urlscan.io logo urlscan.io
SecurityTrails logo

filez.top Open in urlscan Pro
185.66.200.159  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://berhilpress.info/r.php?v=dD1jJmQ9OTI1NiZsPTc5OCZjPTUyODc3OA==
Effective URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
Submission: On October 20 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 5 countries across 16 domains to perform 43 HTTP transactions. The main IP is 185.66.200.159, located in Slovakia and belongs to SKHOSTING-EU, SK. The main domain is filez.top.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 8th 2020. Valid for: 3 months.
This is the only time filez.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 144.217.171.217 16276 (OVH)
1 1 109.234.162.107 50474 (O2SWITCH)
1 1 185.66.200.220 201702 (SKHOSTING-EU)
1 185.66.201.34 201702 (SKHOSTING-EU)
22 185.66.200.159 201702 (SKHOSTING-EU)
3 2a00:1450:400... 15169 (GOOGLE)
2 185.66.200.222 201702 (SKHOSTING-EU)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 143.204.101.119 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 54.144.3.29 14618 (AMAZON-AES)
3 99.86.154.127 16509 (AMAZON-02)
1 99.86.2.110 16509 (AMAZON-02)
43 14
1    144.217.171.217 (Beauharnois, Canada)

ASN16276 (OVH, FR)
berhilpress.info
1    109.234.162.107 (France)

ASN50474 (O2SWITCH, FR)
PTR: 109-234-162-107.reverse.odns.fr
riftv.net
1    185.66.200.220 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.220.skhosting.eu
buleor.com
1    185.66.201.34 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: at-public.skhosting.eu
emula.net
22    185.66.200.159 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: filez.ag
filez.top
3    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    185.66.200.222 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.222.skhosting.eu
cdn-server.top
cdn-server.xyz
1    2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    143.204.101.119 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-119.fra50.r.cloudfront.net
djm080u34wfc5.cloudfront.net
4    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    54.144.3.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-3-29.compute-1.amazonaws.com
parentful.club
3    99.86.154.127 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-154-127.mxp64.r.cloudfront.net
legedlunchar.top
1    99.86.2.110 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-110.fra6.r.cloudfront.net
nsidereturn.club
Domain Requested by
22 filez.top emula.net
filez.top
cdn-server.top
4 fonts.gstatic.com fonts.googleapis.com
3 legedlunchar.top djm080u34wfc5.cloudfront.net
3 www.google.com filez.top
www.gstatic.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 nsidereturn.club
1 parentful.club filez.top
1 djm080u34wfc5.cloudfront.net cdn-server.top
1 www.gstatic.com www.google.com
1 fonts.googleapis.com filez.top
1 www.googletagmanager.com filez.top
1 cdn-server.xyz filez.top
1 cdn-server.top filez.top
1 emula.net
1 buleor.com 1 redirects
1 riftv.net 1 redirects
1 berhilpress.info 1 redirects
43 17

This site contains links to these domains. Also see Links.

Domain
advertica.ae
Subject Issuer Validity Valid
emula.net
Let's Encrypt Authority X3		 2020-09-01 -
2020-11-30		 3 months crt.sh
filez.top
Let's Encrypt Authority X3		 2020-09-08 -
2020-12-07		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
cdn-server.top
Let's Encrypt Authority X3		 2020-10-15 -
2021-01-13		 3 months crt.sh
cdn-server.xyz
Let's Encrypt Authority X3		 2020-09-01 -
2020-11-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
parentful.club
Let's Encrypt Authority X3		 2020-09-22 -
2020-12-21		 3 months crt.sh
legedlunchar.top
Amazon		 2020-10-04 -
2021-11-03		 a year crt.sh
nsidereturn.club
Amazon		 2020-09-06 -
2021-10-06		 a year crt.sh

This page contains 5 frames:

Primary Page: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
Frame ID: 90F3CF014010B104B3B1E1808512A770
Requests: 40 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfu8mwUAAAAAAK6MZWtTAa_5jOkhczTINR6LS6s&co=aHR0cHM6Ly9maWxlei50b3A6NDQz&hl=en&v=T9w1ROdplctW2nVKvNJYXH8o&size=normal&cb=sg286pectts
Frame ID: 8B9DBD0275E13E1E9FA724A2A3DAB927
Requests: 1 HTTP requests in this frame

Frame: https://legedlunchar.top/QnNGcmsjESUfVCNOJFQeMB97V1kEVnQ0DygedkpbN0ByBQ0hRmgRBy0GIhQZLR0yXAUnB2NALS8mKDRaDx8TCiMqBxMTAhsqAyNSNiotHiUANBBCLDUpIj0SCD4CNTJ6OSxKXRAeDBolOyEcERIbPwMjUiwXBEI+GjcMBD06MSU8BnsyE0MmOj4DCikEMAMbIypHFj8RISQDQiIxOhQnLBMrCxwuBxsgPQIlKgEkX3IXdj8RAEAyGz0HEAUUP3oiAB4YdTkuRiwVHQQaJnMyByg/MRUHJAh3F3Y8LRoJFwo9BxAFPQIEJhQFIjYXdjwtA0ETPDoHXgAGMgoHEyAcC0MPFS4YJT87WAcLcxAiGhcCPxwmHhwkUgUxDjAMEyV3KDsRKiU1OSYdAyQ5CjIsGVwFGwcqMXA6ETctB1Z0MDsUGxczLBcLASMPJjwCFj4QQBQGMhRKADosBBkXJzIhKnQ8PhAEDx8mOhATIy86QBcIJgopKyQNEBQUCCFyBBQzPBgbAzAmABECMCIHIhNBMToiFyQvBAIANzoEKSsrPxA1HwoyACYXJypkGTUdBTJOPyYCNj0JBlxxNRcZ
Frame ID: D18301A5C6DF4278D8BC5C2724839536
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=T9w1ROdplctW2nVKvNJYXH8o&k=6Lfu8mwUAAAAAAK6MZWtTAa_5jOkhczTINR6LS6s&cb=mk4jckux9v3l
Frame ID: 8CF4CA8E09ACA0197D487E6113F7016F
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: C7C02F03418ECD2012AE67BFCECA61D3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://berhilpress.info/r.php?v=dD1jJmQ9OTI1NiZsPTc5OCZjPTUyODc3OA== HTTP 302
    https://riftv.net/dYzmv?sub1=1&sub2=9256&sub3=12318&sub4=798&sub5=528778 HTTP 301
    https://buleor.com/fullpage.php?section=General&pub=651335&ga=a HTTP 302
    https://emula.net/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XrdiCAArrdGAiZCdikZZp... Page URL
  2. https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a6... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

43
Requests

100 %
HTTPS

38 %
IPv6

16
Domains

17
Subdomains

14
IPs

5
Countries

815 kB
Transfer

1204 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://berhilpress.info/r.php?v=dD1jJmQ9OTI1NiZsPTc5OCZjPTUyODc3OA== HTTP 302
    https://riftv.net/dYzmv?sub1=1&sub2=9256&sub3=12318&sub4=798&sub5=528778 HTTP 301
    https://buleor.com/fullpage.php?section=General&pub=651335&ga=a HTTP 302
    https://emula.net/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XrdiCAArrdGAiZCdikZZpCpCrjANZrZNrGrNdGCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_39525&adApiR=loaded_string_406021e700fd3b56d5e5ac77e1b415f1437b5_2305802_1603193465.8045_70775&refferer=4188647925_aHR0cDovLzY1MTMzNS55bGxpeC5jb20=&yxDom=YnVsZW9yLmNvbQ==_927bc1f915095284db284dd68f5ec62f Page URL
  2. https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://berhilpress.info/r.php?v=dD1jJmQ9OTI1NiZsPTc5OCZjPTUyODc3OA== HTTP 302
  • https://riftv.net/dYzmv?sub1=1&sub2=9256&sub3=12318&sub4=798&sub5=528778 HTTP 301
  • https://buleor.com/fullpage.php?section=General&pub=651335&ga=a HTTP 302
  • https://emula.net/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XrdiCAArrdGAiZCdikZZpCpCrjANZrZNrGrNdGCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_39525&adApiR=loaded_string_406021e700fd3b56d5e5ac77e1b415f1437b5_2305802_1603193465.8045_70775&refferer=4188647925_aHR0cDovLzY1MTMzNS55bGxpeC5jb20=&yxDom=YnVsZW9yLmNvbQ==_927bc1f915095284db284dd68f5ec62f

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
emula.net/70715d1a00/bc5ff2967e/
Redirect Chain
  • http://berhilpress.info/r.php?v=dD1jJmQ9OTI1NiZsPTc5OCZjPTUyODc3OA==
  • https://riftv.net/dYzmv?sub1=1&sub2=9256&sub3=12318&sub4=798&sub5=528778
  • https://buleor.com/fullpage.php?section=General&pub=651335&ga=a
  • https://emula.net/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XrdiCAArrdGAiZCdikZZpCpCrjANZrZNrGrNdGCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_39525&adApiR=loaded_string_406021e700fd3b56d5e5ac77...
412 B
584 B 		Document
General
Check archive.org
Download Go to
Full URL
https://emula.net/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XrdiCAArrdGAiZCdikZZpCpCrjANZrZNrGrNdGCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_39525&adApiR=loaded_string_406021e700fd3b56d5e5ac77e1b415f1437b5_2305802_1603193465.8045_70775&refferer=4188647925_aHR0cDovLzY1MTMzNS55bGxpeC5jb20=&yxDom=YnVsZW9yLmNvbQ==_927bc1f915095284db284dd68f5ec62f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.201.34 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
at-public.skhosting.eu
Software
nginx /
Resource Hash
2b019ec043446c43123e52615f7296b4a5ebb3547c1d95bdfbe9e78c420bb1c2

Request headers

:method
GET
:authority
emula.net
:scheme
https
:path
/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XrdiCAArrdGAiZCdikZZpCpCrjANZrZNrGrNdGCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_39525&adApiR=loaded_string_406021e700fd3b56d5e5ac77e1b415f1437b5_2305802_1603193465.8045_70775&refferer=4188647925_aHR0cDovLzY1MTMzNS55bGxpeC5jb20=&yxDom=YnVsZW9yLmNvbQ==_927bc1f915095284db284dd68f5ec62f
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
nginx
date
Tue, 20 Oct 2020 11:31:06 GMT
content-type
text/html; charset=UTF-8
set-cookie
total_impressions=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; secure; SameSite=None used_ad2305802=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; SameSite=None
expires
Sun, 01 Jan 2014 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
x-robots-tag
noindex,nofollow
content-encoding
br

Redirect headers

status
302
server
nginx
date
Tue, 20 Oct 2020 11:31:06 GMT
content-type
text/html; charset=UTF-8
location
https://emula.net/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XrdiCAArrdGAiZCdikZZpCpCrjANZrZNrGrNdGCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_39525&adApiR=loaded_string_406021e700fd3b56d5e5ac77e1b415f1437b5_2305802_1603193465.8045_70775&refferer=4188647925_aHR0cDovLzY1MTMzNS55bGxpeC5jb20=&yxDom=YnVsZW9yLmNvbQ==_927bc1f915095284db284dd68f5ec62f
expires
Tue, 20 Oct 2020 11:31:05 GMT
last-modified
Tue, 20 Oct 2020 11:31:05 GMT
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
x-robots-tag
noindex, nofollow, noarchive, nosnippet
set-cookie
used_ad2305802=1; expires=Wed, 21-Oct-2020 04:00:00 GMT; Max-Age=59334; path=/; domain=buleor.com; secure; HttpOnly; SameSite=None total_impressions=1; expires=Wed, 21-Oct-2020 04:00:00 GMT; Max-Age=59334; path=/; domain=buleor.com; secure; HttpOnly; SameSite=None cpa_875164=popup_551167532_4; expires=Thu, 19-Nov-2020 11:31:06 GMT; Max-Age=2592000; path=/; domain=buleor.com; secure; SameSite=None
Primary Request /
filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/ 		14 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
Requested by
Host: emula.net
URL: https://emula.net/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XrdiCAArrdGAiZCdikZZpCpCrjANZrZNrGrNdGCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_39525&adApiR=loaded_string_406021e700fd3b56d5e5ac77e1b415f1437b5_2305802_1603193465.8045_70775&refferer=4188647925_aHR0cDovLzY1MTMzNS55bGxpeC5jb20=&yxDom=YnVsZW9yLmNvbQ==_927bc1f915095284db284dd68f5ec62f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
1716cd70e5c5965c7cfd76848d117f2ce1b6aa27198e224ff700607b0d937244
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
filez.top
:scheme
https
:path
/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://emula.net/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XrdiCAArrdGAiZCdikZZpCpCrjANZrZNrGrNdGCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_39525&adApiR=loaded_string_406021e700fd3b56d5e5ac77e1b415f1437b5_2305802_1603193465.8045_70775&refferer=4188647925_aHR0cDovLzY1MTMzNS55bGxpeC5jb20=&yxDom=YnVsZW9yLmNvbQ==_927bc1f915095284db284dd68f5ec62f
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://emula.net/70715d1a00/bc5ff2967e/?placementName=ROTATOR&type=a&cv=XrdiCAArrdGAiZCdikZZpCpCrjANZrZNrGrNdGCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_39525&adApiR=loaded_string_406021e700fd3b56d5e5ac77e1b415f1437b5_2305802_1603193465.8045_70775&refferer=4188647925_aHR0cDovLzY1MTMzNS55bGxpeC5jb20=&yxDom=YnVsZW9yLmNvbQ==_927bc1f915095284db284dd68f5ec62f

Response headers

status
200
server
nginx
date
Tue, 20 Oct 2020 11:31:06 GMT
content-type
text/html; charset=UTF-8
set-cookie
PHPSESSID=jrp6i8299d2mdg2is3ab43899u; path=/; secure; HttpOnly lang=en; expires=Thu, 19-Nov-2020 11:31:06 GMT; Max-Age=2592000; path=/; domain=filez.top; secure; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-frame-options
SAMEORIGIN
bootstrap.css
filez.top/css/ 		143 KB
143 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://filez.top/css/bootstrap.css
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
29a76ce16028a890e8cd5fecc8a736a2d8c07947c009a126a585ce0203d54e37
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:06 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-23a5a"
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
accept-ranges
bytes
content-length
146010
style.css
filez.top/css/ 		15 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://filez.top/css/style.css?1597303626
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
d2eb94db45a7f74266b7c1a929af3ee63a100271603a18a478493cab56bdf67c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:06 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-3c94"
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
accept-ranges
bytes
content-length
15508
responsive.css
filez.top/css/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://filez.top/css/responsive.css
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
de9511cfb40c7781e56cae17bdc355a871f548e5726875c3b4ed319705e6c38e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:06 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-ebb"
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
accept-ranges
bytes
content-length
3771
font-awesome.css
filez.top/css/ 		37 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://filez.top/css/font-awesome.css
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:06 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-9226"
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
accept-ranges
bytes
content-length
37414
api.js
www.google.com/recaptcha/ 		850 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fe00a828c8984aa432d60646922198377e78dba43b704e73ab70d1fd4b9458e9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
554
x-xss-protection
1; mode=block
expires
Tue, 20 Oct 2020 11:31:06 GMT
jquery.min.js
filez.top/js/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filez.top/js/jquery.min.js
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:06 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-15283"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
86659
wl.js
cdn-server.top/p/ 		382 B
679 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-server.top/p/wl.js?pub=117937&ga=g
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.222 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.222.skhosting.eu
Software
nginx /
Resource Hash
6d94258b84ca6d2efcc28f40dd809a20a72137797b4616827b519bc1e5ded6b0

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
cache
date
Tue, 20 Oct 2020 11:31:07 GMT
server
nginx
content-type
application/javascript
status
200
cache-control
max-age=3600
x-robots-tag
noindex, nofollow, noarchive, nosnippet
expires
Tue, 20 Oct 2020 12:31:07 GMT
US.gif
filez.top/images/flags/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filez.top/images/flags/US.gif
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
b7a053f73e5027213689a88bd30736bab51c3417eb902caf214513ae87e5581c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:06 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-859"
x-frame-options
SAMEORIGIN
content-type
image/gif
status
200
accept-ranges
bytes
content-length
2137
CZ.gif
filez.top/images/flags/ 		1006 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filez.top/images/flags/CZ.gif
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
f717f12f040829e78545332ea52a7f9af3d12781ec610768dca8c2c918d57a1b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:06 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-3ee"
x-frame-options
SAMEORIGIN
content-type
image/gif
status
200
accept-ranges
bytes
content-length
1006
ES.gif
filez.top/images/flags/ 		1006 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filez.top/images/flags/ES.gif
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
e9f8b8fabb38524354f0bd87e91a4f4e702555956d29cc6db1b899fc0b5980b0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:07 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-3ee"
x-frame-options
SAMEORIGIN
content-type
image/gif
status
200
accept-ranges
bytes
content-length
1006
AE.gif
filez.top/images/flags/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filez.top/images/flags/AE.gif
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
4330d94512442851e2ba5c2e9c6005f5e5d98d3a33d089ffc5206ca9517b84d7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:07 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-6af"
x-frame-options
SAMEORIGIN
content-type
image/gif
status
200
accept-ranges
bytes
content-length
1711
PT.gif
filez.top/images/flags/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filez.top/images/flags/PT.gif
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
03416e82636020f4110eee57af9d6e57f1768262777b430868d0709bace68407
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:07 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-859"
x-frame-options
SAMEORIGIN
content-type
image/gif
status
200
accept-ranges
bytes
content-length
2137
FR.gif
filez.top/images/flags/ 		1006 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filez.top/images/flags/FR.gif
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
1df59d2f9889b0553295fe997df9f1e5adec5a34abc798178d2cb313c6a196c9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:07 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-3ee"
x-frame-options
SAMEORIGIN
content-type
image/gif
status
200
accept-ranges
bytes
content-length
1006
DE.gif
filez.top/images/flags/ 		1003 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filez.top/images/flags/DE.gif
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
66671616f880ade1bee6a9afbced9011f1fe1b179ff9860766f700825e8bc9ae
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:07 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-3eb"
x-frame-options
SAMEORIGIN
content-type
image/gif
status
200
accept-ranges
bytes
content-length
1003
IR.gif
filez.top/images/flags/ 		1006 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filez.top/images/flags/IR.gif
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
8f1132e259789cc46b3851f3402a35e39587021cb06fb12adeb45e39a1da1cc5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:07 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-3ee"
x-frame-options
SAMEORIGIN
content-type
image/gif
status
200
accept-ranges
bytes
content-length
1006
logo.png
filez.top/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filez.top/images/logo.png
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
83f30cec310068712ce68afed7f1282ced9b022cec1abefd6eab29a913e29343
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:07 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-130c"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
accept-ranges
bytes
content-length
4876
home_icon_1.png
filez.top/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filez.top/images/home_icon_1.png
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
6388a88a40a903dac834dd1d42fe8ecfc3cdf67996020ffb7a66c3e8ce714a95
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:07 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-449"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
accept-ranges
bytes
content-length
1097
home_icon_2.png
filez.top/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filez.top/images/home_icon_2.png
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
c3d7a9181ea3eebba498c07f828f1c3925ba7cf99ba8430dd747b4255d9a05eb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:07 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-467"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
accept-ranges
bytes
content-length
1127
home_icon_3.png
filez.top/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filez.top/images/home_icon_3.png
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
d1eb492e1005fbd0b649fad1a3c60006f21ca1c1fba172eb4232569475237985
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:07 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-40b"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
accept-ranges
bytes
content-length
1035
yxbnr.js
cdn-server.xyz/a/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-server.xyz/a/yxbnr.js
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.222 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.222.skhosting.eu
Software
nginx /
Resource Hash
042445431ce1cde5fda7a26e8e8428e08569680c139fce184e2c1476b308e1e7

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
cache
date
Tue, 20 Oct 2020 11:31:07 GMT
server
nginx
content-type
application/javascript
status
200
cache-control
max-age=21600
x-robots-tag
noindex, nofollow, noarchive, nosnippet
expires
Tue, 20 Oct 2020 17:31:07 GMT
bootstrap.min.js
filez.top/js/ 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filez.top/js/bootstrap.min.js
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:06 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-90b5"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
37045
main.js
filez.top/js/ 		637 B
790 B 		Script
General
Check archive.org
Download Go to
Full URL
https://filez.top/js/main.js
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
9e0ed50c5e8fe853e1b4293aa254b22f11b4c40c9b3494f0856639e5a96c21eb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:06 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-27d"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
637
js
www.googletagmanager.com/gtag/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-150666752-1
Requested by
Host: filez.top
URL: https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a7dec5803e4a6fa6f391b5d9f0316f122e92df6bb533a718285636b2695f1e0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:07 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
last-modified
Tue, 20 Oct 2020 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 20 Oct 2020 11:31:07 GMT
css
fonts.googleapis.com/ 		6 KB
714 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Requested by
Host: filez.top
URL: https://filez.top/css/style.css?1597303626
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
557823206bf2873bfd61c1dbb36e7ad4d2034e8fd58a79b2198fc1b4e708ba68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://filez.top/css/style.css?1597303626
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Oct 2020 11:14:57 GMT
server
ESF
date
Tue, 20 Oct 2020 11:31:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Oct 2020 11:31:06 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/T9w1ROdplctW2nVKvNJYXH8o/ 		341 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/T9w1ROdplctW2nVKvNJYXH8o/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54f3aa37078dcd01911c9da1a5fd753b5834dde5acfd90c5bd55243bba87cf6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://filez.top
Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 10:40:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3044
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136962
x-xss-protection
0
last-modified
Mon, 12 Oct 2020 04:11:53 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Oct 2021 10:40:23 GMT
sw.js
filez.top/ 		102 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filez.top/sw.js?clickid=XrdiCjjZikAjriCkkAppjCxCrjANZrZNrGrNdGCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_84867&subid=882395813
Requested by
Host: cdn-server.top
URL: https://cdn-server.top/p/wl.js?pub=117937&ga=g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
d134482b582256f83aad4583af70db302e0319835dda567b27b5c568d421b47e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:07 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-198b1"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
104625
/
djm080u34wfc5.cloudfront.net/ 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://djm080u34wfc5.cloudfront.net/?wumjd=808860
Requested by
Host: cdn-server.top
URL: https://cdn-server.top/p/wl.js?pub=117937&ga=g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-119.fra50.r.cloudfront.net
Software
/
Resource Hash
544bbfd8830aa820c1d2fdfae6ac72efb67cf3b9245723e0f333576579fb341c

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Oct 2020 10:55:40 GMT
content-encoding
gzip
age
2127
status
200
x-cache
Hit from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
x-amz-cf-pop
FRA50-C1
content-length
38679
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
x-amz-cf-id
rMoYvc5hyeJAwv7sKYFDNKYTDFKpgsvb0nXiOzuv_-41lIgto_xroQ==
fontawesome-webfont.woff2
filez.top/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://filez.top/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: filez.top
URL: https://filez.top/css/font-awesome.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.159 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
filez.ag
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://filez.top
Referer
https://filez.top/css/font-awesome.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:31:07 GMT
last-modified
Thu, 13 Aug 2020 07:27:06 GMT
server
nginx
etag
"5f34eb4a-12d68"
x-frame-options
SAMEORIGIN
content-type
font/woff2
status
200
accept-ranges
bytes
content-length
77160
pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v13/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v13/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://filez.top
Referer
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 11:20:43 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:08:52 GMT
server
sffe
age
87024
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7776
x-xss-protection
0
expires
Tue, 19 Oct 2021 11:20:43 GMT
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v13/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v13/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://filez.top
Referer
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 11:20:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:01 GMT
server
sffe
age
87031
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
expires
Tue, 19 Oct 2021 11:20:36 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v13/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v13/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://filez.top
Referer
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 11:20:43 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:13 GMT
server
sffe
age
87024
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
expires
Tue, 19 Oct 2021 11:20:43 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v13/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v13/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://filez.top
Referer
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 15:14:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:00 GMT
server
sffe
age
72994
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7988
x-xss-protection
0
expires
Tue, 19 Oct 2021 15:14:33 GMT
anchor
www.google.com/recaptcha/api2/ Frame 8B9D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfu8mwUAAAAAAK6MZWtTAa_5jOkhczTINR6LS6s&co=aHR0cHM6Ly9maWxlei50b3A6NDQz&hl=en&v=T9w1ROdplctW2nVKvNJYXH8o&size=normal&cb=sg286pectts
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/T9w1ROdplctW2nVKvNJYXH8o/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dhG9WFhSgl1VWeyZYHQ1+w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Lfu8mwUAAAAAAK6MZWtTAa_5jOkhczTINR6LS6s&co=aHR0cHM6Ly9maWxlei50b3A6NDQz&hl=en&v=T9w1ROdplctW2nVKvNJYXH8o&size=normal&cb=sg286pectts
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 20 Oct 2020 11:31:07 GMT
content-security-policy
script-src 'report-sample' 'nonce-dhG9WFhSgl1VWeyZYHQ1+w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
11206
server
GSE
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-150666752-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
918
date
Tue, 20 Oct 2020 11:15:49 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Tue, 20 Oct 2020 13:15:49 GMT
blNVTEQVcSY7GxshOW5%2BTDshODQdaXpjIgc%2FMDZqGjwlYzcZfT8%2Few0%2FPC8vBzdoFDYKOhYmLjQ6Pg0uHDoWJy8vIyUmBxYQJyYFIAknFgocFCcCICkQJw8vBBAnNAccOi0PLgcQJw82KRAtDy0KISclBSk6Fg82MWthdHJZdSY5Jgc3aHR8XGBseXxfY...
parentful.club/ 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://parentful.club/blNVTEQVcSY7GxshOW5%2BTDshODQdaXpjIgc%2FMDZqGjwlYzcZfT8%2Few0%2FPC8vBzdoFDYKOhYmLjQ6Pg0uHDoWJy8vIyUmBxYQJyYFIAknFgocFCcCICkQJw8vBBAnNAccOi0PLgcQJw82KRAtDy0KISclBSk6Fg82MWthdHJZdSY5Jgc3aHR8XGBseXxfYHdgZh0%2BM25%2BX393PykYcW9udkBld2BmGjIyEy0KcW9ufF5rbXl8TH93PzEMDDwodkxpdxQ2CjoWJi40Oj4NLhw6FicvLyMlJgcWECcmBSAJJxYKHBQnAiApECcPLwQQJzQHHDotDy4HECcPNikQLQ8tCiEnJQUpOhYPNjFrYXRyWXEo
Requested by
Host: filez.top
URL: https://filez.top/sw.js?clickid=XrdiCjjZikAjriCkkAppjCxCrjANZrZNrGrNdGCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_84867&subid=882395813
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.144.3.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-3-29.compute-1.amazonaws.com
Software
/ Express
Resource Hash
3840944020f1f85807153682d801f4304d82d4a8fdc203bb30a1f3ddc06dfaa4

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding
gzip
etag
W/"96da-0diqqhk5oHyJGwGaYIya5w0i11Q"
status
200
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With,content-type
collect
www.google-analytics.com/j/ 		1 B
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=867068591&t=pageview&_s=1&dl=https%3A%2F%2Ffilez.top%2Flp%2Fdd%2F1%2Fcab4129999062623b693a7e1465bf89f%2FaffC1603193466aff4da00fe97323a228a696%2F%3Fsid%3D24654057&dr=https%3A%2F%2Femula.net%2F70715d1a00%2Fbc5ff2967e%2F%3FplacementName%3DROTATOR%26type%3Da%26cv%3DXrdiCAArrdGAiZCdikZZpCpCrjANZrZNrGrNdGCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_39525%26adApiR%3Dloaded_string_406021e700fd3b56d5e5ac77e1b415f1437b5_2305802_1603193465.8045_70775%26refferer%3D4188647925_aHR0cDovLzY1MTMzNS55bGxpeC5jb20%3D%26yxDom%3DYnVsZW9yLmNvbQ%3D%3D_927bc1f915095284db284dd68f5ec62f&ul=en-us&de=UTF-8&dt=Filez.top%20-%20Untitled_4.zip&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1937410145&gjid=1261699863&cid=534437643.1603193468&tid=UA-150666752-1&_gid=2080213464.1603193468&_r=1&gtm=2ou9u1&z=602933225
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Oct 2020 11:31:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://filez.top
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
utx
legedlunchar.top/ 		0
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://legedlunchar.top/utx?cb=BJZ78ScasDaE&top=filez.top&tid=808860
Requested by
Host: djm080u34wfc5.cloudfront.net
URL: https://djm080u34wfc5.cloudfront.net/?wumjd=808860
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.154.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-154-127.mxp64.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Oct 2020 11:31:09 GMT
via
1.1 bc4e4c44abae4a5bb17b234953976b89.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
MXP64-C2
status
204
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://filez.top
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
sLvylb7oqPppmFux5Od_AWe5bxOy_SrQ1DnHj4hfv8KJWam7hndssA==
MRUHJAh3F3Y8LRoJFwo9BxAFPQIEJhQFIjYXdjwtA0ETPDoHXgAGMgoHEyAcC0MPFS4YJT87WAcLcxAiGhcCPxwmHhwkUgUxDjAMEyV3KDsRKiU1OSYdAyQ5CjIsGVwFGwcqMXA6ETctB1Z0MDsUGxczLBcLASMPJjwCFj4QQBQGMhRKADosBBkXJzIhKnQ8PhAED...
legedlunchar.top/QnNGcmsjESUfVCNOJFQeMB97V1kEVnQ0DygedkpbN0ByBQ0hRmgRBy0GIhQZLR0yXAUnB2NALS8mKDRaDx8TCiMqBxMTAhsqAyNSNiotHiUANBBCLDUpIj0SCD4CNTJ6OSxKXRAeDBolOyEcERIbPwMjUiwXBEI+GjcMBD06MSU8BnsyE0Mm... Frame D183 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://legedlunchar.top/QnNGcmsjESUfVCNOJFQeMB97V1kEVnQ0DygedkpbN0ByBQ0hRmgRBy0GIhQZLR0yXAUnB2NALS8mKDRaDx8TCiMqBxMTAhsqAyNSNiotHiUANBBCLDUpIj0SCD4CNTJ6OSxKXRAeDBolOyEcERIbPwMjUiwXBEI+GjcMBD06MSU8BnsyE0MmOj4DCikEMAMbIypHFj8RISQDQiIxOhQnLBMrCxwuBxsgPQIlKgEkX3IXdj8RAEAyGz0HEAUUP3oiAB4YdTkuRiwVHQQaJnMyByg/MRUHJAh3F3Y8LRoJFwo9BxAFPQIEJhQFIjYXdjwtA0ETPDoHXgAGMgoHEyAcC0MPFS4YJT87WAcLcxAiGhcCPxwmHhwkUgUxDjAMEyV3KDsRKiU1OSYdAyQ5CjIsGVwFGwcqMXA6ETctB1Z0MDsUGxczLBcLASMPJjwCFj4QQBQGMhRKADosBBkXJzIhKnQ8PhAEDx8mOhATIy86QBcIJgopKyQNEBQUCCFyBBQzPBgbAzAmABECMCIHIhNBMToiFyQvBAIANzoEKSsrPxA1HwoyACYXJypkGTUdBTJOPyYCNj0JBlxxNRcZ
Requested by
Host: djm080u34wfc5.cloudfront.net
URL: https://djm080u34wfc5.cloudfront.net/?wumjd=808860
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.154.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-154-127.mxp64.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

:method
GET
:authority
legedlunchar.top
:scheme
https
:path
/QnNGcmsjESUfVCNOJFQeMB97V1kEVnQ0DygedkpbN0ByBQ0hRmgRBy0GIhQZLR0yXAUnB2NALS8mKDRaDx8TCiMqBxMTAhsqAyNSNiotHiUANBBCLDUpIj0SCD4CNTJ6OSxKXRAeDBolOyEcERIbPwMjUiwXBEI+GjcMBD06MSU8BnsyE0MmOj4DCikEMAMbIypHFj8RISQDQiIxOhQnLBMrCxwuBxsgPQIlKgEkX3IXdj8RAEAyGz0HEAUUP3oiAB4YdTkuRiwVHQQaJnMyByg/MRUHJAh3F3Y8LRoJFwo9BxAFPQIEJhQFIjYXdjwtA0ETPDoHXgAGMgoHEyAcC0MPFS4YJT87WAcLcxAiGhcCPxwmHhwkUgUxDjAMEyV3KDsRKiU1OSYdAyQ5CjIsGVwFGwcqMXA6ETctB1Z0MDsUGxczLBcLASMPJjwCFj4QQBQGMhRKADosBBkXJzIhKnQ8PhAEDx8mOhATIy86QBcIJgopKyQNEBQUCCFyBBQzPBgbAzAmABECMCIHIhNBMToiFyQvBAIANzoEKSsrPxA1HwoyACYXJypkGTUdBTJOPyYCNj0JBlxxNRcZ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057

Response headers

status
200
content-type
text/html
content-length
1261
date
Tue, 20 Oct 2020 11:31:09 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 bc4e4c44abae4a5bb17b234953976b89.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C2
x-amz-cf-id
1ECHrJ5idvRkX5I2mc3_RkrLkYy14E_4WHkDbut-SPi7Mh5Q-EpVOQ==
bframe
www.google.com/recaptcha/api2/ Frame 8CF4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=T9w1ROdplctW2nVKvNJYXH8o&k=6Lfu8mwUAAAAAAK6MZWtTAa_5jOkhczTINR6LS6s&cb=mk4jckux9v3l
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/T9w1ROdplctW2nVKvNJYXH8o/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jOZ59VcD5Y6U+F/K/WVhiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=T9w1ROdplctW2nVKvNJYXH8o&k=6Lfu8mwUAAAAAAK6MZWtTAa_5jOkhczTINR6LS6s&cb=mk4jckux9v3l
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 20 Oct 2020 11:31:09 GMT
content-security-policy
script-src 'report-sample' 'nonce-jOZ59VcD5Y6U+F/K/WVhiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1173
server
GSE
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
popunder.gif
nsidereturn.club/ 		35 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nsidereturn.club/popunder.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.110 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-110.fra6.r.cloudfront.net
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Tue, 20 Oct 2020 11:31:09 GMT
content-encoding
gzip
x-amz-cf-pop
FRA6-C1
status
200
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
content-length
58
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-cf-id
kL65X_awYOUz1ghnb3MLF6xS82VAte1mndINUK6hIlSZs4ha4DeUBg==
multi
legedlunchar.top/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://legedlunchar.top/multi?tid=808860&red=1&cs=bDZYYVNdAGsHMgpQb1VnW1A5AmNc&abt=0&v=1.0.48.0&sm=76&k=&sts=64&prn=0&emb=0&fs=1&ref=https%3A%2F%2Ffilez.top%2Flp%2Fdd%2F1%2Fcab4129999062623b693a7e1465bf89f%2FaffC1603193466aff4da00fe97323a228a696%2F%3Fsid%3D24654057&osr=emula.net&jst=0&enr=0&lcua=mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_14_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F83.0.4103.61%20safari%2F537.36&tzd=2&uloc=&if=0&_bLox=1603193469621&crc=1
Requested by
Host: djm080u34wfc5.cloudfront.net
URL: https://djm080u34wfc5.cloudfront.net/?wumjd=808860
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.154.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-154-127.mxp64.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
f14cbb9826f62e88951202c0332bb0734c9820a8b8237646679430d66d5ed6a2

Request headers

Referer
https://filez.top/lp/dd/1/cab4129999062623b693a7e1465bf89f/affC1603193466aff4da00fe97323a228a696/?sid=24654057
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Oct 2020 11:31:09 GMT
content-encoding
gzip
server
openresty/1.17.8.2
x-amz-cf-pop
MXP64-C2
status
200
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://filez.top
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
text/plain
content-length
1865
via
1.1 bc4e4c44abae4a5bb17b234953976b89.cloudfront.net (CloudFront)
x-amz-cf-id
nffU-fneHjT1Sf4FNngYCNXpNGHO4dLsRDDRoW30gDg4Y03kvfHtiQ==
truncated
/ Frame C7C0 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c1e4cc7644ff1698616e3b394dc02cc07aa5a5e2fe94f992de85246c467dfa9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| $ function| jQuery object| wlpush object| wdw function| grr function| dialog function| gtag object| dataLayer object| google_tag_manager object| recaptcha object| closure_lm_764438 object| google_tag_data string| GoogleAnalyticsObject function| ga function| s function| f9ZZ function| m7rr object| gaplugins object| gaGlobal object| gaData function| Fingerprint2 number| LAST_CORRECT_EVENT_TIME number| _259766530 function| fa function| yllixNetworkLoader function| T400 function| o800

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

berhilpress.info
buleor.com
cdn-server.top
cdn-server.xyz
djm080u34wfc5.cloudfront.net
emula.net
filez.top
fonts.googleapis.com
fonts.gstatic.com
legedlunchar.top
nsidereturn.club
parentful.club
riftv.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
109.234.162.107
143.204.101.119
144.217.171.217
185.66.200.159
185.66.200.220
185.66.200.222
185.66.201.34
2a00:1450:4001:801::200a
2a00:1450:4001:803::2004
2a00:1450:4001:809::200e
2a00:1450:4001:81f::2003
2a00:1450:4001:820::2003
2a00:1450:4001:824::2008
54.144.3.29
99.86.154.127
99.86.2.110
03416e82636020f4110eee57af9d6e57f1768262777b430868d0709bace68407
042445431ce1cde5fda7a26e8e8428e08569680c139fce184e2c1476b308e1e7
1716cd70e5c5965c7cfd76848d117f2ce1b6aa27198e224ff700607b0d937244
1df59d2f9889b0553295fe997df9f1e5adec5a34abc798178d2cb313c6a196c9
29a76ce16028a890e8cd5fecc8a736a2d8c07947c009a126a585ce0203d54e37
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b019ec043446c43123e52615f7296b4a5ebb3547c1d95bdfbe9e78c420bb1c2
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
3840944020f1f85807153682d801f4304d82d4a8fdc203bb30a1f3ddc06dfaa4
3c1e4cc7644ff1698616e3b394dc02cc07aa5a5e2fe94f992de85246c467dfa9
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
4330d94512442851e2ba5c2e9c6005f5e5d98d3a33d089ffc5206ca9517b84d7
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
544bbfd8830aa820c1d2fdfae6ac72efb67cf3b9245723e0f333576579fb341c
54f3aa37078dcd01911c9da1a5fd753b5834dde5acfd90c5bd55243bba87cf6d
557823206bf2873bfd61c1dbb36e7ad4d2034e8fd58a79b2198fc1b4e708ba68
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6388a88a40a903dac834dd1d42fe8ecfc3cdf67996020ffb7a66c3e8ce714a95
66671616f880ade1bee6a9afbced9011f1fe1b179ff9860766f700825e8bc9ae
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d94258b84ca6d2efcc28f40dd809a20a72137797b4616827b519bc1e5ded6b0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f30cec310068712ce68afed7f1282ced9b022cec1abefd6eab29a913e29343
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8f1132e259789cc46b3851f3402a35e39587021cb06fb12adeb45e39a1da1cc5
9e0ed50c5e8fe853e1b4293aa254b22f11b4c40c9b3494f0856639e5a96c21eb
a7dec5803e4a6fa6f391b5d9f0316f122e92df6bb533a718285636b2695f1e0d
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b7a053f73e5027213689a88bd30736bab51c3417eb902caf214513ae87e5581c
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
c3d7a9181ea3eebba498c07f828f1c3925ba7cf99ba8430dd747b4255d9a05eb
d134482b582256f83aad4583af70db302e0319835dda567b27b5c568d421b47e
d1eb492e1005fbd0b649fad1a3c60006f21ca1c1fba172eb4232569475237985
d2eb94db45a7f74266b7c1a929af3ee63a100271603a18a478493cab56bdf67c
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
de9511cfb40c7781e56cae17bdc355a871f548e5726875c3b4ed319705e6c38e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9f8b8fabb38524354f0bd87e91a4f4e702555956d29cc6db1b899fc0b5980b0
f14cbb9826f62e88951202c0332bb0734c9820a8b8237646679430d66d5ed6a2
f717f12f040829e78545332ea52a7f9af3d12781ec610768dca8c2c918d57a1b
fe00a828c8984aa432d60646922198377e78dba43b704e73ab70d1fd4b9458e9