Submitted URL: http://berhilpress.info/r.php?v=dD1jJmQ9OTI1MiZsPTc5OCZjPTQ0NTgzMg==
Effective URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
Submission: On October 20 via api from BE

Summary

This website contacted 15 IPs in 5 countries across 16 domains to perform 43 HTTP transactions. The main IP is 185.66.200.159, located in Slovakia and belongs to SKHOSTING-EU, SK. The main domain is filez.top.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 8th 2020. Valid for: 3 months.
This is the only time filez.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
22 filez.top emula.net
filez.top
cdn-server.top
4 fonts.gstatic.com fonts.googleapis.com
3 legedlunchar.top djm080u34wfc5.cloudfront.net
3 www.google.com filez.top
www.gstatic.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 nsidereturn.club
1 parentful.club filez.top
1 djm080u34wfc5.cloudfront.net cdn-server.top
1 www.gstatic.com www.google.com
1 fonts.googleapis.com filez.top
1 www.googletagmanager.com filez.top
1 cdn-server.xyz filez.top
1 cdn-server.top filez.top
1 emula.net
1 buleor.com 1 redirects
1 riftv.net 1 redirects
1 berhilpress.info 1 redirects
43 17

This site contains links to these domains. Also see Links.

Domain
advertica.ae
Subject Issuer Validity Valid
emula.net
Let's Encrypt Authority X3
2020-09-01 -
2020-11-30
3 months crt.sh
filez.top
Let's Encrypt Authority X3
2020-09-08 -
2020-12-07
3 months crt.sh
www.google.com
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh
cdn-server.top
Let's Encrypt Authority X3
2020-10-15 -
2021-01-13
3 months crt.sh
cdn-server.xyz
Let's Encrypt Authority X3
2020-09-01 -
2020-11-30
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2
2020-05-26 -
2021-04-21
a year crt.sh
*.google.com
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh
parentful.club
Let's Encrypt Authority X3
2020-09-22 -
2020-12-21
3 months crt.sh
legedlunchar.top
Amazon
2020-10-04 -
2021-11-03
a year crt.sh
nsidereturn.club
Amazon
2020-09-06 -
2021-10-06
a year crt.sh

This page contains 5 frames:

Primary Page: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
Frame ID: 288C1E681D9DFF1466F280312EBE389C
Requests: 40 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfu8mwUAAAAAAK6MZWtTAa_5jOkhczTINR6LS6s&co=aHR0cHM6Ly9maWxlei50b3A6NDQz&hl=en&v=T9w1ROdplctW2nVKvNJYXH8o&size=normal&cb=pxhna9wrni3s
Frame ID: DEDC4E5A886E7F8DB00DE0D3C52452F3
Requests: 1 HTTP requests in this frame

Frame: https://legedlunchar.top/STlmZnYoWwULSSgEBEADO1VbQ0QPHFQgEiNUVl5GPApSERAqDEgFGiZMAgAEJlcSSBgsTUNUMB9dMD9FE2wJMTkfUiICJwwcVCAjeFEfNCF9aTNVBh1pIzc9A3gwFBMleAghHANdLw4BE3sxMzoreCMVI3hRUjMMOW4lH0cAWiAvOgJsDggzGGgTIEQ6fTccQg92MB4vA3sNFScYUlEnHx9+JVQBCHcRCT8DaF5DRA9uEQ0EHH40HiMOayAFAR9vPw4Rem8nER0IbQojMh4AISA0A2EDDgF9aBEnGxx+Ny41CkoxBQEfbyw3LDN7MDMPHH43LiABVhc8AWR0UABHMUMkMCM7ezU8FAh9Vjc4D04rNhoLUgUwNHxoCAEzHAtfLiwhASkvEQwOMVY0fXcIKzAfaj8FJh9zJwMzHEEzAS8hfgheJR8KCTEmImwtLA4LQyQ1ODBrCAE+GgpTIywuayoAMxtDJDAjfH8iJCEPQCg3LAF/NwMjAw0kIDg6eCESIh9XCiE4eH8xBQ4tTzNXPyZoIiglCEBTKDs+YzUDIwwJJAEzPGscLCULTkAMBSZXFls7fFQJAhwObwo1JCc
Frame ID: 66C5FD5FBD8EF40CF908954B2AA733FA
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=T9w1ROdplctW2nVKvNJYXH8o&k=6Lfu8mwUAAAAAAK6MZWtTAa_5jOkhczTINR6LS6s&cb=8rjunmnkrwsn
Frame ID: 7DD617A8F5B0876F74AA1E68707BD841
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 4B28D1C7071C01ACA0D2BB6714EB2B54
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://berhilpress.info/r.php?v=dD1jJmQ9OTI1MiZsPTc5OCZjPTQ0NTgzMg== HTTP 302
    https://riftv.net/dYzmv?sub1=1&sub2=9252&sub3=12318&sub4=798&sub5=445832 HTTP 301
    https://buleor.com/fullpage.php?section=General&pub=651335&ga=a HTTP 302
    https://emula.net/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XAjCAArrdGAiZCdikZZpC... Page URL
  2. https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

43
Requests

100 %
HTTPS

41 %
IPv6

16
Domains

17
Subdomains

15
IPs

5
Countries

816 kB
Transfer

1204 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://berhilpress.info/r.php?v=dD1jJmQ9OTI1MiZsPTc5OCZjPTQ0NTgzMg== HTTP 302
    https://riftv.net/dYzmv?sub1=1&sub2=9252&sub3=12318&sub4=798&sub5=445832 HTTP 301
    https://buleor.com/fullpage.php?section=General&pub=651335&ga=a HTTP 302
    https://emula.net/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XAjCAArrdGAiZCdikZZpCpCjZNrxZNZxNZiACrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_72409&adApiR=loaded_string_16200e8f22ff6c774d1a532493226df6c9b3e_2305802_1603193468.3027_63593&refferer=4188647925_aHR0cDovLzY1MTMzNS55bGxpeC5jb20=&yxDom=YnVsZW9yLmNvbQ==_927bc1f915095284db284dd68f5ec62f Page URL
  2. https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://berhilpress.info/r.php?v=dD1jJmQ9OTI1MiZsPTc5OCZjPTQ0NTgzMg== HTTP 302
  • https://riftv.net/dYzmv?sub1=1&sub2=9252&sub3=12318&sub4=798&sub5=445832 HTTP 301
  • https://buleor.com/fullpage.php?section=General&pub=651335&ga=a HTTP 302
  • https://emula.net/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XAjCAArrdGAiZCdikZZpCpCjZNrxZNZxNZiACrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_72409&adApiR=loaded_string_16200e8f22ff6c774d1a532493226df6c9b3e_2305802_1603193468.3027_63593&refferer=4188647925_aHR0cDovLzY1MTMzNS55bGxpeC5jb20=&yxDom=YnVsZW9yLmNvbQ==_927bc1f915095284db284dd68f5ec62f

43 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
emula.net/70715d1a00/bc5ff2967e/
Redirect Chain
  • http://berhilpress.info/r.php?v=dD1jJmQ9OTI1MiZsPTc5OCZjPTQ0NTgzMg==
  • https://riftv.net/dYzmv?sub1=1&sub2=9252&sub3=12318&sub4=798&sub5=445832
  • https://buleor.com/fullpage.php?section=General&pub=651335&ga=a
  • https://emula.net/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XAjCAArrdGAiZCdikZZpCpCjZNrxZNZxNZiACrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_72409&adApiR=loaded_string_16200e8f22ff6c774d1a532493...
414 B
583 B
Document
General
Full URL
https://emula.net/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XAjCAArrdGAiZCdikZZpCpCjZNrxZNZxNZiACrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_72409&adApiR=loaded_string_16200e8f22ff6c774d1a532493226df6c9b3e_2305802_1603193468.3027_63593&refferer=4188647925_aHR0cDovLzY1MTMzNS55bGxpeC5jb20=&yxDom=YnVsZW9yLmNvbQ==_927bc1f915095284db284dd68f5ec62f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.201.34 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
at-public.skhosting.eu
Software
nginx /
Resource Hash
21b74ffc198ea65a899fd6bbb4156b370d99ea824520b52c2e97f0d5e80499e8

Request headers

:method
GET
:authority
emula.net
:scheme
https
:path
/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XAjCAArrdGAiZCdikZZpCpCjZNrxZNZxNZiACrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_72409&adApiR=loaded_string_16200e8f22ff6c774d1a532493226df6c9b3e_2305802_1603193468.3027_63593&refferer=4188647925_aHR0cDovLzY1MTMzNS55bGxpeC5jb20=&yxDom=YnVsZW9yLmNvbQ==_927bc1f915095284db284dd68f5ec62f
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
nginx
date
Tue, 20 Oct 2020 11:31:08 GMT
content-type
text/html; charset=UTF-8
set-cookie
total_impressions=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; secure; SameSite=None used_ad2305802=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; SameSite=None
expires
Sun, 01 Jan 2014 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
x-robots-tag
noindex,nofollow
content-encoding
br

Redirect headers

status
302
server
nginx
date
Tue, 20 Oct 2020 11:31:08 GMT
content-type
text/html; charset=UTF-8
location
https://emula.net/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XAjCAArrdGAiZCdikZZpCpCjZNrxZNZxNZiACrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_72409&adApiR=loaded_string_16200e8f22ff6c774d1a532493226df6c9b3e_2305802_1603193468.3027_63593&refferer=4188647925_aHR0cDovLzY1MTMzNS55bGxpeC5jb20=&yxDom=YnVsZW9yLmNvbQ==_927bc1f915095284db284dd68f5ec62f
expires
Tue, 20 Oct 2020 11:31:08 GMT
last-modified
Tue, 20 Oct 2020 11:31:08 GMT
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
x-robots-tag
noindex, nofollow, noarchive, nosnippet
set-cookie
used_ad2305802=1; expires=Wed, 21-Oct-2020 04:00:00 GMT; Max-Age=59332; path=/; domain=buleor.com; secure; HttpOnly; SameSite=None total_impressions=1; expires=Wed, 21-Oct-2020 04:00:00 GMT; Max-Age=59332; path=/; domain=buleor.com; secure; HttpOnly; SameSite=None cpa_875164=popup_551167532_4; expires=Thu, 19-Nov-2020 11:31:08 GMT; Max-Age=2592000; path=/; domain=buleor.com; secure; SameSite=None
Primary Request /
filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/
14 KB
15 KB
Document
General
Full URL
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
Requested by
Host: emula.net
URL: https://emula.net/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XAjCAArrdGAiZCdikZZpCpCjZNrxZNZxNZiACrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_72409&adApiR=loaded_string_16200e8f22ff6c774d1a532493226df6c9b3e_2305802_1603193468.3027_63593&refferer=4188647925_aHR0cDovLzY1MTMzNS55bGxpeC5jb20=&yxDom=YnVsZW9yLmNvbQ==_927bc1f915095284db284dd68f5ec62f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
12276f5ad2068e3e879ce2ec6df5865b7362cd09a20d593d617b8027b0e97ace
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
filez.top
:scheme
https
:path
/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://emula.net/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XAjCAArrdGAiZCdikZZpCpCjZNrxZNZxNZiACrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_72409&adApiR=loaded_string_16200e8f22ff6c774d1a532493226df6c9b3e_2305802_1603193468.3027_63593&refferer=4188647925_aHR0cDovLzY1MTMzNS55bGxpeC5jb20=&yxDom=YnVsZW9yLmNvbQ==_927bc1f915095284db284dd68f5ec62f
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://emula.net/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XAjCAArrdGAiZCdikZZpCpCjZNrxZNZxNZiACrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_72409&adApiR=loaded_string_16200e8f22ff6c774d1a532493226df6c9b3e_2305802_1603193468.3027_63593&refferer=4188647925_aHR0cDovLzY1MTMzNS55bGxpeC5jb20=&yxDom=YnVsZW9yLmNvbQ==_927bc1f915095284db284dd68f5ec62f

Response headers

status
200
server
nginx
date
Tue, 20 Oct 2020 11:31:08 GMT
content-type
text/html; charset=UTF-8
set-cookie
PHPSESSID=0g8r1ggrevqflf9ddrd2ek5olp; path=/; secure; HttpOnly lang=en; expires=Thu, 19-Nov-2020 11:31:08 GMT; Max-Age=2592000; path=/; domain=filez.top; secure; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-frame-options
SAMEORIGIN
bootstrap.css
filez.top/css/
143 KB
143 KB
Stylesheet
General
Full URL
https://filez.top/css/bootstrap.css
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
29a76ce16028a890e8cd5fecc8a736a2d8c07947c009a126a585ce0203d54e37
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:09 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-23a5a"
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
accept-ranges
bytes
content-length
146010
style.css
filez.top/css/
15 KB
15 KB
Stylesheet
General
Full URL
https://filez.top/css/style.css?1597303626
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
d2eb94db45a7f74266b7c1a929af3ee63a100271603a18a478493cab56bdf67c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:09 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-3c94"
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
accept-ranges
bytes
content-length
15508
responsive.css
filez.top/css/
4 KB
4 KB
Stylesheet
General
Full URL
https://filez.top/css/responsive.css
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
de9511cfb40c7781e56cae17bdc355a871f548e5726875c3b4ed319705e6c38e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:09 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-ebb"
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
accept-ranges
bytes
content-length
3771
font-awesome.css
filez.top/css/
37 KB
37 KB
Stylesheet
General
Full URL
https://filez.top/css/font-awesome.css
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:09 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-9226"
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
accept-ranges
bytes
content-length
37414
api.js
www.google.com/recaptcha/
850 B
646 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fe00a828c8984aa432d60646922198377e78dba43b704e73ab70d1fd4b9458e9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
554
x-xss-protection
1; mode=block
expires
Tue, 20 Oct 2020 11:31:08 GMT
jquery.min.js
filez.top/js/
85 KB
85 KB
Script
General
Full URL
https://filez.top/js/jquery.min.js
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:09 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-15283"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
86659
wl.js
cdn-server.top/p/
380 B
677 B
Script
General
Full URL
https://cdn-server.top/p/wl.js?pub=117937&ga=g
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.222 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.222.skhosting.eu
Software
nginx /
Resource Hash
70241f73f3ce0a337fac6ee23e67ba9141a27f153972406cc229580211734a86

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
cache
date
Tue, 20 Oct 2020 11:31:09 GMT
server
nginx
content-type
application/javascript
status
200
cache-control
max-age=3600
x-robots-tag
noindex, nofollow, noarchive, nosnippet
expires
Tue, 20 Oct 2020 12:31:09 GMT
US.gif
filez.top/images/flags/
2 KB
2 KB
Image
General
Full URL
https://filez.top/images/flags/US.gif
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
b7a053f73e5027213689a88bd30736bab51c3417eb902caf214513ae87e5581c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:09 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-859"
x-frame-options
SAMEORIGIN
content-type
image/gif
status
200
accept-ranges
bytes
content-length
2137
CZ.gif
filez.top/images/flags/
1006 B
1 KB
Image
General
Full URL
https://filez.top/images/flags/CZ.gif
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
f717f12f040829e78545332ea52a7f9af3d12781ec610768dca8c2c918d57a1b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:09 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-3ee"
x-frame-options
SAMEORIGIN
content-type
image/gif
status
200
accept-ranges
bytes
content-length
1006
ES.gif
filez.top/images/flags/
1006 B
1 KB
Image
General
Full URL
https://filez.top/images/flags/ES.gif
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
e9f8b8fabb38524354f0bd87e91a4f4e702555956d29cc6db1b899fc0b5980b0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:09 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-3ee"
x-frame-options
SAMEORIGIN
content-type
image/gif
status
200
accept-ranges
bytes
content-length
1006
AE.gif
filez.top/images/flags/
2 KB
2 KB
Image
General
Full URL
https://filez.top/images/flags/AE.gif
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
4330d94512442851e2ba5c2e9c6005f5e5d98d3a33d089ffc5206ca9517b84d7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:09 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-6af"
x-frame-options
SAMEORIGIN
content-type
image/gif
status
200
accept-ranges
bytes
content-length
1711
PT.gif
filez.top/images/flags/
2 KB
2 KB
Image
General
Full URL
https://filez.top/images/flags/PT.gif
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
03416e82636020f4110eee57af9d6e57f1768262777b430868d0709bace68407
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:09 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-859"
x-frame-options
SAMEORIGIN
content-type
image/gif
status
200
accept-ranges
bytes
content-length
2137
FR.gif
filez.top/images/flags/
1006 B
1 KB
Image
General
Full URL
https://filez.top/images/flags/FR.gif
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
1df59d2f9889b0553295fe997df9f1e5adec5a34abc798178d2cb313c6a196c9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:09 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-3ee"
x-frame-options
SAMEORIGIN
content-type
image/gif
status
200
accept-ranges
bytes
content-length
1006
DE.gif
filez.top/images/flags/
1003 B
1 KB
Image
General
Full URL
https://filez.top/images/flags/DE.gif
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
66671616f880ade1bee6a9afbced9011f1fe1b179ff9860766f700825e8bc9ae
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:09 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-3eb"
x-frame-options
SAMEORIGIN
content-type
image/gif
status
200
accept-ranges
bytes
content-length
1003
IR.gif
filez.top/images/flags/
1006 B
1 KB
Image
General
Full URL
https://filez.top/images/flags/IR.gif
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
8f1132e259789cc46b3851f3402a35e39587021cb06fb12adeb45e39a1da1cc5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:09 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-3ee"
x-frame-options
SAMEORIGIN
content-type
image/gif
status
200
accept-ranges
bytes
content-length
1006
logo.png
filez.top/images/
5 KB
5 KB
Image
General
Full URL
https://filez.top/images/logo.png
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
83f30cec310068712ce68afed7f1282ced9b022cec1abefd6eab29a913e29343
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:09 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-130c"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
accept-ranges
bytes
content-length
4876
home_icon_1.png
filez.top/images/
1 KB
1 KB
Image
General
Full URL
https://filez.top/images/home_icon_1.png
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
6388a88a40a903dac834dd1d42fe8ecfc3cdf67996020ffb7a66c3e8ce714a95
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:09 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-449"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
accept-ranges
bytes
content-length
1097
home_icon_2.png
filez.top/images/
1 KB
1 KB
Image
General
Full URL
https://filez.top/images/home_icon_2.png
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
c3d7a9181ea3eebba498c07f828f1c3925ba7cf99ba8430dd747b4255d9a05eb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:09 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-467"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
accept-ranges
bytes
content-length
1127
home_icon_3.png
filez.top/images/
1 KB
1 KB
Image
General
Full URL
https://filez.top/images/home_icon_3.png
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
d1eb492e1005fbd0b649fad1a3c60006f21ca1c1fba172eb4232569475237985
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:09 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-40b"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
accept-ranges
bytes
content-length
1035
yxbnr.js
cdn-server.xyz/a/
1 KB
1 KB
Script
General
Full URL
https://cdn-server.xyz/a/yxbnr.js
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.222 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.222.skhosting.eu
Software
nginx /
Resource Hash
042445431ce1cde5fda7a26e8e8428e08569680c139fce184e2c1476b308e1e7

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
cache
date
Tue, 20 Oct 2020 11:31:09 GMT
server
nginx
content-type
application/javascript
status
200
cache-control
max-age=21600
x-robots-tag
noindex, nofollow, noarchive, nosnippet
expires
Tue, 20 Oct 2020 17:31:09 GMT
bootstrap.min.js
filez.top/js/
36 KB
36 KB
Script
General
Full URL
https://filez.top/js/bootstrap.min.js
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:09 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-90b5"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
37045
main.js
filez.top/js/
637 B
790 B
Script
General
Full URL
https://filez.top/js/main.js
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
9e0ed50c5e8fe853e1b4293aa254b22f11b4c40c9b3494f0856639e5a96c21eb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:09 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-27d"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
637
js
www.googletagmanager.com/gtag/
94 KB
37 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-150666752-1
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a7dec5803e4a6fa6f391b5d9f0316f122e92df6bb533a718285636b2695f1e0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:09 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
last-modified
Tue, 20 Oct 2020 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 20 Oct 2020 11:31:09 GMT
css
fonts.googleapis.com/
6 KB
714 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Requested by
Host: filez.top
URL: https://filez.top/css/style.css?1597303626
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
557823206bf2873bfd61c1dbb36e7ad4d2034e8fd58a79b2198fc1b4e708ba68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://filez.top/css/style.css?1597303626
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Oct 2020 10:06:09 GMT
server
ESF
date
Tue, 20 Oct 2020 11:31:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Oct 2020 11:31:09 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/T9w1ROdplctW2nVKvNJYXH8o/
341 KB
134 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/T9w1ROdplctW2nVKvNJYXH8o/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54f3aa37078dcd01911c9da1a5fd753b5834dde5acfd90c5bd55243bba87cf6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://filez.top
Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:00:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1847
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136962
x-xss-protection
0
last-modified
Mon, 12 Oct 2020 04:11:53 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Oct 2021 11:00:22 GMT
sw.js
filez.top/
102 KB
102 KB
Script
General
Full URL
https://filez.top/sw.js?clickid=XAjCjjZikAjriCkkAppjCxCjZNrxZNZxNZiACrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_45580&subid=882395813
Requested by
Host: cdn-server.top
URL: https://cdn-server.top/p/wl.js?pub=117937&ga=g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
d134482b582256f83aad4583af70db302e0319835dda567b27b5c568d421b47e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:09 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-198b1"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
104625
/
djm080u34wfc5.cloudfront.net/
111 KB
38 KB
Script
General
Full URL
https://djm080u34wfc5.cloudfront.net/?wumjd=808860
Requested by
Host: cdn-server.top
URL: https://cdn-server.top/p/wl.js?pub=117937&ga=g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-119.fra50.r.cloudfront.net
Software
/
Resource Hash
a01b65251adfdcb2920699dc86cae8573d2c955180de7dbd4aa7f2f29f78656d

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Oct 2020 10:50:07 GMT
content-encoding
gzip
age
2462
status
200
x-cache
Hit from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
x-amz-cf-pop
FRA50-C1
content-length
38678
via
1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
x-amz-cf-id
L_U5y8cyPk1F2RcKOGOvfDv4kOoOf8m0r0ID7C4vmv9QFQdu5g7D3w==
fontawesome-webfont.woff2
filez.top/fonts/
75 KB
76 KB
Font
General
Full URL
https://filez.top/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: filez.top
URL: https://filez.top/css/font-awesome.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://filez.top
Referer
https://filez.top/css/font-awesome.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:09 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-12d68"
x-frame-options
SAMEORIGIN
content-type
font/woff2
status
200
accept-ranges
bytes
content-length
77160
pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v13/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v13/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://filez.top
Referer
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 11:20:43 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:08:52 GMT
server
sffe
age
87026
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7776
x-xss-protection
0
expires
Tue, 19 Oct 2021 11:20:43 GMT
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v13/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v13/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://filez.top
Referer
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 11:20:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:01 GMT
server
sffe
age
87033
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
expires
Tue, 19 Oct 2021 11:20:36 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v13/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v13/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://filez.top
Referer
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 11:20:43 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:13 GMT
server
sffe
age
87026
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
expires
Tue, 19 Oct 2021 11:20:43 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v13/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v13/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://filez.top
Referer
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 15:14:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:00 GMT
server
sffe
age
72996
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7988
x-xss-protection
0
expires
Tue, 19 Oct 2021 15:14:33 GMT
anchor
www.google.com/recaptcha/api2/ Frame DEDC
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfu8mwUAAAAAAK6MZWtTAa_5jOkhczTINR6LS6s&co=aHR0cHM6Ly9maWxlei50b3A6NDQz&hl=en&v=T9w1ROdplctW2nVKvNJYXH8o&size=normal&cb=pxhna9wrni3s
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/T9w1ROdplctW2nVKvNJYXH8o/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CneWwMU4Oz+cbZsv5XSAvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Lfu8mwUAAAAAAK6MZWtTAa_5jOkhczTINR6LS6s&co=aHR0cHM6Ly9maWxlei50b3A6NDQz&hl=en&v=T9w1ROdplctW2nVKvNJYXH8o&size=normal&cb=pxhna9wrni3s
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 20 Oct 2020 11:31:09 GMT
content-security-policy
script-src 'report-sample' 'nonce-CneWwMU4Oz+cbZsv5XSAvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10630
server
GSE
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ZFBRTFAfciI7DxEiPW5qRjglOCAXan5jNg08NDZ%2BED8hYyMTfjs%2Fbwc8OC87DTRsFBEOEzsmCg07ECYiDRM6JxEUIDsPKCc6CwIiHAofFigqCjgNExYTOiYTFigSPjkcEzslExYTIwsTHBM4KCIWORALOScTIxNkUWVpfHYXJTMlNFloaX5jXWVpfWNGfHM%2...
parentful.club/
38 KB
16 KB
Script
General
Full URL
https://parentful.club/ZFBRTFAfciI7DxEiPW5qRjglOCAXan5jNg08NDZ%2BED8hYyMTfjs%2Fbwc8OC87DTRsFBEOEzsmCg07ECYiDRM6JxEUIDsPKCc6CwIiHAofFigqCjgNExYTOiYTFigSPjkcEzslExYTIwsTHBM4KCIWORALOScTIxNkUWVpfHYXJTMlNFloaX5jXWVpfWNGfHM%2FPQJya318RiM8OnJecmNiZkZ8czgxAw84KHJecml8aFxlaW58RiMkLg8NNGNuakYIECYTDjoLJTslOiMlEw87EDwgDhMpDzo%2BHiM0CioKKQIKDRESPhMPOhI%2BKCciODQTDjkSPhMWFxI0Ew00Iz45JRc4DxMWD2V5ZVxgczE
Requested by
Host: filez.top
URL: https://filez.top/sw.js?clickid=XAjCjjZikAjriCkkAppjCxCjZNrxZNZxNZiACrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_45580&subid=882395813
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.86.219.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-219-129.compute-1.amazonaws.com
Software
/ Express
Resource Hash
19c7f2aac0671d5e43cc4465d5f46e3f6a571e5137a494856cee12c4f65b0f2d

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding
gzip
etag
W/"96d5-fyLa7gQ3+Oy7zoOiy8oPL119iQg"
status
200
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With,content-type
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-150666752-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
920
date
Tue, 20 Oct 2020 11:15:49 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Tue, 20 Oct 2020 13:15:49 GMT
utx
legedlunchar.top/
0
409 B
XHR
General
Full URL
https://legedlunchar.top/utx?cb=5HgjfBNyxHqX&top=filez.top&tid=808860
Requested by
Host: djm080u34wfc5.cloudfront.net
URL: https://djm080u34wfc5.cloudfront.net/?wumjd=808860
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.154.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-154-127.mxp64.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Oct 2020 11:31:10 GMT
via
1.1 bcb4a9bca5a3ff00d0520d8a78f560dc.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
MXP64-C2
status
204
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://filez.top
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
u0Evt0c43wbjWqF1UFNvLmyFUzxSDIA2AA_sA02t2m6GtthNWNAJ2w==
NwMjAw0kIDg6eCESIh9XCiE4eH8xBQ4tTzNXPyZoIiglCEBTKDs+YzUDIwwJJAEzPGscLCULTkAMBSZXFls7fFQJAhwObwo1JCc
legedlunchar.top/STlmZnYoWwULSSgEBEADO1VbQ0QPHFQgEiNUVl5GPApSERAqDEgFGiZMAgAEJlcSSBgsTUNUMB9dMD9FE2wJMTkfUiICJwwcVCAjeFEfNCF9aTNVBh1pIzc9A3gwFBMleAghHANdLw4BE3sxMzoreCMVI3hRUjMMOW4lH0cAWiAvOgJsDggz... Frame 66C5
0
0
Document
General
Full URL
https://legedlunchar.top/STlmZnYoWwULSSgEBEADO1VbQ0QPHFQgEiNUVl5GPApSERAqDEgFGiZMAgAEJlcSSBgsTUNUMB9dMD9FE2wJMTkfUiICJwwcVCAjeFEfNCF9aTNVBh1pIzc9A3gwFBMleAghHANdLw4BE3sxMzoreCMVI3hRUjMMOW4lH0cAWiAvOgJsDggzGGgTIEQ6fTccQg92MB4vA3sNFScYUlEnHx9+JVQBCHcRCT8DaF5DRA9uEQ0EHH40HiMOayAFAR9vPw4Rem8nER0IbQojMh4AISA0A2EDDgF9aBEnGxx+Ny41CkoxBQEfbyw3LDN7MDMPHH43LiABVhc8AWR0UABHMUMkMCM7ezU8FAh9Vjc4D04rNhoLUgUwNHxoCAEzHAtfLiwhASkvEQwOMVY0fXcIKzAfaj8FJh9zJwMzHEEzAS8hfgheJR8KCTEmImwtLA4LQyQ1ODBrCAE+GgpTIywuayoAMxtDJDAjfH8iJCEPQCg3LAF/NwMjAw0kIDg6eCESIh9XCiE4eH8xBQ4tTzNXPyZoIiglCEBTKDs+YzUDIwwJJAEzPGscLCULTkAMBSZXFls7fFQJAhwObwo1JCc
Requested by
Host: djm080u34wfc5.cloudfront.net
URL: https://djm080u34wfc5.cloudfront.net/?wumjd=808860
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.154.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-154-127.mxp64.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

:method
GET
:authority
legedlunchar.top
:scheme
https
:path
/STlmZnYoWwULSSgEBEADO1VbQ0QPHFQgEiNUVl5GPApSERAqDEgFGiZMAgAEJlcSSBgsTUNUMB9dMD9FE2wJMTkfUiICJwwcVCAjeFEfNCF9aTNVBh1pIzc9A3gwFBMleAghHANdLw4BE3sxMzoreCMVI3hRUjMMOW4lH0cAWiAvOgJsDggzGGgTIEQ6fTccQg92MB4vA3sNFScYUlEnHx9+JVQBCHcRCT8DaF5DRA9uEQ0EHH40HiMOayAFAR9vPw4Rem8nER0IbQojMh4AISA0A2EDDgF9aBEnGxx+Ny41CkoxBQEfbyw3LDN7MDMPHH43LiABVhc8AWR0UABHMUMkMCM7ezU8FAh9Vjc4D04rNhoLUgUwNHxoCAEzHAtfLiwhASkvEQwOMVY0fXcIKzAfaj8FJh9zJwMzHEEzAS8hfgheJR8KCTEmImwtLA4LQyQ1ODBrCAE+GgpTIywuayoAMxtDJDAjfH8iJCEPQCg3LAF/NwMjAw0kIDg6eCESIh9XCiE4eH8xBQ4tTzNXPyZoIiglCEBTKDs+YzUDIwwJJAEzPGscLCULTkAMBSZXFls7fFQJAhwObwo1JCc
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057

Response headers

status
200
content-type
text/html
content-length
1263
date
Tue, 20 Oct 2020 11:31:10 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 bcb4a9bca5a3ff00d0520d8a78f560dc.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C2
x-amz-cf-id
cy3FBU-FgLZZZ1jupIljW91QJK-0Riz3u0qbCktJYRAs5LkRqeC7Og==
collect
www.google-analytics.com/j/
1 B
423 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=49755871&t=pageview&_s=1&dl=https%3A%2F%2Ffilez.top%2Flp%2Fdd%2F1%2Fcab4129999062623b693a7e1465bf89f%2FaffC1603193468affee4ac6c377643a745a667%2F%3Fsid%3D24654057&dr=https%3A%2F%2Femula.net%2F70715d1a00%2Fbc5ff2967e%2F%3FplacementName%3DROTATOR%26type%3Da%26cv%3DXAjCAArrdGAiZCdikZZpCpCjZNrxZNZxNZiACrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_72409%26adApiR%3Dloaded_string_16200e8f22ff6c774d1a532493226df6c9b3e_2305802_1603193468.3027_63593%26refferer%3D4188647925_aHR0cDovLzY1MTMzNS55bGxpeC5jb20%3D%26yxDom%3DYnVsZW9yLmNvbQ%3D%3D_927bc1f915095284db284dd68f5ec62f&ul=en-us&de=UTF-8&dt=Filez.top%20-%20Untitled_4.zip&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=192203222&gjid=662970204&cid=5886164.1603193471&tid=UA-150666752-1&_gid=1829419732.1603193471&_r=1&gtm=2ou9u1&z=261431922
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Oct 2020 11:31:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://filez.top
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
bframe
www.google.com/recaptcha/api2/ Frame 7DD6
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=T9w1ROdplctW2nVKvNJYXH8o&k=6Lfu8mwUAAAAAAK6MZWtTAa_5jOkhczTINR6LS6s&cb=8rjunmnkrwsn
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/T9w1ROdplctW2nVKvNJYXH8o/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fpVRNpwNZiY0VmuVA3Kyzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=T9w1ROdplctW2nVKvNJYXH8o&k=6Lfu8mwUAAAAAAK6MZWtTAa_5jOkhczTINR6LS6s&cb=8rjunmnkrwsn
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 20 Oct 2020 11:31:10 GMT
content-security-policy
script-src 'report-sample' 'nonce-fpVRNpwNZiY0VmuVA3Kyzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1174
server
GSE
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
popunder.gif
nsidereturn.club/
35 B
367 B
Image
General
Full URL
https://nsidereturn.club/popunder.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.82 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-82.fra2.r.cloudfront.net
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Tue, 20 Oct 2020 11:31:11 GMT
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
status
200
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
content-length
58
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
x-amz-cf-id
rsIHzZM_-JmzqzLTUKxcQUUNoYAmnewoIWRiiCn1aL3z6bPXMsWa_A==
multi
legedlunchar.top/
4 KB
2 KB
XHR
General
Full URL
https://legedlunchar.top/multi?tid=808860&red=1&cs=QjNReG5zBWIeDyRVZhkKewVoT15y&abt=0&v=1.0.48.0&sm=76&k=&sts=64&prn=0&emb=0&fs=1&ref=https%3A%2F%2Ffilez.top%2Flp%2Fdd%2F1%2Fcab4129999062623b693a7e1465bf89f%2FaffC1603193468affee4ac6c377643a745a667%2F%3Fsid%3D24654057&osr=emula.net&jst=0&enr=0&lcua=mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_14_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F83.0.4103.61%20safari%2F537.36&tzd=2&uloc=&if=0&_6Mei=1603193471329&crc=1
Requested by
Host: djm080u34wfc5.cloudfront.net
URL: https://djm080u34wfc5.cloudfront.net/?wumjd=808860
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.154.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-154-127.mxp64.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
127e0db4fb7ca1f15f00478151e94deac3ab3259d2b0e4930487bbb6d9d134af

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193468affee4ac6c377643a745a667/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Oct 2020 11:31:11 GMT
content-encoding
gzip
server
openresty/1.17.8.2
x-amz-cf-pop
MXP64-C2
status
200
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://filez.top
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
text/plain
content-length
1881
via
1.1 bcb4a9bca5a3ff00d0520d8a78f560dc.cloudfront.net (CloudFront)
x-amz-cf-id
6gheo8tXWBlghsseb3JPhATAPciBd4qOGzYlRnbtjSyr7WTqI_bqIg==
truncated
/ Frame 4B28
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c1e4cc7644ff1698616e3b394dc02cc07aa5a5e2fe94f992de85246c467dfa9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| $ function| jQuery object| wlpush object| wdw function| grr function| dialog function| gtag object| dataLayer object| recaptcha object| closure_lm_26780 object| google_tag_manager function| s function| f9ZZ function| m7rr object| google_tag_data string| GoogleAnalyticsObject function| ga function| Fingerprint2 number| LAST_CORRECT_EVENT_TIME number| _259766530 function| fa function| yllixNetworkLoader object| gaplugins object| gaGlobal object| gaData function| T400 function| o800

5 Cookies

Domain/Path Name / Value
.filez.top/ Name: _gid
Value: GA1.2.1829419732.1603193471
.filez.top/ Name: lang
Value: en
.filez.top/ Name: _gat_gtag_UA_150666752_1
Value: 1
.filez.top/ Name: _ga
Value: GA1.2.5886164.1603193471
filez.top/ Name: PHPSESSID
Value: 0g8r1ggrevqflf9ddrd2ek5olp

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

berhilpress.info
buleor.com
cdn-server.top
cdn-server.xyz
djm080u34wfc5.cloudfront.net
emula.net
filez.top
fonts.googleapis.com
fonts.gstatic.com
legedlunchar.top
nsidereturn.club
parentful.club
riftv.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
109.234.162.107
13.224.194.82
143.204.101.119
144.217.171.217
185.66.200.159
185.66.200.220
185.66.200.222
185.66.201.34
2a00:1450:4001:801::200a
2a00:1450:4001:803::2004
2a00:1450:4001:809::200e
2a00:1450:4001:819::2004
2a00:1450:4001:81f::2003
2a00:1450:4001:820::2003
2a00:1450:4001:824::2008
52.86.219.129
99.86.154.127
03416e82636020f4110eee57af9d6e57f1768262777b430868d0709bace68407
042445431ce1cde5fda7a26e8e8428e08569680c139fce184e2c1476b308e1e7
12276f5ad2068e3e879ce2ec6df5865b7362cd09a20d593d617b8027b0e97ace
127e0db4fb7ca1f15f00478151e94deac3ab3259d2b0e4930487bbb6d9d134af
19c7f2aac0671d5e43cc4465d5f46e3f6a571e5137a494856cee12c4f65b0f2d
1df59d2f9889b0553295fe997df9f1e5adec5a34abc798178d2cb313c6a196c9
21b74ffc198ea65a899fd6bbb4156b370d99ea824520b52c2e97f0d5e80499e8
29a76ce16028a890e8cd5fecc8a736a2d8c07947c009a126a585ce0203d54e37
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
3c1e4cc7644ff1698616e3b394dc02cc07aa5a5e2fe94f992de85246c467dfa9
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
4330d94512442851e2ba5c2e9c6005f5e5d98d3a33d089ffc5206ca9517b84d7
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
54f3aa37078dcd01911c9da1a5fd753b5834dde5acfd90c5bd55243bba87cf6d
557823206bf2873bfd61c1dbb36e7ad4d2034e8fd58a79b2198fc1b4e708ba68
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6388a88a40a903dac834dd1d42fe8ecfc3cdf67996020ffb7a66c3e8ce714a95
66671616f880ade1bee6a9afbced9011f1fe1b179ff9860766f700825e8bc9ae
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70241f73f3ce0a337fac6ee23e67ba9141a27f153972406cc229580211734a86
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f30cec310068712ce68afed7f1282ced9b022cec1abefd6eab29a913e29343
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8f1132e259789cc46b3851f3402a35e39587021cb06fb12adeb45e39a1da1cc5
9e0ed50c5e8fe853e1b4293aa254b22f11b4c40c9b3494f0856639e5a96c21eb
a01b65251adfdcb2920699dc86cae8573d2c955180de7dbd4aa7f2f29f78656d
a7dec5803e4a6fa6f391b5d9f0316f122e92df6bb533a718285636b2695f1e0d
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b7a053f73e5027213689a88bd30736bab51c3417eb902caf214513ae87e5581c
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
c3d7a9181ea3eebba498c07f828f1c3925ba7cf99ba8430dd747b4255d9a05eb
d134482b582256f83aad4583af70db302e0319835dda567b27b5c568d421b47e
d1eb492e1005fbd0b649fad1a3c60006f21ca1c1fba172eb4232569475237985
d2eb94db45a7f74266b7c1a929af3ee63a100271603a18a478493cab56bdf67c
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
de9511cfb40c7781e56cae17bdc355a871f548e5726875c3b4ed319705e6c38e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9f8b8fabb38524354f0bd87e91a4f4e702555956d29cc6db1b899fc0b5980b0
f717f12f040829e78545332ea52a7f9af3d12781ec610768dca8c2c918d57a1b
fe00a828c8984aa432d60646922198377e78dba43b704e73ab70d1fd4b9458e9