urlscan.io logo urlscan.io
SecurityTrails logo

filez.top Open in urlscan Pro
185.66.200.159  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://berhilpress.info/r.php?v=dD1jJmQ9OTI1MiZsPTY2MzUmYz0zNDY2NjQ=
Effective URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
Submission: On October 20 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 5 countries across 16 domains to perform 43 HTTP transactions. The main IP is 185.66.200.159, located in Slovakia and belongs to SKHOSTING-EU, SK. The main domain is filez.top.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 8th 2020. Valid for: 3 months.
This is the only time filez.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    144.217.171.217 (Beauharnois, Canada)

ASN16276 (OVH, FR)
berhilpress.info
1    109.234.162.107 (France)

ASN50474 (O2SWITCH, FR)
PTR: 109-234-162-107.reverse.odns.fr
riftv.net
1    185.66.200.220 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.220.skhosting.eu
buleor.com
1    185.66.201.34 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: at-public.skhosting.eu
emula.net
22    185.66.200.159 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: filez.ag
filez.top
1    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    185.66.200.222 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.222.skhosting.eu
cdn-server.top
cdn-server.xyz
1    2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    13.35.253.161 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-161.fra6.r.cloudfront.net
djm080u34wfc5.cloudfront.net
4    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    52.206.71.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-71-220.compute-1.amazonaws.com
parentful.club
3    13.35.43.102 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-43-102.mxp64.r.cloudfront.net
tfatalonepres.top
1    13.225.78.23 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-23.fra2.r.cloudfront.net
nofferentco.club
Domain Requested by
22 filez.top emula.net
filez.top
cdn-server.top
4 fonts.gstatic.com fonts.googleapis.com
3 tfatalonepres.top djm080u34wfc5.cloudfront.net
3 www.google.com filez.top
www.gstatic.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 nofferentco.club filez.top
1 parentful.club filez.top
1 djm080u34wfc5.cloudfront.net cdn-server.top
1 www.gstatic.com www.google.com
1 fonts.googleapis.com filez.top
1 www.googletagmanager.com filez.top
1 cdn-server.xyz filez.top
1 cdn-server.top filez.top
1 emula.net
1 buleor.com 1 redirects
1 riftv.net 1 redirects
1 berhilpress.info 1 redirects
43 17

This site contains links to these domains. Also see Links.

Domain
advertica.ae
Subject Issuer Validity Valid
emula.net
Let's Encrypt Authority X3		 2020-09-01 -
2020-11-30		 3 months crt.sh
filez.top
Let's Encrypt Authority X3		 2020-09-08 -
2020-12-07		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
cdn-server.top
Let's Encrypt Authority X3		 2020-10-15 -
2021-01-13		 3 months crt.sh
cdn-server.xyz
Let's Encrypt Authority X3		 2020-09-01 -
2020-11-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
parentful.club
Let's Encrypt Authority X3		 2020-09-22 -
2020-12-21		 3 months crt.sh
tfatalonepres.top
Amazon		 2020-10-04 -
2021-11-03		 a year crt.sh
nofferentco.club
Amazon		 2020-09-06 -
2021-10-06		 a year crt.sh

This page contains 5 frames:

Primary Page: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
Frame ID: 2CAE48AD0C9BBF46D29F65480DE7E446
Requests: 40 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfu8mwUAAAAAAK6MZWtTAa_5jOkhczTINR6LS6s&co=aHR0cHM6Ly9maWxlei50b3A6NDQz&hl=en&v=96-ioZd-dnhIhPdk1mI5Z4Nj&size=normal&cb=jwo5rlnk4tg
Frame ID: 6934DB436EB75B2E19EEB10A7B2CD0B3
Requests: 1 HTTP requests in this frame

Frame: https://tfatalonepres.top/TGJZc0UtADoeei1fO1UwPg5kVncKR2s1ISYPaUt1OVFtBCMvV3cQKSMXPRU3IwwtXSspFnxBAyYzNSUNLidtGwolCRIQERVaEEIDfgE0QmB+JA4dcCcyIyIBBSYTHAQNVj05LwYaHiIXfCggHAYcDBcbDicNbzwBClQBHiI5LBoYCS9QCAQOHVsjEHYBDxowPWlQHyoSCTsJGnVpUBsWIj8PFCcyOyUwEHEGITE4CjUsNjgiAVISCS4+Jg4HMglREzAjIQY3F3UdCBAJHDkjMxwxBgtgOSMdIC4XEzsMFTAAJSMeBzIWMTY9CRsGNxcyAVsDQSF/JB4HMhY6dCkmCToXGwIKDjcpdyhRHSdxNS0KOicHGxhWdw4uMRs3LyAXCh1/DiopKwooPzsPdS4YInMAGDUaHStTNyl2LyMTCi47OzVGYH4gEycEJyAgNTcvKg8QCR8NNzgECRADQSYONBFCNhY1NSojfyg0EhM8R2s1H34Gajs8dAkXNxAKA2oyES8OYEYnCzghIC84R2s1CBQwPxUWARg9NRA/ByM1MggMKh0IDycQFywoCTo1fHorHiIvDyouHggPN38ZNiMMKU4CLjE9FHM5KG8BKCISaEco
Frame ID: F44FC5F5F0ABE91889266058963E6F47
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=96-ioZd-dnhIhPdk1mI5Z4Nj&k=6Lfu8mwUAAAAAAK6MZWtTAa_5jOkhczTINR6LS6s&cb=7q6fhp7surfs
Frame ID: 4E430F7351EC1B6771EF49E22C9C20F5
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: A251635429651F79D6AE6FEFC6057E4B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://berhilpress.info/r.php?v=dD1jJmQ9OTI1MiZsPTY2MzUmYz0zNDY2NjQ= HTTP 302
    https://riftv.net/dYzmv?sub1=1&sub2=9252&sub3=12318&sub4=6635&sub5=346664 HTTP 301
    https://buleor.com/fullpage.php?section=General&pub=651335&ga=a HTTP 302
    https://emula.net/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XrGdCAArrdGAiZCdikZZp... Page URL
  2. https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i

Page Statistics

43
Requests

100 %
HTTPS

41 %
IPv6

16
Domains

17
Subdomains

15
IPs

5
Countries

816 kB
Transfer

1205 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://berhilpress.info/r.php?v=dD1jJmQ9OTI1MiZsPTY2MzUmYz0zNDY2NjQ= HTTP 302
    https://riftv.net/dYzmv?sub1=1&sub2=9252&sub3=12318&sub4=6635&sub5=346664 HTTP 301
    https://buleor.com/fullpage.php?section=General&pub=651335&ga=a HTTP 302
    https://emula.net/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XrGdCAArrdGAiZCdikZZpCpCrkpNkkNrxANkkCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_36685&adApiR=loaded_string_74958922c068bffff4067537aa840979a890f_2305802_1603166788.6265_23275&refferer=4188647925_aHR0cDovLzY1MTMzNS55bGxpeC5jb20=&yxDom=YnVsZW9yLmNvbQ==_927bc1f915095284db284dd68f5ec62f Page URL
  2. https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://berhilpress.info/r.php?v=dD1jJmQ9OTI1MiZsPTY2MzUmYz0zNDY2NjQ= HTTP 302
  • https://riftv.net/dYzmv?sub1=1&sub2=9252&sub3=12318&sub4=6635&sub5=346664 HTTP 301
  • https://buleor.com/fullpage.php?section=General&pub=651335&ga=a HTTP 302
  • https://emula.net/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XrGdCAArrdGAiZCdikZZpCpCrkpNkkNrxANkkCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_36685&adApiR=loaded_string_74958922c068bffff4067537aa840979a890f_2305802_1603166788.6265_23275&refferer=4188647925_aHR0cDovLzY1MTMzNS55bGxpeC5jb20=&yxDom=YnVsZW9yLmNvbQ==_927bc1f915095284db284dd68f5ec62f

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
emula.net/70715d1a00/bc5ff2967e/
Redirect Chain
  • http://berhilpress.info/r.php?v=dD1jJmQ9OTI1MiZsPTY2MzUmYz0zNDY2NjQ=
  • https://riftv.net/dYzmv?sub1=1&sub2=9252&sub3=12318&sub4=6635&sub5=346664
  • https://buleor.com/fullpage.php?section=General&pub=651335&ga=a
  • https://emula.net/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XrGdCAArrdGAiZCdikZZpCpCrkpNkkNrxANkkCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_36685&adApiR=loaded_string_74958922c068bffff4067537a...
414 B
584 B 		Document
General
Check archive.org
Download Go to
Full URL
https://emula.net/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XrGdCAArrdGAiZCdikZZpCpCrkpNkkNrxANkkCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_36685&adApiR=loaded_string_74958922c068bffff4067537aa840979a890f_2305802_1603166788.6265_23275&refferer=4188647925_aHR0cDovLzY1MTMzNS55bGxpeC5jb20=&yxDom=YnVsZW9yLmNvbQ==_927bc1f915095284db284dd68f5ec62f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.201.34 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
at-public.skhosting.eu
Software
nginx /
Resource Hash
1ec6611d9a3830157c00a36b35d54a40900d78398eeebaf0ff80504c33424cea

Request headers

:method
GET
:authority
emula.net
:scheme
https
:path
/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XrGdCAArrdGAiZCdikZZpCpCrkpNkkNrxANkkCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_36685&adApiR=loaded_string_74958922c068bffff4067537aa840979a890f_2305802_1603166788.6265_23275&refferer=4188647925_aHR0cDovLzY1MTMzNS55bGxpeC5jb20=&yxDom=YnVsZW9yLmNvbQ==_927bc1f915095284db284dd68f5ec62f
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
nginx
date
Tue, 20 Oct 2020 04:06:29 GMT
content-type
text/html; charset=UTF-8
set-cookie
total_impressions=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; secure; SameSite=None used_ad2305802=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; SameSite=None
expires
Sun, 01 Jan 2014 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
x-robots-tag
noindex,nofollow
content-encoding
br

Redirect headers

status
302
server
nginx
date
Tue, 20 Oct 2020 04:06:29 GMT
content-type
text/html; charset=UTF-8
location
https://emula.net/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XrGdCAArrdGAiZCdikZZpCpCrkpNkkNrxANkkCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_36685&adApiR=loaded_string_74958922c068bffff4067537aa840979a890f_2305802_1603166788.6265_23275&refferer=4188647925_aHR0cDovLzY1MTMzNS55bGxpeC5jb20=&yxDom=YnVsZW9yLmNvbQ==_927bc1f915095284db284dd68f5ec62f
expires
Tue, 20 Oct 2020 04:06:28 GMT
last-modified
Tue, 20 Oct 2020 04:06:28 GMT
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
x-robots-tag
noindex, nofollow, noarchive, nosnippet
set-cookie
used_ad2305802=1; expires=Wed, 21-Oct-2020 04:00:00 GMT; Max-Age=86012; path=/; domain=buleor.com; secure; HttpOnly; SameSite=None total_impressions=1; expires=Wed, 21-Oct-2020 04:00:00 GMT; Max-Age=86012; path=/; domain=buleor.com; secure; HttpOnly; SameSite=None cpa_875164=popup_551167532_4; expires=Thu, 19-Nov-2020 04:06:28 GMT; Max-Age=2592000; path=/; domain=buleor.com; secure; SameSite=None
Primary Request /
filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/ 		14 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
Requested by
Host: emula.net
URL: https://emula.net/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XrGdCAArrdGAiZCdikZZpCpCrkpNkkNrxANkkCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_36685&adApiR=loaded_string_74958922c068bffff4067537aa840979a890f_2305802_1603166788.6265_23275&refferer=4188647925_aHR0cDovLzY1MTMzNS55bGxpeC5jb20=&yxDom=YnVsZW9yLmNvbQ==_927bc1f915095284db284dd68f5ec62f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
3a5247da5d659909841c2d48443a712e966bd8c30ab51ccff497a5eb2c080e4f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
filez.top
:scheme
https
:path
/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://emula.net/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XrGdCAArrdGAiZCdikZZpCpCrkpNkkNrxANkkCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_36685&adApiR=loaded_string_74958922c068bffff4067537aa840979a890f_2305802_1603166788.6265_23275&refferer=4188647925_aHR0cDovLzY1MTMzNS55bGxpeC5jb20=&yxDom=YnVsZW9yLmNvbQ==_927bc1f915095284db284dd68f5ec62f
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://emula.net/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XrGdCAArrdGAiZCdikZZpCpCrkpNkkNrxANkkCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_36685&adApiR=loaded_string_74958922c068bffff4067537aa840979a890f_2305802_1603166788.6265_23275&refferer=4188647925_aHR0cDovLzY1MTMzNS55bGxpeC5jb20=&yxDom=YnVsZW9yLmNvbQ==_927bc1f915095284db284dd68f5ec62f

Response headers

status
200
server
nginx
date
Tue, 20 Oct 2020 04:06:29 GMT
content-type
text/html; charset=UTF-8
set-cookie
PHPSESSID=oguiom6m65lqtdi6u784lamvlk; path=/; secure; HttpOnly lang=en; expires=Thu, 19-Nov-2020 04:06:29 GMT; Max-Age=2592000; path=/; domain=filez.top; secure; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-frame-options
SAMEORIGIN
bootstrap.css
filez.top/css/ 		143 KB
143 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://filez.top/css/bootstrap.css
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
29a76ce16028a890e8cd5fecc8a736a2d8c07947c009a126a585ce0203d54e37
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 04:06:29 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-23a5a"
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
accept-ranges
bytes
content-length
146010
style.css
filez.top/css/ 		15 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://filez.top/css/style.css?1597303626
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
d2eb94db45a7f74266b7c1a929af3ee63a100271603a18a478493cab56bdf67c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 04:06:29 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-3c94"
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
accept-ranges
bytes
content-length
15508
responsive.css
filez.top/css/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://filez.top/css/responsive.css
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
de9511cfb40c7781e56cae17bdc355a871f548e5726875c3b4ed319705e6c38e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 04:06:29 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-ebb"
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
accept-ranges
bytes
content-length
3771
font-awesome.css
filez.top/css/ 		37 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://filez.top/css/font-awesome.css
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 04:06:29 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-9226"
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
accept-ranges
bytes
content-length
37414
api.js
www.google.com/recaptcha/ 		850 B
641 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dc7ab6682576ec07874bcf9a32e0e929784538d1f194bc634fd0a46ddd09937b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 04:06:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
553
x-xss-protection
1; mode=block
expires
Tue, 20 Oct 2020 04:06:29 GMT
jquery.min.js
filez.top/js/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filez.top/js/jquery.min.js
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 04:06:29 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-15283"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
86659
wl.js
cdn-server.top/p/ 		381 B
678 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-server.top/p/wl.js?pub=117937&ga=g
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.222 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.222.skhosting.eu
Software
nginx /
Resource Hash
d26c32d0041697c11f13727f0a7aaa9a51367a9c41d01ce2efd4edc8c3cdb92b

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
cache
date
Tue, 20 Oct 2020 04:06:29 GMT
server
nginx
content-type
application/javascript
status
200
cache-control
max-age=3600
x-robots-tag
noindex, nofollow, noarchive, nosnippet
expires
Tue, 20 Oct 2020 05:06:29 GMT
US.gif
filez.top/images/flags/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filez.top/images/flags/US.gif
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
b7a053f73e5027213689a88bd30736bab51c3417eb902caf214513ae87e5581c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 04:06:30 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-859"
x-frame-options
SAMEORIGIN
content-type
image/gif
status
200
accept-ranges
bytes
content-length
2137
CZ.gif
filez.top/images/flags/ 		1006 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filez.top/images/flags/CZ.gif
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
f717f12f040829e78545332ea52a7f9af3d12781ec610768dca8c2c918d57a1b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 04:06:30 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-3ee"
x-frame-options
SAMEORIGIN
content-type
image/gif
status
200
accept-ranges
bytes
content-length
1006
ES.gif
filez.top/images/flags/ 		1006 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filez.top/images/flags/ES.gif
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
e9f8b8fabb38524354f0bd87e91a4f4e702555956d29cc6db1b899fc0b5980b0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 04:06:30 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-3ee"
x-frame-options
SAMEORIGIN
content-type
image/gif
status
200
accept-ranges
bytes
content-length
1006
AE.gif
filez.top/images/flags/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filez.top/images/flags/AE.gif
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
4330d94512442851e2ba5c2e9c6005f5e5d98d3a33d089ffc5206ca9517b84d7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 04:06:30 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-6af"
x-frame-options
SAMEORIGIN
content-type
image/gif
status
200
accept-ranges
bytes
content-length
1711
PT.gif
filez.top/images/flags/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filez.top/images/flags/PT.gif
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
03416e82636020f4110eee57af9d6e57f1768262777b430868d0709bace68407
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 04:06:30 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-859"
x-frame-options
SAMEORIGIN
content-type
image/gif
status
200
accept-ranges
bytes
content-length
2137
FR.gif
filez.top/images/flags/ 		1006 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filez.top/images/flags/FR.gif
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
1df59d2f9889b0553295fe997df9f1e5adec5a34abc798178d2cb313c6a196c9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 04:06:30 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-3ee"
x-frame-options
SAMEORIGIN
content-type
image/gif
status
200
accept-ranges
bytes
content-length
1006
DE.gif
filez.top/images/flags/ 		1003 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filez.top/images/flags/DE.gif
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
66671616f880ade1bee6a9afbced9011f1fe1b179ff9860766f700825e8bc9ae
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 04:06:30 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-3eb"
x-frame-options
SAMEORIGIN
content-type
image/gif
status
200
accept-ranges
bytes
content-length
1003
IR.gif
filez.top/images/flags/ 		1006 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filez.top/images/flags/IR.gif
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
8f1132e259789cc46b3851f3402a35e39587021cb06fb12adeb45e39a1da1cc5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 04:06:30 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-3ee"
x-frame-options
SAMEORIGIN
content-type
image/gif
status
200
accept-ranges
bytes
content-length
1006
logo.png
filez.top/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filez.top/images/logo.png
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
83f30cec310068712ce68afed7f1282ced9b022cec1abefd6eab29a913e29343
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 04:06:30 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-130c"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
accept-ranges
bytes
content-length
4876
home_icon_1.png
filez.top/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filez.top/images/home_icon_1.png
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
6388a88a40a903dac834dd1d42fe8ecfc3cdf67996020ffb7a66c3e8ce714a95
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 04:06:30 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-449"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
accept-ranges
bytes
content-length
1097
home_icon_2.png
filez.top/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filez.top/images/home_icon_2.png
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
c3d7a9181ea3eebba498c07f828f1c3925ba7cf99ba8430dd747b4255d9a05eb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 04:06:30 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-467"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
accept-ranges
bytes
content-length
1127
home_icon_3.png
filez.top/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filez.top/images/home_icon_3.png
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
d1eb492e1005fbd0b649fad1a3c60006f21ca1c1fba172eb4232569475237985
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 04:06:30 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-40b"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
accept-ranges
bytes
content-length
1035
yxbnr.js
cdn-server.xyz/a/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-server.xyz/a/yxbnr.js
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.222 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.222.skhosting.eu
Software
nginx /
Resource Hash
042445431ce1cde5fda7a26e8e8428e08569680c139fce184e2c1476b308e1e7

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
cache
date
Tue, 20 Oct 2020 04:06:30 GMT
server
nginx
content-type
application/javascript
status
200
cache-control
max-age=21600
x-robots-tag
noindex, nofollow, noarchive, nosnippet
expires
Tue, 20 Oct 2020 10:06:30 GMT
bootstrap.min.js
filez.top/js/ 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filez.top/js/bootstrap.min.js
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 04:06:30 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-90b5"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
37045
main.js
filez.top/js/ 		637 B
790 B 		Script
General
Check archive.org
Download Go to
Full URL
https://filez.top/js/main.js
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
9e0ed50c5e8fe853e1b4293aa254b22f11b4c40c9b3494f0856639e5a96c21eb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 04:06:30 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-27d"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
637
js
www.googletagmanager.com/gtag/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-150666752-1
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a7dec5803e4a6fa6f391b5d9f0316f122e92df6bb533a718285636b2695f1e0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 04:06:29 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
last-modified
Tue, 20 Oct 2020 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 20 Oct 2020 04:06:29 GMT
css
fonts.googleapis.com/ 		6 KB
714 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Requested by
Host: filez.top
URL: https://filez.top/css/style.css?1597303626
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
557823206bf2873bfd61c1dbb36e7ad4d2034e8fd58a79b2198fc1b4e708ba68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://filez.top/css/style.css?1597303626
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Oct 2020 03:45:09 GMT
server
ESF
date
Tue, 20 Oct 2020 04:06:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Oct 2020 04:06:29 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/96-ioZd-dnhIhPdk1mI5Z4Nj/ 		342 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/96-ioZd-dnhIhPdk1mI5Z4Nj/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b5cc6926879a645858c156e49050f0330980147096cc201991dcfc87c23c143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://filez.top
Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 03:06:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3579
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137113
x-xss-protection
0
last-modified
Mon, 19 Oct 2020 04:07:16 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Oct 2021 03:06:50 GMT
sw.js
filez.top/ 		102 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filez.top/sw.js?clickid=XrGdCjjZikAjriCkkAppjCxCrkpNkkNrxANkkCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_10288&subid=882395813
Requested by
Host: cdn-server.top
URL: https://cdn-server.top/p/wl.js?pub=117937&ga=g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
d134482b582256f83aad4583af70db302e0319835dda567b27b5c568d421b47e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 04:06:30 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-198b1"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
104625
/
djm080u34wfc5.cloudfront.net/ 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://djm080u34wfc5.cloudfront.net/?wumjd=808860
Requested by
Host: cdn-server.top
URL: https://cdn-server.top/p/wl.js?pub=117937&ga=g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.161 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-161.fra6.r.cloudfront.net
Software
/
Resource Hash
cea0f0f66df9a51e82ff814b585855a338a36248622be3c89bbeef6d9d2d3361

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Oct 2020 04:04:49 GMT
content-encoding
gzip
age
101
status
200
x-cache
Hit from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
x-amz-cf-pop
FRA6-C1
content-length
38682
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-cf-id
lJYQ4Tg2bK-c_H26mhP9BPkKLDZnlv1cl2DRZ0qlJmdZEACBDkZAIA==
fontawesome-webfont.woff2
filez.top/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://filez.top/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: filez.top
URL: https://filez.top/css/font-awesome.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://filez.top
Referer
https://filez.top/css/font-awesome.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 04:06:30 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-12d68"
x-frame-options
SAMEORIGIN
content-type
font/woff2
status
200
accept-ranges
bytes
content-length
77160
pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v13/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v13/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://filez.top
Referer
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 11:20:43 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:08:52 GMT
server
sffe
age
60346
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7776
x-xss-protection
0
expires
Tue, 19 Oct 2021 11:20:43 GMT
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v13/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v13/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://filez.top
Referer
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 11:20:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:01 GMT
server
sffe
age
60353
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
expires
Tue, 19 Oct 2021 11:20:36 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v13/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v13/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://filez.top
Referer
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 11:20:43 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:13 GMT
server
sffe
age
60346
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
expires
Tue, 19 Oct 2021 11:20:43 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v13/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v13/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://filez.top
Referer
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 15:14:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:00 GMT
server
sffe
age
46317
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7988
x-xss-protection
0
expires
Tue, 19 Oct 2021 15:14:33 GMT
anchor
www.google.com/recaptcha/api2/ Frame 6934 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfu8mwUAAAAAAK6MZWtTAa_5jOkhczTINR6LS6s&co=aHR0cHM6Ly9maWxlei50b3A6NDQz&hl=en&v=96-ioZd-dnhIhPdk1mI5Z4Nj&size=normal&cb=jwo5rlnk4tg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/96-ioZd-dnhIhPdk1mI5Z4Nj/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-69HMFBwSyv+teSO91amY/Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Lfu8mwUAAAAAAK6MZWtTAa_5jOkhczTINR6LS6s&co=aHR0cHM6Ly9maWxlei50b3A6NDQz&hl=en&v=96-ioZd-dnhIhPdk1mI5Z4Nj&size=normal&cb=jwo5rlnk4tg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 20 Oct 2020 04:06:30 GMT
content-security-policy
script-src 'report-sample' 'nonce-69HMFBwSyv+teSO91amY/Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10744
server
GSE
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-150666752-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
3041
date
Tue, 20 Oct 2020 03:15:49 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Tue, 20 Oct 2020 05:15:49 GMT
M2RINEZIRjtDGUYWJBZ8EQw8QDZAXmcbIFoILU5oRws4GzVESiJHeVAIIVctWgB1bDR0AAteLGkNI3UsQQ0LXy1yFDheBUsnOl82fQ8jejRLJQZfLXAWC18scBYwdzRaHAteL3AWC0YBcBwLXSJBFiF1AVonC0YZAlR6DH4VFz1WL1dZcAx0AF19DHcARmQWNV4Ca...
parentful.club/ 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://parentful.club/M2RINEZIRjtDGUYWJBZ8EQw8QDZAXmcbIFoILU5oRws4GzVESiJHeVAIIVctWgB1bDR0AAteLGkNI3UsQQ0LXy1yFDheBUsnOl82fQ8jejRLJQZfLXAWC18scBYwdzRaHAteL3AWC0YBcBwLXSJBFiF1AVonC0YZAlR6DH4VFz1WL1dZcAx0AF19DHcARmQWNV4Cag53H0Y7WTARXmoGaAVGZBYyUgMXXSIRXmoMdgtcfQxkH0Y7QSRsDSwGZAlGEEYBVyciXhxaDwleNFonI18HQxQidz5wFiNECFgPBkY%2BciojXwVBJyNeBUEcC0YvSyciXQVBJzpzBUsnIVA0QQ0Jcy9wJzprdwNWcAxkTg
Requested by
Host: filez.top
URL: https://filez.top/sw.js?clickid=XrGdCjjZikAjriCkkAppjCxCrkpNkkNrxANkkCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_10288&subid=882395813
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.206.71.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-71-220.compute-1.amazonaws.com
Software
/ Express
Resource Hash
04df7391daabd03ecb98418c38101afecb7f71501e2fa32c49c74365dd179379

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding
gzip
etag
W/"96d7-KPHGkZGSPr26iR8oMUE2Q2degGk"
status
200
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With,content-type
collect
www.google-analytics.com/j/ 		1 B
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=833600713&t=pageview&_s=1&dl=https%3A%2F%2Ffilez.top%2Flp%2Fdd%2F1%2Fcab4129999062623b693a7e1465bf89f%2FaffC1603166789aff8f32a0d989725a326a178%2F%3Fsid%3D24654057&dr=https%3A%2F%2Femula.net%2F70715d1a00%2Fbc5ff2967e%2F%3FplacementName%3DROTATOR%26type%3Da%26cv%3DXrGdCAArrdGAiZCdikZZpCpCrkpNkkNrxANkkCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_36685%26adApiR%3Dloaded_string_74958922c068bffff4067537aa840979a890f_2305802_1603166788.6265_23275%26refferer%3D4188647925_aHR0cDovLzY1MTMzNS55bGxpeC5jb20%3D%26yxDom%3DYnVsZW9yLmNvbQ%3D%3D_927bc1f915095284db284dd68f5ec62f&ul=en-us&de=UTF-8&dt=Filez.top%20-%20Untitled_4.zip&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1587487902&gjid=1045735074&cid=2043520826.1603166790&tid=UA-150666752-1&_gid=739784083.1603166790&_r=1&gtm=2ou9u1&z=358204868
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Oct 2020 04:06:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://filez.top
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
utx
tfatalonepres.top/ 		0
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tfatalonepres.top/utx?cb=bEYluJSl1wlk&top=filez.top&tid=808860
Requested by
Host: djm080u34wfc5.cloudfront.net
URL: https://djm080u34wfc5.cloudfront.net/?wumjd=808860
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.43.102 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-43-102.mxp64.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Oct 2020 04:06:31 GMT
via
1.1 3324a8ad97d1ad89d31d73e8b93b919b.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
MXP64-C1
status
204
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://filez.top
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
1YSpU2cTEPTT9k2LAKC3Imx7iz3RWUtvlYQSLPiDr6jD_ob-AHWM2g==
ByM1MggMKh0IDycQFywoCTo1fHorHiIvDyouHggPN38ZNiMMKU4CLjE9FHM5KG8BKCISaEco
tfatalonepres.top/TGJZc0UtADoeei1fO1UwPg5kVncKR2s1ISYPaUt1OVFtBCMvV3cQKSMXPRU3IwwtXSspFnxBAyYzNSUNLidtGwolCRIQERVaEEIDfgE0QmB+JA4dcCcyIyIBBSYTHAQNVj05LwYaHiIXfCggHAYcDBcbDicNbzwBClQBHiI5LBoYCS9QCAQ... Frame F44F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tfatalonepres.top/TGJZc0UtADoeei1fO1UwPg5kVncKR2s1ISYPaUt1OVFtBCMvV3cQKSMXPRU3IwwtXSspFnxBAyYzNSUNLidtGwolCRIQERVaEEIDfgE0QmB+JA4dcCcyIyIBBSYTHAQNVj05LwYaHiIXfCggHAYcDBcbDicNbzwBClQBHiI5LBoYCS9QCAQOHVsjEHYBDxowPWlQHyoSCTsJGnVpUBsWIj8PFCcyOyUwEHEGITE4CjUsNjgiAVISCS4+Jg4HMglREzAjIQY3F3UdCBAJHDkjMxwxBgtgOSMdIC4XEzsMFTAAJSMeBzIWMTY9CRsGNxcyAVsDQSF/JB4HMhY6dCkmCToXGwIKDjcpdyhRHSdxNS0KOicHGxhWdw4uMRs3LyAXCh1/DiopKwooPzsPdS4YInMAGDUaHStTNyl2LyMTCi47OzVGYH4gEycEJyAgNTcvKg8QCR8NNzgECRADQSYONBFCNhY1NSojfyg0EhM8R2s1H34Gajs8dAkXNxAKA2oyES8OYEYnCzghIC84R2s1CBQwPxUWARg9NRA/ByM1MggMKh0IDycQFywoCTo1fHorHiIvDyouHggPN38ZNiMMKU4CLjE9FHM5KG8BKCISaEco
Requested by
Host: djm080u34wfc5.cloudfront.net
URL: https://djm080u34wfc5.cloudfront.net/?wumjd=808860
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.43.102 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-43-102.mxp64.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

:method
GET
:authority
tfatalonepres.top
:scheme
https
:path
/TGJZc0UtADoeei1fO1UwPg5kVncKR2s1ISYPaUt1OVFtBCMvV3cQKSMXPRU3IwwtXSspFnxBAyYzNSUNLidtGwolCRIQERVaEEIDfgE0QmB+JA4dcCcyIyIBBSYTHAQNVj05LwYaHiIXfCggHAYcDBcbDicNbzwBClQBHiI5LBoYCS9QCAQOHVsjEHYBDxowPWlQHyoSCTsJGnVpUBsWIj8PFCcyOyUwEHEGITE4CjUsNjgiAVISCS4+Jg4HMglREzAjIQY3F3UdCBAJHDkjMxwxBgtgOSMdIC4XEzsMFTAAJSMeBzIWMTY9CRsGNxcyAVsDQSF/JB4HMhY6dCkmCToXGwIKDjcpdyhRHSdxNS0KOicHGxhWdw4uMRs3LyAXCh1/DiopKwooPzsPdS4YInMAGDUaHStTNyl2LyMTCi47OzVGYH4gEycEJyAgNTcvKg8QCR8NNzgECRADQSYONBFCNhY1NSojfyg0EhM8R2s1H34Gajs8dAkXNxAKA2oyES8OYEYnCzghIC84R2s1CBQwPxUWARg9NRA/ByM1MggMKh0IDycQFywoCTo1fHorHiIvDyouHggPN38ZNiMMKU4CLjE9FHM5KG8BKCISaEco
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057

Response headers

status
200
content-type
text/html
content-length
1275
date
Tue, 20 Oct 2020 04:06:31 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 3324a8ad97d1ad89d31d73e8b93b919b.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C1
x-amz-cf-id
Or_wXZFR5-rKw6CM9apLLIUjTZOW_ZallOjXMUvW_uOB3djK0Kyqtw==
bframe
www.google.com/recaptcha/api2/ Frame 4E43 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=96-ioZd-dnhIhPdk1mI5Z4Nj&k=6Lfu8mwUAAAAAAK6MZWtTAa_5jOkhczTINR6LS6s&cb=7q6fhp7surfs
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/96-ioZd-dnhIhPdk1mI5Z4Nj/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-B/rrsaGAQJtNwfP/4QogxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=96-ioZd-dnhIhPdk1mI5Z4Nj&k=6Lfu8mwUAAAAAAK6MZWtTAa_5jOkhczTINR6LS6s&cb=7q6fhp7surfs
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 20 Oct 2020 04:06:31 GMT
content-security-policy
script-src 'report-sample' 'nonce-B/rrsaGAQJtNwfP/4QogxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1172
server
GSE
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
popunder.gif
nofferentco.club/ 		35 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nofferentco.club/popunder.gif
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.23 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-23.fra2.r.cloudfront.net
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Tue, 20 Oct 2020 04:06:32 GMT
content-encoding
gzip
x-amz-cf-pop
FRA2-C2
status
200
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
content-length
58
via
1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
x-amz-cf-id
_43nhoMlwSCXOCA0w-8Y1CMYnEOeNOktu9H4uvlvHDavSCAQrp5GWA==
multi
tfatalonepres.top/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tfatalonepres.top/multi?tid=808860&red=1&cs=UjNHbXJjBXQLS2VRdAtKZQsjWEJi&abt=0&v=1.0.48.0&sm=76&k=&sts=64&prn=0&emb=0&fs=1&ref=https%3A%2F%2Ffilez.top%2Flp%2Fdd%2F1%2Fcab4129999062623b693a7e1465bf89f%2FaffC1603166789aff8f32a0d989725a326a178%2F%3Fsid%3D24654057&osr=emula.net&jst=0&enr=0&lcua=mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_14_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F83.0.4103.61%20safari%2F537.36&tzd=2&uloc=&if=0&_xw4u=1603166792295&crc=1
Requested by
Host: djm080u34wfc5.cloudfront.net
URL: https://djm080u34wfc5.cloudfront.net/?wumjd=808860
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.43.102 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-43-102.mxp64.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
b4b2e3d9e80e2021cfdc3f3ec0d3dd396e3b5684d4fec064379df08d0e9b47bb

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603166789aff8f32a0d989725a326a178/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Oct 2020 04:06:32 GMT
content-encoding
gzip
server
openresty/1.17.8.2
x-amz-cf-pop
MXP64-C1
status
200
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://filez.top
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
text/plain
content-length
1869
via
1.1 3324a8ad97d1ad89d31d73e8b93b919b.cloudfront.net (CloudFront)
x-amz-cf-id
_pTjDD9xMl3VRBrBDuZn2eTyH4XrTKrxx9YozeiT6F0NlRb4mF5XRg==
truncated
/ Frame A251 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c1e4cc7644ff1698616e3b394dc02cc07aa5a5e2fe94f992de85246c467dfa9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| $ function| jQuery object| wlpush object| wdw function| grr object| recaptcha function| dialog function| gtag object| dataLayer object| closure_lm_180467 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| s function| f9ZZ function| m7rr object| gaplugins object| gaGlobal object| gaData function| Fingerprint2 number| LAST_CORRECT_EVENT_TIME number| _259766530 function| fa function| yllixNetworkLoader function| T400 function| o800

5 Cookies

Domain/Path Name / Value
.filez.top/ Name: _gid
Value: GA1.2.739784083.1603166790
.filez.top/ Name: lang
Value: en
.filez.top/ Name: _gat_gtag_UA_150666752_1
Value: 1
.filez.top/ Name: _ga
Value: GA1.2.2043520826.1603166790
filez.top/ Name: PHPSESSID
Value: oguiom6m65lqtdi6u784lamvlk

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

berhilpress.info
buleor.com
cdn-server.top
cdn-server.xyz
djm080u34wfc5.cloudfront.net
emula.net
filez.top
fonts.googleapis.com
fonts.gstatic.com
nofferentco.club
parentful.club
riftv.net
tfatalonepres.top
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
109.234.162.107
13.225.78.23
13.35.253.161
13.35.43.102
144.217.171.217
185.66.200.159
185.66.200.220
185.66.200.222
185.66.201.34
2a00:1450:4001:801::200a
2a00:1450:4001:803::2004
2a00:1450:4001:809::200e
2a00:1450:4001:816::2003
2a00:1450:4001:819::2004
2a00:1450:4001:81f::2003
2a00:1450:4001:824::2008
52.206.71.220
03416e82636020f4110eee57af9d6e57f1768262777b430868d0709bace68407
042445431ce1cde5fda7a26e8e8428e08569680c139fce184e2c1476b308e1e7
04df7391daabd03ecb98418c38101afecb7f71501e2fa32c49c74365dd179379
1df59d2f9889b0553295fe997df9f1e5adec5a34abc798178d2cb313c6a196c9
1ec6611d9a3830157c00a36b35d54a40900d78398eeebaf0ff80504c33424cea
29a76ce16028a890e8cd5fecc8a736a2d8c07947c009a126a585ce0203d54e37
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
3a5247da5d659909841c2d48443a712e966bd8c30ab51ccff497a5eb2c080e4f
3c1e4cc7644ff1698616e3b394dc02cc07aa5a5e2fe94f992de85246c467dfa9
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
4330d94512442851e2ba5c2e9c6005f5e5d98d3a33d089ffc5206ca9517b84d7
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
557823206bf2873bfd61c1dbb36e7ad4d2034e8fd58a79b2198fc1b4e708ba68
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6388a88a40a903dac834dd1d42fe8ecfc3cdf67996020ffb7a66c3e8ce714a95
66671616f880ade1bee6a9afbced9011f1fe1b179ff9860766f700825e8bc9ae
6b5cc6926879a645858c156e49050f0330980147096cc201991dcfc87c23c143
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f30cec310068712ce68afed7f1282ced9b022cec1abefd6eab29a913e29343
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8f1132e259789cc46b3851f3402a35e39587021cb06fb12adeb45e39a1da1cc5
9e0ed50c5e8fe853e1b4293aa254b22f11b4c40c9b3494f0856639e5a96c21eb
a7dec5803e4a6fa6f391b5d9f0316f122e92df6bb533a718285636b2695f1e0d
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b4b2e3d9e80e2021cfdc3f3ec0d3dd396e3b5684d4fec064379df08d0e9b47bb
b7a053f73e5027213689a88bd30736bab51c3417eb902caf214513ae87e5581c
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
c3d7a9181ea3eebba498c07f828f1c3925ba7cf99ba8430dd747b4255d9a05eb
cea0f0f66df9a51e82ff814b585855a338a36248622be3c89bbeef6d9d2d3361
d134482b582256f83aad4583af70db302e0319835dda567b27b5c568d421b47e
d1eb492e1005fbd0b649fad1a3c60006f21ca1c1fba172eb4232569475237985
d26c32d0041697c11f13727f0a7aaa9a51367a9c41d01ce2efd4edc8c3cdb92b
d2eb94db45a7f74266b7c1a929af3ee63a100271603a18a478493cab56bdf67c
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
dc7ab6682576ec07874bcf9a32e0e929784538d1f194bc634fd0a46ddd09937b
de9511cfb40c7781e56cae17bdc355a871f548e5726875c3b4ed319705e6c38e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9f8b8fabb38524354f0bd87e91a4f4e702555956d29cc6db1b899fc0b5980b0
f717f12f040829e78545332ea52a7f9af3d12781ec610768dca8c2c918d57a1b