiles.io/wbjzja2zdfj4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a5713b2c65d0e78adf6c12912fa4dc012a929986c69fdb7ab62d21d30d55808d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 24 Jan 2020 00:03:42 GMT
server
ESF
access-control-allow-origin
*
date
Fri, 24 Jan 2020 00:03:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Fri, 24 Jan 2020 00:03:42 GMT
logo.png
xfiles.io/ds1/img/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xfiles.io/ds1/img/logo.png
Requested by
Host: xfiles.io
URL: https://xfiles.io/wbjzja2zdfj4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9ddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a64d555ca874b27a1b4b01d2dd313157a52348b2a0a30633bf380b158b5b3e97

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 00:03:42 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 29 Aug 2019 23:19:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
559dbeec08de63fb-FRA
content-length
18819
banners
mybestdc.com/adServe/
Redirect Chain
  • https://p221722.clksite.com/adServe/banners?tid=IF1CUTURLS_DI
  • https://mybestdc.com/adServe/banners?tid=IF1CUTURLS_DI
89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mybestdc.com/adServe/banners?tid=IF1CUTURLS_DI
Requested by
Host: xfiles.io
URL: https://xfiles.io/wbjzja2zdfj4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
18.65.c0ad.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
ff89bc47723eb688c6d27cc793a094449018842116623408600e6e0bccdc91ab

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jan 2020 00:03:42 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://mybestdc.com/adServe/banners?tid=IF1CUTURLS_DI
Date
Fri, 24 Jan 2020 00:03:42 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
178
Content-Type
text/html
/
dc5k8fg5ioc8s.cloudfront.net/ 		103 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=822524
Requested by
Host: xfiles.io
URL: https://xfiles.io/wbjzja2zdfj4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:dc00:1a:a6:7f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0c222ddc8fd7efe19bf5210874ba4b98989ad186c469e852ef1c830ff043831c

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jan 2020 00:03:42 GMT
content-encoding
gzip
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
status
200
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-origin
*
content-length
38339
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-amz-cf-id
14h74Jmv3UnGiROGPqH_koMme_IE5cZlip2UAI26bbeQ3F49ja-6rA==
paypal.png
xfiles.io/ds1/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xfiles.io/ds1/img/paypal.png
Requested by
Host: xfiles.io
URL: https://xfiles.io/wbjzja2zdfj4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9ddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a5b7b99f0230a0bdfbb581ba9edb677764366aaefe3d2e9a851f6b69fcc4d28

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 00:03:42 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 01 Aug 2019 23:23:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
559dbeec08e063fb-FRA
content-length
6454
bitcoin.png
xfiles.io/ds1/img/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xfiles.io/ds1/img/bitcoin.png
Requested by
Host: xfiles.io
URL: https://xfiles.io/wbjzja2zdfj4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9ddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8feccdd33378cf29777a5695b07f228130737c179374221879495316a4b44fe

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 00:03:42 GMT
cf-cache-status
HIT
last-modified
Thu, 01 Aug 2019 23:23:58 GMT
server
cloudflare
age
4454
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
559dbeec08e163fb-FRA
content-length
69686
payeer.png
xfiles.io/ds1/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xfiles.io/ds1/img/payeer.png
Requested by
Host: xfiles.io
URL: https://xfiles.io/wbjzja2zdfj4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9ddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31fe72fc1b1c82ccd66ccac2b318dda6ec259fe8cddce9f79645bd0947df5d4d

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 00:03:42 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 01 Aug 2019 23:23:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
559dbeec08e263fb-FRA
content-length
2655
western.png
xfiles.io/ds1/img/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xfiles.io/ds1/img/western.png
Requested by
Host: xfiles.io
URL: https://xfiles.io/wbjzja2zdfj4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9ddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfa6e74bf07f9a8df5f85cad8ee9d1d9dbb91c16ad0bc74408cad389fb6165b1

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 00:03:42 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 01 Aug 2019 23:23:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
559dbeec08e363fb-FRA
content-length
20493
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Requested by
Host: xfiles.io
URL: https://xfiles.io/wbjzja2zdfj4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 00:03:42 GMT
content-encoding
gzip
last-modified
Mon, 20 Jan 2020 14:26:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5e25b8a6-3016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
559dbeec0f3cdfb1-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Sun, 26 Jan 2020 00:03:42 GMT
JTURjIg1_i6t8kCHKm45_bZF3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v14/ 		46 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD-w.ttf
Requested by
Host: xfiles.io
URL: https://xfiles.io/wbjzja2zdfj4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56205168d373cb37b1870db837e74e2675593b7f930d00b2ff85c83bf886b484
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://xfiles.io/ds1/css/hsn_style.min.css?v=0.2
Origin
https://xfiles.io

Response headers

date
Fri, 17 Jan 2020 17:22:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
542490
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24405
x-xss-protection
0
last-modified
Tue, 23 Jul 2019 03:46:43 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Jan 2021 17:22:12 GMT
JTURjIg1_i6t8kCHKm45_ZpC3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v14/ 		45 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD-w.ttf
Requested by
Host: xfiles.io
URL: https://xfiles.io/wbjzja2zdfj4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4b0943e5312a5e2b4204d46f33b6f227a7fec6bb36c3ea712f1d99c05c999c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://xfiles.io/ds1/css/hsn_style.min.css?v=0.2
Origin
https://xfiles.io

Response headers

date
Wed, 22 Jan 2020 14:21:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121355
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24295
x-xss-protection
0
last-modified
Tue, 23 Jul 2019 03:46:34 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Jan 2021 14:21:07 GMT
JTUSjIg1_i6t8kCHKm459Wlhzg.ttf
fonts.gstatic.com/s/montserrat/v14/ 		45 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459Wlhzg.ttf
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=822524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07ae7cf9c7f3bfc4bc63842bb07e5846837c0071f8d96042de9d0f4a3cc997b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://xfiles.io/ds1/css/hsn_style.min.css?v=0.2
Origin
https://xfiles.io

Response headers

date
Fri, 17 Jan 2020 17:22:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
542496
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24251
x-xss-protection
0
last-modified
Tue, 23 Jul 2019 03:46:21 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Jan 2021 17:22:07 GMT
eHRkcDEZFgcdDhlJBlZEChhZVQM+UVY2VRtBD0hXH0ENH1JAB0oTXRcBABZDFxoQXl8dAEFCd0siMwh+NkQHQnABNjYVcj0yLxdBXUYiKgBNQyYofwI2DkFoMycyInMWGFc5XUg4JSN8EicOAH8xRgwUUD4HCT9GDA4hI3hPMFc9diEgNTl9OQQeE0kfUVYyZjsMC...
shutternsbe.info/ Frame 3F53 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://shutternsbe.info/eHRkcDEZFgcdDhlJBlZEChhZVQM+UVY2VRtBD0hXH0ENH1JAB0oTXRcBABZDFxoQXl8dAEFCd0siMwh+NkQHQnABNjYVcj0yLxdBXUYiKgBNQyYofwI2DkFoMycyInMWGFc5XUg4JSN8EicOAH8xRgwUUD4HCT9GDA4hI3hPMFc9diEgNTl9OQQeE0kfUVYyZjsMCzZYQSIqGXAwOggHVigxC0dnFhtQMUsqES8KWjYVEyVzITEuVQM6MQomXSo3Kid7PAMnP10fRDQlXUEQMzpfIDcAKnwCNSURRi5HKzEBDDEKJl05DlQjVS8hMRFGLkc+NkYqNgo9ei8ZSRNiHCMxPmETFxY9cwsGMiNGQDMjA3c5IyYWVCoYVCkBFEwmQgldRiYydQgVL0NzHTA2OgAiJSUeaTs+EyhfTSUtGmgwPTZFWCJFEwRpAiFSMWILJwAifxoQHBwCHUVdQ3BLPlMmeSEnACdkHjhVNVwyAzICcykyAygCEy4AN38zOxMAAyITCwJwOzoQJ18fJAcKYx4RNURdIRhRSGcrMgk0aRQgLQpzIhEDPVgaJUIaQhcaFE15NkQTQXROEBI
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=822524
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.84.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-84-107.compute-1.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash

Request headers

:method
GET
:authority
shutternsbe.info
:scheme
https
:path
/eHRkcDEZFgcdDhlJBlZEChhZVQM+UVY2VRtBD0hXH0ENH1JAB0oTXRcBABZDFxoQXl8dAEFCd0siMwh+NkQHQnABNjYVcj0yLxdBXUYiKgBNQyYofwI2DkFoMycyInMWGFc5XUg4JSN8EicOAH8xRgwUUD4HCT9GDA4hI3hPMFc9diEgNTl9OQQeE0kfUVYyZjsMCzZYQSIqGXAwOggHVigxC0dnFhtQMUsqES8KWjYVEyVzITEuVQM6MQomXSo3Kid7PAMnP10fRDQlXUEQMzpfIDcAKnwCNSURRi5HKzEBDDEKJl05DlQjVS8hMRFGLkc+NkYqNgo9ei8ZSRNiHCMxPmETFxY9cwsGMiNGQDMjA3c5IyYWVCoYVCkBFEwmQgldRiYydQgVL0NzHTA2OgAiJSUeaTs+EyhfTSUtGmgwPTZFWCJFEwRpAiFSMWILJwAifxoQHBwCHUVdQ3BLPlMmeSEnACdkHjhVNVwyAzICcykyAygCEy4AN38zOxMAAyITCwJwOzoQJ18fJAcKYx4RNURdIRhRSGcrMgk0aRQgLQpzIhEDPVgaJUIaQhcaFE15NkQTQXROEBI
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://xfiles.io/wbjzja2zdfj4
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://xfiles.io/wbjzja2zdfj4

Response headers

status
200
date
Fri, 24 Jan 2020 00:03:43 GMT
content-type
text/html
content-length
1260
server
openresty/1.15.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
content-encoding
gzip
ZG9yYldLUBERajApIC4FIV5LOwRQAT4qAlcKIQZyVik+NWcVJSpTb0IbGwZqXF1AV2VQSQILM1leVBEjBRsHEWpVSRsMMQtSVBRqVUFBVnlVX1xUcRAfEwVqVUkCFiMIUkNXYF1XQFZlVlxAV2E
gexampletebaptin.info/ 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gexampletebaptin.info/ZG9yYldLUBERajApIC4FIV5LOwRQAT4qAlcKIQZyVik+NWcVJSpTb0IbGwZqXF1AV2VQSQILM1leVBEjBRsHEWpVSRsMMQtSVBRqVUFBVnlVX1xUcRAfEwVqVUkCFiMIUkNXYF1XQFZlVlxAV2E
Requested by
Host: xfiles.io
URL: https://xfiles.io/wbjzja2zdfj4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.43.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-43-212.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
204
access-control-allow-origin
*
date
Fri, 24 Jan 2020 00:03:43 GMT
di_tag_95-4.js
p221722.mycdn.co/banners/script/ 		186 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p221722.mycdn.co/banners/script/di_tag_95-4.js
Requested by
Host: mybestdc.com
URL: https://mybestdc.com/adServe/banners?tid=IF1CUTURLS_DI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
60229cdfc1b3f4b7e635d832d7bddb60095f752858635dc9f697048d693a1a93

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 00:03:43 GMT
content-encoding
gzip
last-modified
Wed, 22 Jan 2020 12:24:53 GMT
server
NetDNA-cache/2.2
etag
W/"5e283f15-2e827"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
cache-control
max-age=31104000
expires
Mon, 18 Jan 2021 00:03:43 GMT
pubif-v2.min.js
gsafe.getawesome1.com/wim/static/wi/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gsafe.getawesome1.com/wim/static/wi/pubif-v2.min.js?dmn=xfiles.io&cln=IF1CUTURLS_DI&cb=1579824223281
Requested by
Host: mybestdc.com
URL: https://mybestdc.com/adServe/banners?tid=IF1CUTURLS_DI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681f:5ee2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a9d83e1f2629d0092c37407571118ec7eac91848ef1b786a8eacead7b80abe2

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 00:03:43 GMT
via
1.1 google
cf-cache-status
MISS
last-modified
Thu, 23 Jan 2020 14:23:53 GMT
server
cloudflare
access-control-allow-origin
*
etag
W/"5e29ac79-2883"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-encoding
br
cache-control
max-age=14400
cf-ray
559dbef3ea51beb0-FRA
expires
Fri, 24 Jan 2020 01:03:43 GMT
main.js
xfiles.io/ds1/js/ 		1 KB
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xfiles.io/ds1/js/main.js?v=7888
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9ddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d592b3088b054441aa648b1a756ce3743c4b4dcb82bd4d5ff0353be0a8a28472

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 00:03:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 30 Sep 2019 03:55:13 GMT
server
cloudflare
age
4455
cf-polished
origSize=1804
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=86400
cf-ray
559dbef38c8563fb-FRA
cf-bgj
minify
slick.min.js
xfiles.io/ds1/js/ 		42 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xfiles.io/ds1/js/slick.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9ddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 00:03:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Aug 2019 23:23:59 GMT
server
cloudflare
age
4455
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=86400
cf-ray
559dbef38c8663fb-FRA
countUp.min.js
xfiles.io/ds1/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xfiles.io/ds1/js/countUp.min.js?v=2
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9ddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4b3de1bf6a0b69c0c9bcade8cf33282447815561195ec7395e3cc1f3dc469a2

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 00:03:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Aug 2019 23:23:59 GMT
server
cloudflare
age
4455
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=86400
cf-ray
559dbef38c8863fb-FRA
feather.min.js
xfiles.io/ds1/js/ 		64 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xfiles.io/ds1/js/feather.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9ddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34eff09d3a94fa86b4f3e5af9cf391515e8e2caa3ebb6d7fe6ed13e5778ff8e0

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 00:03:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Aug 2019 23:23:59 GMT
server
cloudflare
age
4455
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=86400
cf-ray
559dbef38c8963fb-FRA
clipboard.min.js
xfiles.io/ds1/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xfiles.io/ds1/js/clipboard.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9ddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67c123eb92c5add45ce587c51234b10e51ab61fec36fa0b28180792b27f212e2

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 00:03:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Aug 2019 23:23:59 GMT
server
cloudflare
age
4455
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=86400
cf-ray
559dbef38c8a63fb-FRA
bootstrap.min.js
xfiles.io/ds1/js/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xfiles.io/ds1/js/bootstrap.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9ddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 00:03:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Aug 2019 23:23:59 GMT
server
cloudflare
age
4455
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=86400
cf-ray
559dbef38c8b63fb-FRA
paging.js
xfiles.io/ds1/js/ 		1020 B
510 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xfiles.io/ds1/js/paging.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9ddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bffe04c62e7b316cfc0b7db122d1e0a97a624f394946e3324d82c318115bb55

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 00:03:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Aug 2019 23:23:58 GMT
server
cloudflare
age
4455
cf-polished
origSize=1836
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=86400
cf-ray
559dbef38c8c63fb-FRA
cf-bgj
minify
jquery.cookie.js
xfiles.io/ds1/js/ 		2 KB
758 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xfiles.io/ds1/js/jquery.cookie.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9ddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64a7a0e3612b87d5088ceb8daf269c7cd96acfd33b2c380ebaaa43fe3d69553a

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 00:03:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Aug 2019 23:23:59 GMT
server
cloudflare
age
4455
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=86400
cf-ray
559dbef38c8d63fb-FRA
cf-bgj
minify
jquery.paging.js
xfiles.io/ds1/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xfiles.io/ds1/js/jquery.paging.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9ddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ff6be8f3b815dfa79d5ca2e915bd5c2d96bf3133c7b6dbc50f87849933bc818

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 00:03:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Aug 2019 23:23:59 GMT
server
cloudflare
age
4455
cf-polished
origSize=19365
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=86400
cf-ray
559dbef38c8e63fb-FRA
cf-bgj
minify
jquery-1.9.1.min.js
xfiles.io/ds1/js/ 		90 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xfiles.io/ds1/js/jquery-1.9.1.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9ddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 00:03:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Aug 2019 23:23:58 GMT
server
cloudflare
age
4455
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=86400
cf-ray
559dbef38c8f63fb-FRA
s
seriorladded.info/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://seriorladded.info/s?a=$UID&b=979804280574
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fseriorladded.info%2Fs%3Fa%3D%24UID%26b%3D979804280574
  • https://seriorladded.info/s?a=7914595187397962684&b=979804280574
43 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://seriorladded.info/s?a=7914595187397962684&b=979804280574
Requested by
Host: xfiles.io
URL: https://xfiles.io/wbjzja2zdfj4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 00:03:43 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
status
200
accept-ranges
bytes
cf-ray
559dbef49c76c83f-AMS
content-length
43

Redirect headers

Pragma
no-cache
Date
Fri, 24 Jan 2020 00:03:45 GMT
AN-X-Request-Uuid
8feb5400-2b04-4982-85e4-2ffb3ef7fefb
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://seriorladded.info/s?a=7914595187397962684&b=979804280574
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.210.217.118; 185.210.217.118; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.88:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
it-ui-comp-popunder-di.css
p221722.mycdn.co/uicomp/styles/dist/95-4/ 		2 KB
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p221722.mycdn.co/uicomp/styles/dist/95-4/it-ui-comp-popunder-di.css
Requested by
Host: p221722.mycdn.co
URL: https://p221722.mycdn.co/banners/script/di_tag_95-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
8e98c284e9f86fae454dd2ce326a275fde329a694b421e6edadf57b933d69f74

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 00:03:43 GMT
content-encoding
gzip
last-modified
Wed, 22 Jan 2020 12:25:00 GMT
server
NetDNA-cache/2.2
etag
W/"5e283f1c-65e"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
cache-control
max-age=31104000
expires
Mon, 18 Jan 2021 00:03:43 GMT
popunder.gif
gexampletebaptin.info/ 		35 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gexampletebaptin.info/popunder.gif
Requested by
Host: xfiles.io
URL: https://xfiles.io/wbjzja2zdfj4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.43.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-43-212.compute-1.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
public
date
Fri, 24 Jan 2020 00:03:43 GMT
content-encoding
gzip
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
public, max-age=604800, immutable
content-length
58
YURrSDROewg7CQUqDxJmNDwjGV4WKScdDDQlEhIRUwYteABVDiMwc0cwAiwJWXZZfQZVYhshUFx1TTtAADAeOwlXdk0hWgcrVm5CXHVFewBPdVtmAkcwGylTXHVNOEAVKFZ5AVZ9U3oAU3ZYfwNT
gexampletebaptin.info/ 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gexampletebaptin.info/YURrSDROewg7CQUqDxJmNDwjGV4WKScdDDQlEhIRUwYteABVDiMwc0cwAiwJWXZZfQZVYhshUFx1TTtAADAeOwlXdk0hWgcrVm5CXHVFewBPdVtmAkcwGylTXHVNOEAVKFZ5AVZ9U3oAU3ZYfwNT
Requested by
Host: xfiles.io
URL: https://xfiles.io/wbjzja2zdfj4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.43.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-43-212.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
204
access-control-allow-origin
*
date
Fri, 24 Jan 2020 00:03:43 GMT
GikzIx1PEwIjZVFVWXJqXUEbLjxUVk00LAgTHjRlXVVNLjYPCFZyaVhBHXppR1RfaWlZSV1hLBkGDHppTxcfMzRUVl5wYVFVX3VqWlBTcw
gexampletebaptin.info/a0dYaWdEeDsaWg8PHicxLiMeOyQMdBICVzghIg1WLRI/ 		0
57 B 		Other
General
Check archive.org
Download Go to
Full URL
https://gexampletebaptin.info/a0dYaWdEeDsaWg8PHicxLiMeOyQMdBICVzghIg1WLRI/GikzIx1PEwIjZVFVWXJqXUEbLjxUVk00LAgTHjRlXVVNLjYPCFZyaVhBHXppR1RfaWlZSV1hLBkGDHppTxcfMzRUVl5wYVFVX3VqWlBTcw
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=822524
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.43.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-43-212.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
Origin
https://xfiles.io
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

status
204
access-control-allow-origin
*
date
Fri, 24 Jan 2020 00:03:43 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: xfiles.io
URL: https://xfiles.io/wbjzja2zdfj4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
3282
date
Thu, 23 Jan 2020 23:09:01 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17168
expires
Fri, 24 Jan 2020 01:09:01 GMT
all.js
use.fontawesome.com/releases/v5.6.3/js/ 		1 MB
455 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/js/all.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
80f7935587fcf36206dc79d2b46332eca6ff6cc40a12ce09fe66efd02336d97e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://xfiles.io/wbjzja2zdfj4
Origin
https://xfiles.io

Response headers

date
Fri, 24 Jan 2020 00:03:43 GMT
content-encoding
gzip
last-modified
Thu, 20 Dec 2018 17:45:16 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"7b6ab1d5b8de4d3b0e2d8084ad292818"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
status
200
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
__utm.gif
ssl.google-analytics.com/r/ 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=249093625&utmhn=xfiles.io&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download%20Kinky%20Spa%20E72%20Bridgette%20And%20Riley%20Steele%200Day%20Porn%20Kinky%20Spa%20E72%20Bridgette%20mp4&utmhid=1350925096&utmr=-&utmp=%2Fwbjzja2zdfj4&utmht=1579824223957&utmac=UA-148062044-1&utmcc=__utma%3D80004062.1599201824.1579824224.1579824224.1579824224.1%3B%2B__utmz%3D80004062.1579824224.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=574437983&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jan 2020 00:03:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
s
seriorladded.info/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://seriorladded.info/s?a=$UID&b=812971736663
  • https://seriorladded.info/s?a=7914595187397962684&b=812971736663
43 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://seriorladded.info/s?a=7914595187397962684&b=812971736663
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://xfiles.io/wbjzja2zdfj4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 00:03:44 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
status
200
accept-ranges
bytes
cf-ray
559dbef88b8dc83f-AMS
content-length
43

Redirect headers

Pragma
no-cache
Date
Fri, 24 Jan 2020 00:03:46 GMT
AN-X-Request-Uuid
af3f6a17-ea36-4d66-8789-d8d37dffad3b
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://seriorladded.info/s?a=7914595187397962684&b=812971736663
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.210.217.118; 185.210.217.118; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.36:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
p
seriorladded.info/ 		26 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://seriorladded.info/p?b=979804280574&c=40121116
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=822524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa0fab9c132f5affd4e90987a039c84446ddc075aade22e0194cb8403e338b83

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://xfiles.io/wbjzja2zdfj4
Origin
https://xfiles.io

Response headers

date
Fri, 24 Jan 2020 00:03:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cf-ray
559dbf005a84d92d-AMS
p
seriorladded.info/ 		26 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://seriorladded.info/p?b=979804280574&c=30067192
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=822524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa0fab9c132f5affd4e90987a039c84446ddc075aade22e0194cb8403e338b83

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://xfiles.io/wbjzja2zdfj4
Origin
https://xfiles.io

Response headers

date
Fri, 24 Jan 2020 00:03:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cf-ray
559dbf0c9bc5d92d-AMS
p
seriorladded.info/ 		26 B
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://seriorladded.info/p?b=979804280574&c=49752565
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=822524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa0fab9c132f5affd4e90987a039c84446ddc075aade22e0194cb8403e338b83

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://xfiles.io/wbjzja2zdfj4
Origin
https://xfiles.io

Response headers

date
Fri, 24 Jan 2020 00:03:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cf-ray
559dbf191e10d92d-AMS
p
seriorladded.info/ 		26 B
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://seriorladded.info/p?b=979804280574&c=34249925
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=822524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa0fab9c132f5affd4e90987a039c84446ddc075aade22e0194cb8403e338b83

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://xfiles.io/wbjzja2zdfj4
Origin
https://xfiles.io

Response headers

date
Fri, 24 Jan 2020 00:03:51 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cf-ray
559dbf259f6ed92d-AMS
p
seriorladded.info/ 		26 B
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://seriorladded.info/p?b=979804280574&c=28312373
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=822524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa0fab9c132f5affd4e90987a039c84446ddc075aade22e0194cb8403e338b83

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://xfiles.io/wbjzja2zdfj4
Origin
https://xfiles.io

Response headers

date
Fri, 24 Jan 2020 00:03:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cf-ray
559dbf321efcd92d-AMS
p
seriorladded.info/ 		26 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://seriorladded.info/p?b=979804280574&c=27021314
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=822524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa0fab9c132f5affd4e90987a039c84446ddc075aade22e0194cb8403e338b83

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://xfiles.io/wbjzja2zdfj4
Origin
https://xfiles.io

Response headers

date
Fri, 24 Jan 2020 00:03:55 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cf-ray
559dbf3e9ef0d92d-AMS
p
seriorladded.info/ 		26 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://seriorladded.info/p?b=979804280574&c=95609870
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=822524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa0fab9c132f5affd4e90987a039c84446ddc075aade22e0194cb8403e338b83

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://xfiles.io/wbjzja2zdfj4
Origin
https://xfiles.io

Response headers

date
Fri, 24 Jan 2020 00:03:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cf-ray
559dbf4b29e3d92d-AMS

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| r6EE function| A5tt function| l5CC function| t866 boolean| A object| _rhat4 function| setImmediate function| clearImmediate string| _p function| Fingerprint2 number| _3459490585 function| Psu8969Al125 function| _bp object| __cfQR number| a object| pubIframe function| getPubIframe function| startFlow function| endFlow function| labsOverlayClicked function| $ function| jQuery function| setPagination object| _gaq object| jQuery19108271379285520153 function| ClipboardJS object| core object| __core-js_shared__ object| feather function| CountUp boolean| __cfRLUnblockHandlers object| _gat object| gaGlobal object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome

3 Cookies

Domain/Path Name / Value
xfiles.io/ Name: rhid_c
Value: 0
.xfiles.io/ Name: aff
Value: 344
.xfiles.io/ Name: __cfduid
Value: db69ed1752ac5f7e1021826af6eee4a791579824222

1 Console Messages

Source Level URL
Text
console-api log URL: https://mybestdc.com/adServe/banners?tid=IF1CUTURLS_DI(Line 1)
Message:
%c [object HTMLImageElement] pw7.2.12,5,46

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
dc5k8fg5ioc8s.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
gexampletebaptin.info
gsafe.getawesome1.com
mybestdc.com
p221722.clksite.com
p221722.mycdn.co
secure.adnxs.com
seriorladded.info
shutternsbe.info
ssl.google-analytics.com
use.fontawesome.com
xfiles.io
104.16.80.65
173.192.101.24
23.111.9.35
2600:9000:2057:dc00:1a:a6:7f00:21
2606:4700:3030::681b:9ddf
2606:4700:3037::681f:5ee2
2606:4700::6811:4104
2a00:1450:4001:806::200a
2a00:1450:4001:81d::2003
2a00:1450:4001:821::2008
37.252.173.38
54.175.43.212
54.87.84.107
94.31.29.128
07ae7cf9c7f3bfc4bc63842bb07e5846837c0071f8d96042de9d0f4a3cc997b6
0c222ddc8fd7efe19bf5210874ba4b98989ad186c469e852ef1c830ff043831c
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1a9d83e1f2629d0092c37407571118ec7eac91848ef1b786a8eacead7b80abe2
25cf4ca6a8df96633a145839899309104288a7586e4582c274501e78dd79dd25
31fe72fc1b1c82ccd66ccac2b318dda6ec259fe8cddce9f79645bd0947df5d4d
34b8b8e98fce879b3a37d7ea42a9983196be510bc75b31cb30ea79f766c356c7
34eff09d3a94fa86b4f3e5af9cf391515e8e2caa3ebb6d7fe6ed13e5778ff8e0
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
3bffe04c62e7b316cfc0b7db122d1e0a97a624f394946e3324d82c318115bb55
3ff6be8f3b815dfa79d5ca2e915bd5c2d96bf3133c7b6dbc50f87849933bc818
56205168d373cb37b1870db837e74e2675593b7f930d00b2ff85c83bf886b484
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a
60229cdfc1b3f4b7e635d832d7bddb60095f752858635dc9f697048d693a1a93
64a7a0e3612b87d5088ceb8daf269c7cd96acfd33b2c380ebaaa43fe3d69553a
67c123eb92c5add45ce587c51234b10e51ab61fec36fa0b28180792b27f212e2
6dd998f651fa249fb1cb59ae3ef400fa6c588495611e3211f46bcfd1836dd78f
80f7935587fcf36206dc79d2b46332eca6ff6cc40a12ce09fe66efd02336d97e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e98c284e9f86fae454dd2ce326a275fde329a694b421e6edadf57b933d69f74
9a5b7b99f0230a0bdfbb581ba9edb677764366aaefe3d2e9a851f6b69fcc4d28
9f83b89879bd67291f47a08942da41a1923b585338da2338b982f3450dd3a119
a4b0943e5312a5e2b4204d46f33b6f227a7fec6bb36c3ea712f1d99c05c999c2
a5713b2c65d0e78adf6c12912fa4dc012a929986c69fdb7ab62d21d30d55808d
a64d555ca874b27a1b4b01d2dd313157a52348b2a0a30633bf380b158b5b3e97
aa0fab9c132f5affd4e90987a039c84446ddc075aade22e0194cb8403e338b83
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
bfa6e74bf07f9a8df5f85cad8ee9d1d9dbb91c16ad0bc74408cad389fb6165b1
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d592b3088b054441aa648b1a756ce3743c4b4dcb82bd4d5ff0353be0a8a28472
d8feccdd33378cf29777a5695b07f228130737c179374221879495316a4b44fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4b3de1bf6a0b69c0c9bcade8cf33282447815561195ec7395e3cc1f3dc469a2
ff89bc47723eb688c6d27cc793a094449018842116623408600e6e0bccdc91ab