urlscan.io logo urlscan.io
SecurityTrails logo

nofile.org Open in urlscan Pro
185.178.208.138  Public Scan

Go To Rescan Add Verdict Report
URL: https://nofile.org/v/9c6cd5
Submission: On March 15 via manual from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 14 domains to perform 29 HTTP transactions. The main IP is 185.178.208.138, located in Russian Federation and belongs to DDOS-GUARD, RU. The main domain is nofile.org.
TLS certificate: Issued by R3 on January 7th 2023. Valid for: 3 months.
This is the only time nofile.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 185.178.208.138 57724 (DDOS-GUARD)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
1 104.16.168.131 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:50c0:800... 54113 (FASTLY)
3 13.224.194.203 16509 (AMAZON-02)
2 148.251.155.232 24940 (HETZNER-AS)
2 172.64.173.27 13335 (CLOUDFLAR...)
3 18.66.147.47 16509 (AMAZON-02)
3 172.67.140.164 13335 (CLOUDFLAR...)
1 2a03:2880:f11... 32934 (FACEBOOK)
4 6 2a00:1450:400... 15169 (GOOGLE)
29 15
5    185.178.208.138 (Russian Federation)

ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net
nofile.org
3    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a04:4e42:200::626 (United States)

ASN54113 (FASTLY, US)
ssl.p.jwpcdn.com
1    104.16.168.131 (None, )

ASN13335 (CLOUDFLARENET, US)
www.hcaptcha.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700:3038::6815:eae7 (United States)

ASN13335 (CLOUDFLARENET, US)
rawcdn.githack.com
1    2606:50c0:8002::153 (United States)

ASN54113 (FASTLY, US)
malsup.github.io
3    13.224.194.203 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-203.fra2.r.cloudfront.net
d1nubxdgom3wqt.cloudfront.net
2    148.251.155.232 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.232.155.251.148.clients.your-server.de
ad.a-ads.com
static.a-ads.com
2    172.64.173.27 (United States)

ASN13335 (CLOUDFLARENET, US)
pogothere.xyz
3    18.66.147.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-47.fra60.r.cloudfront.net
asterbiscusys.com
3    172.67.140.164 (United States)

ASN13335 (CLOUDFLARENET, US)
oionsglearned.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    2a00:1450:4001:831::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
Apex Domain
Subdomains		 Transfer
6 google.com
accounts.google.com — Cisco Umbrella Rank: 73
3 KB
5 nofile.org
nofile.org
4 KB
3 oionsglearned.com
oionsglearned.com
1 KB
3 asterbiscusys.com
asterbiscusys.com
4 KB
3 cloudfront.net
d1nubxdgom3wqt.cloudfront.net
69 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 784
51 KB
2 pogothere.xyz
pogothere.xyz — Cisco Umbrella Rank: 27761
101 KB
2 a-ads.com
ad.a-ads.com — Cisco Umbrella Rank: 33452
static.a-ads.com — Cisco Umbrella Rank: 46635
192 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
1 github.io
malsup.github.io — Cisco Umbrella Rank: 42837
12 KB
1 githack.com
rawcdn.githack.com — Cisco Umbrella Rank: 87595
3 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 305
33 KB
1 hcaptcha.com
www.hcaptcha.com — Cisco Umbrella Rank: 90747
80 KB
1 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2722
24 KB
29 14
Domain Requested by
6 accounts.google.com 4 redirects nofile.org
5 nofile.org nofile.org
3 oionsglearned.com nofile.org
3 asterbiscusys.com d1nubxdgom3wqt.cloudfront.net
3 d1nubxdgom3wqt.cloudfront.net nofile.org
asterbiscusys.com
3 maxcdn.bootstrapcdn.com nofile.org
maxcdn.bootstrapcdn.com
2 pogothere.xyz d1nubxdgom3wqt.cloudfront.net
1 www.facebook.com nofile.org
1 static.a-ads.com ad.a-ads.com
1 ad.a-ads.com nofile.org
1 malsup.github.io nofile.org
1 rawcdn.githack.com nofile.org
1 ajax.googleapis.com nofile.org
1 www.hcaptcha.com nofile.org
1 ssl.p.jwpcdn.com nofile.org
29 15

This site contains links to these domains. Also see Links.

Domain
dref.xyz
Subject Issuer Validity Valid
nofile.org
R3		 2023-01-07 -
2023-04-07		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-26 -
2023-12-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.github.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-04-07		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA		 2022-12-21 -
2024-01-21		 a year crt.sh
asterbiscusys.com
Amazon RSA 2048 M02		 2023-03-09 -
2024-04-06		 a year crt.sh
*.oionsglearned.com
GTS CA 1P5		 2023-02-25 -
2023-05-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-10 -
2023-03-23		 2 months crt.sh

This page contains 4 frames:

Primary Page: https://nofile.org/v/9c6cd5
Frame ID: F78A93032879FDA24DCF04F17B046FE9
Requests: 23 HTTP requests in this frame

Frame: https://ad.a-ads.com/1430973?size=300x250
Frame ID: DA8875E516AD022061F225233DE31071
Requests: 3 HTTP requests in this frame

Frame: https://asterbiscusys.com/TXZJOEYsFCpVeSxLKx4zPxp0HXQLU3t+InwYPFo+KREmVXU6Bz0WJSEZPFwgPxknTGgjEz0ddAs0B202ASQOdhEHJRxRHggzI3R1IRcIcAx1FR9tEgQyLkoCGCB6dS4EJhx6KQw7Ln0LCSUifAg6Ow5odAQuHUFzfxIMbhwGDxxSHiU7P3IVKRMLfzE8Pwh9DysbeU8DfBkhXC86NRhSDyM9PnoXAh8bUQAhJHpyLz4sEXsfIzwcYQ4JPnxJEzU0fV10OiMRexc7PTFqAS9FJQgCGDA/XR4fJQtvFHovH3p1L0UlCAALASJeHg8xC18uOBIldggrPmQBMh8RLQ4NJycdbxV1TgBpACg/MwEuGC4HHXQLEwF2CA8YMU0iITstcRUAAQ1UKjsTGFwBD0UmVgocHhhadSFGC34HPT8KTA0IPiEPDDoCAXIVFB4bXyUAEyduFQpFOVQlGy8NXREbDx9ABHkTM1sFGA86DQoYLwF8DnhFH3oyeBAecREOPjoeLD4ZJ0h7NCAlXRYGACsBAS8xHQ4KOQ
Frame ID: 58A4AEF2ED84858FA6CDDAB7550F7D82
Requests: 2 HTTP requests in this frame

Frame: https://asterbiscusys.com/Snp4MDYrGBtdCStHGhZDOBZFFQQMX0p2UnsUDVJOLh0XXQU9CwweVSYVDVRQOBUWRBgkHwwVBAwUG3R8eyMgYWISKAt4ZT0oGnVgMjQqYUYJLD1+YR07IX9xLTsocWAbLjZHRgg3PWFsKwI1XXw9HS1xZDkrLGF8Hj4qZVMcLxB4cxhPKmNwCCk9Zm8SIj1yYRgCKlNxGEMxeHd6Iz1iUgIwSHZTCxY6ZGQMEj54d3IrMABjDSg9ancSOz51ZCE7PGJjcz8uYXN5KD1qdxgoD2BnISsgYl8EKClXfwQsSHJsDEocYnAbODt3Zxs+PmZ3Lzk5cmALPlV+YxhKG1NkJh4qYVEAHjtYQQ8iAFxzGBA1aGR7PyF3YCErKnVsCywqcXUCAkBSYww0PXUHJTI8WF0cPEhTWBgvPXRhezwZYmcuPi1cRg04FHJiGDs2ZHM9Oz93ZC4yMgBwDjguRGUbFiJ4ZQw7XlpFJRQIDUJ/HT8IAhtKEWlQDSkA
Frame ID: D4C50F53671FC9BDF8ED1479B49C7FA4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Masha And Lena SM Video Mp4 docx

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

93 %
HTTPS

50 %
IPv6

14
Domains

15
Subdomains

15
IPs

4
Countries

575 kB
Transfer

1179 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AWnogHfPI73e65896GzKcMo5DzQvEimajqrbvO9yLNojiwc6tYTGkO0L0RKizzNDdNYAIgMXK_wPPw HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S-1089575451%3A1678899857823087&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AWnogHeBMLKXP8YUnOC6Mz4l2j3ZoyXrJIJLEwcXE2Xt18MKEGi1qKIp42We2QTFO71E83GRkYZskg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Request Chain 24
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AWnogHc5U5-uFHp68QfyXcg2q_lctsVMNDtPoLfToSVIHEzC7w_iMblNCpCj7Ks1Tcr8DCRI8QGhVw HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S-83771543%3A1678899857798904&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AWnogHflCC4ZpmipQHuX0aFn3CLsJUf2-fZmlo5ELDc013C7wOy5bZ3cYe2QAfwkYliYYZcu2q6g-A&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 9c6cd5
nofile.org/v/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nofile.org/v/9c6cd5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.138 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard / PHP/7.3.33
Resource Hash
e1d2808af292e35c478ea024c0ee3a7bb8c4fe1baf788b094e472fd98d1699f8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Wed, 15 Mar 2023 17:04:16 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
ddos-guard
vary
Accept-Encoding
x-powered-by
PHP/7.3.33
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/ 		107 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css
Requested by
Host: nofile.org
URL: https://nofile.org/v/9c6cd5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nofile.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:04:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
752, 617, 617
age
11958214
cdn-cachedat
2021-08-02 15:14:19
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:57 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
1660cb5d59e09a84acd67052dfe2b7c5
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7a8655a7bc0a9a11-FRA
cdn-requestpullsuccess
True
custom.css
nofile.org/css/ 		268 B
323 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nofile.org/css/custom.css
Requested by
Host: nofile.org
URL: https://nofile.org/v/9c6cd5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.138 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
7b02a0afc65349107c8f3b68cab8a15ff96499d52b627d9bef7df4320a4ae9a0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nofile.org/v/9c6cd5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Mon, 13 Mar 2023 20:25:10 GMT
content-encoding
br
last-modified
Sun, 30 Jun 2019 04:14:09 GMT
server
ddos-guard
age
160746
etag
W/"10c-58c82be3f2640"
vary
Accept-Encoding
content-type
text/css
ddg-cache-status
HIT
accept-ranges
bytes
jwplayer.js
ssl.p.jwpcdn.com/6/11/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/6/11/jwplayer.js
Requested by
Host: nofile.org
URL: https://nofile.org/v/9c6cd5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1170b83dab1a0d7b672925cc3883b8ab6560240ac09a605860f060b61aa022e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nofile.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:04:16 GMT
content-encoding
gzip
via
1.1 varnish
age
1891
x-cache
HIT
content-length
24829
x-served-by
cache-hhn-etou8220055-HHN
last-modified
Mon, 22 Jun 2015 14:09:42 GMT
server
AmazonS3
x-timer
S1678899857.861649,VS0,VE0
etag
"0529b2abc1e42b6739b9daa410de76eb"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
3
api.js
www.hcaptcha.com/1/ 		284 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hcaptcha.com/1/api.js
Requested by
Host: nofile.org
URL: https://nofile.org/v/9c6cd5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa567ea63c532d43e2f5e3e3962ff8b5fa0366f3c62ee0585fa6fe4be4c70f60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nofile.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:04:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 c2932c75b25bc91b15c5d7c319b82150.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
age
0
x-amz-cf-pop
MCT50-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 10 Mar 2023 07:14:15 GMT
server
cloudflare
etag
W/"5de21c14bce7448f20c94eda336232ba"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=120
cf-ray
7a8655acdedd2c1b-FRA
x-amz-cf-id
FUrp1cE7bmQlKLrWG6hdhKvBEqNZCKxHXD2FRlHM1QzvnxZmvM_27Q==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: nofile.org
URL: https://nofile.org/v/9c6cd5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nofile.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 19:36:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
422886
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Mar 2024 19:36:10 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js
Requested by
Host: nofile.org
URL: https://nofile.org/v/9c6cd5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nofile.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:04:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
722
age
4266088
cdn-cachedat
11/03/2021 03:23:08
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:57 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
e885ee69c288bb9cabd0660b291cac0f
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7a8655a7bc0d9a11-FRA
cdn-requestpullsuccess
True
ie10-viewport-bug-workaround.js
nofile.org/libs/ 		693 B
548 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nofile.org/libs/ie10-viewport-bug-workaround.js
Requested by
Host: nofile.org
URL: https://nofile.org/v/9c6cd5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.138 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
55e8b904ad883620452aba4c984b3d489d13078645db0da58647e50ed7e83e24
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nofile.org/v/9c6cd5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Wed, 15 Mar 2023 14:42:08 GMT
content-encoding
gzip
last-modified
Sun, 30 Jun 2019 04:14:22 GMT
server
ddos-guard
age
8528
etag
W/"2b5-58c82bf058380"
vary
Accept-Encoding
content-type
application/javascript
ddg-cache-status
HIT
content-length
443
custom-1.0.js
nofile.org/libs/ 		1 KB
657 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nofile.org/libs/custom-1.0.js
Requested by
Host: nofile.org
URL: https://nofile.org/v/9c6cd5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.138 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
c7d136b706b41fa7e80008fcb5c96bd7fca9e1776fd2bb6aa8776220a21738f7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nofile.org/v/9c6cd5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Wed, 15 Mar 2023 08:16:04 GMT
content-encoding
gzip
last-modified
Sat, 07 Jan 2023 11:59:34 GMT
server
ddos-guard
age
31692
etag
W/"555-5f1ab447e9edd"
vary
Accept-Encoding
content-type
application/javascript
ddg-cache-status
HIT
content-length
518
bootstrap.file-input.js
rawcdn.githack.com/grevory/bootstrap-file-input/2b38ec89c615045f6df6f98732fc189f310e394b/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rawcdn.githack.com/grevory/bootstrap-file-input/2b38ec89c615045f6df6f98732fc189f310e394b/bootstrap.file-input.js
Requested by
Host: nofile.org
URL: https://nofile.org/v/9c6cd5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eae7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8aca2158ffba4d335017abc99fa87b343dd130da12869ffa9a4d180f0366a016
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nofile.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-fastly-request-id
e851a8a08d85ed6bd47b9472cc7fafa151913b81
date
Wed, 15 Mar 2023 17:04:16 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43666041
content-encoding
br
x-cache
MISS
x-cache-hits
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-bma1624-BMA
server
cloudflare
x-github-request-id
FDA0:4F5A:6B4D04:852E69:6175028B
x-timer
S1635058315.443777,VS0,VE182
etag
W/"f03b0647e61d80b13ea762c046dab403f07e9da731fefd014862e7f87fab7802"
source-age
0
vary
Authorization,Accept-Encoding,Origin
x-githack-cache-status
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i9Y9lOkWQVgDa%2B73Hf1o6m2RDjegK%2BQ7sWmWxupDN7FpY%2F88m%2B67ySFoR9wsa7sqXWyhNbRHix4LSJmCPcMfZ0cZXI8evS9%2FCnI62NjOlh6kkTOk4Gm4MjBvcI4K4LswK1pBrL6kkOYNu3ujLY5gE1U%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000, public, immutable
x-robots-tag
none
cf-ray
7a8655a7dd5f719f-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.form.js
malsup.github.io/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://malsup.github.io/jquery.form.js
Requested by
Host: nofile.org
URL: https://nofile.org/v/9c6cd5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
3a16fd80d67008f1c947cf93ebb20e2af2ed1a6317e194d35ed15046076c4211

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nofile.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-fastly-request-id
5190ba76bdf73fdf78bf99488a3cba0278677d05
date
Wed, 15 Mar 2023 17:04:16 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
8
age
174
x-cache
HIT
x-proxy-cache
HIT
content-length
12365
x-served-by
cache-hhn-etou8220021-HHN
last-modified
Sun, 03 May 2015 16:16:14 GMT
server
GitHub.com
x-github-request-id
3534:1793:190496:20B68C:640690F7
x-timer
S1678899857.826556,VS0,VE0
etag
W/"554649ce-ab74"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
expires
Tue, 07 Mar 2023 01:15:47 GMT
panel-search.js
nofile.org/libs/ 		306 B
292 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nofile.org/libs/panel-search.js
Requested by
Host: nofile.org
URL: https://nofile.org/v/9c6cd5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.138 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
e16b9edaf0a11ba29ed22b735e882d2e34c1e0a22e4adf6db1cf54fd7fa600a8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nofile.org/v/9c6cd5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 14 Mar 2023 21:46:16 GMT
content-encoding
br
last-modified
Sat, 07 Jan 2023 11:30:11 GMT
server
ddos-guard
age
69480
etag
"132-5f1aadb722661"
vary
Accept-Encoding
content-type
application/javascript
ddg-cache-status
HIT
accept-ranges
bytes
content-length
180
/
d1nubxdgom3wqt.cloudfront.net/ 		202 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1nubxdgom3wqt.cloudfront.net/?xbund=958756
Requested by
Host: nofile.org
URL: https://nofile.org/v/9c6cd5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-203.fra2.r.cloudfront.net
Software
/
Resource Hash
864216b9c3fb45897e03c85a3e1966eafcf8ffac293e5f1267984a2e19a675f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nofile.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Mar 2023 17:04:17 GMT
content-encoding
gzip
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
68418
x-amz-cf-id
6Apski2QMruqkbPDWSiQRevJgG2DW40nHvFPgL1kwtv34z0fpdEmug==
1430973
ad.a-ads.com/ Frame DA88 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1430973?size=300x250
Requested by
Host: nofile.org
URL: https://nofile.org/v/9c6cd5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.155.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.232.155.251.148.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
1a968da5239d18e4a93355914ee610321f788db57efb32b65d47c430e8d71735
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nofile.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 15 Mar 2023 17:04:17 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-original-referer
https://nofile.org/
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
glyphicons-halflings-regular.woff
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/fonts/glyphicons-halflings-regular.woff
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css
Origin
https://nofile.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:04:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
865
cdn-cachedat
08/20/2022 02:40:02
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23320
last-modified
Mon, 25 Jan 2021 22:03:57 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
"68ed1dac06bf0409c18ae7bc62889170"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
123f73ff9c56dfb3df58bb1dfaf6a005
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7a8655a9bff12c45-FRA
cdn-requestpullsuccess
True
300x250
static.a-ads.com/a-ads-banners/117617/ Frame DA88 		187 KB
187 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/117617/300x250?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1430973?size=300x250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.155.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.232.155.251.148.clients.your-server.de
Software
nginx /
Resource Hash
2e31c9bab999580b0a194dccb45a2f79378237ef53082e01ea3f539976c8780f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:04:17 GMT
x-amz-version-id
9rF0H2vdVY_HJMQUZBdQKii0bOEwqr9J
last-modified
Sun, 19 Apr 2020 16:08:09 GMT
server
nginx
x-amz-request-id
8EDPM8G942YN1CVJ
etag
"5896f969c3c0d5de143c2f56c20489d9"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
content-length
191448
x-amz-id-2
ypQY60YpVbUUlue6DZ38FEhnGF1iDI1hLGmXa2C5hpNx/3VEnDDQfREOm/w7sXvAmKOb9xalM3o=
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame DA88 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
asd100.bin
pogothere.xyz/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d1nubxdgom3wqt.cloudfront.net
URL: https://d1nubxdgom3wqt.cloudfront.net/?xbund=958756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nofile.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:04:18 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 15 Mar 2023 05:13:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://nofile.org
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFvh63H8HjoQOYOqWaUGGw43BDEagGSN4s8bn67OgK%2BV2TzzJMRDGzfJAn6x917fLOSZn4XiJ4n1%2BvxiZnTGDAvwoaBVNKTr35Ooe6KQKmxjfwIikJEpJ2mInF0CWOZ1"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7a8655afcf086958-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
pogothere.xyz/ 		26 B
634 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d1nubxdgom3wqt.cloudfront.net
URL: https://d1nubxdgom3wqt.cloudfront.net/?xbund=958756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a4c91700885389761b5aeb54e09d483816610aa5ea7b0d11fe953e9c4a0a1f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nofile.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:04:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=En5KKd6DLHV%2BDgIXFucqzkiW3ATOEymFSWQYp5kR%2BcsdJ9InoeB5K5UZ18h0evDTPM%2Br1DfV8S76jgcFi04k%2BKj9k95NfUg%2BgUqKC1pvcfTKVuvzNjT5G%2BoeRzi2RaBW"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://nofile.org
content-type
text/plain
access-control-allow-credentials
true
cf-ray
7a8655afcf0c6958-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
asterbiscusys.com/ 		0
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://asterbiscusys.com/utx?cb=IeHgHJfog1aW&top=nofile.org&tid=958756
Requested by
Host: d1nubxdgom3wqt.cloudfront.net
URL: https://d1nubxdgom3wqt.cloudfront.net/?xbund=958756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-47.fra60.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nofile.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Mar 2023 17:04:17 GMT
via
1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://nofile.org
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
HlMsHDi1rZ4xSQUDlvKy6FKsrtIaYiRLc-O-0rXSMLVZ9mcW3OmAiQ==
MwEuGC4HHXQLEwF2CA8YMU0iITstcRUAAQ1UKjsTGFwBD0UmVgocHhhadSFGC34HPT8KTA0IPiEPDDoCAXIVFB4bXyUAEyduFQpFOVQlGy8NXREbDx9ABHkTM1sFGA86DQoYLwF8DnhFH3oyeBAecREOPjoeLD4ZJ0h7NCAlXRYGACsBAS8xHQ4KOQ
asterbiscusys.com/TXZJOEYsFCpVeSxLKx4zPxp0HXQLU3t+InwYPFo+KREmVXU6Bz0WJSEZPFwgPxknTGgjEz0ddAs0B202ASQOdhEHJRxRHggzI3R1IRcIcAx1FR9tEgQyLkoCGCB6dS4EJhx6KQw7Ln0LCSUifAg6Ow5odAQuHUFzfxIMbhwGDxxSHiU7P3I... Frame 58A4 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://asterbiscusys.com/TXZJOEYsFCpVeSxLKx4zPxp0HXQLU3t+InwYPFo+KREmVXU6Bz0WJSEZPFwgPxknTGgjEz0ddAs0B202ASQOdhEHJRxRHggzI3R1IRcIcAx1FR9tEgQyLkoCGCB6dS4EJhx6KQw7Ln0LCSUifAg6Ow5odAQuHUFzfxIMbhwGDxxSHiU7P3IVKRMLfzE8Pwh9DysbeU8DfBkhXC86NRhSDyM9PnoXAh8bUQAhJHpyLz4sEXsfIzwcYQ4JPnxJEzU0fV10OiMRexc7PTFqAS9FJQgCGDA/XR4fJQtvFHovH3p1L0UlCAALASJeHg8xC18uOBIldggrPmQBMh8RLQ4NJycdbxV1TgBpACg/MwEuGC4HHXQLEwF2CA8YMU0iITstcRUAAQ1UKjsTGFwBD0UmVgocHhhadSFGC34HPT8KTA0IPiEPDDoCAXIVFB4bXyUAEyduFQpFOVQlGy8NXREbDx9ABHkTM1sFGA86DQoYLwF8DnhFH3oyeBAecREOPjoeLD4ZJ0h7NCAlXRYGACsBAS8xHQ4KOQ
Requested by
Host: d1nubxdgom3wqt.cloudfront.net
URL: https://d1nubxdgom3wqt.cloudfront.net/?xbund=958756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-47.fra60.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
4427923da322857532c03d0895a18faca5964e7b649cfd75ae21d64671b83525

Request headers

Referer
https://nofile.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1244
content-type
text/html
date
Wed, 15 Mar 2023 17:04:17 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
x-amz-cf-id
QEdNSPVMzU78c5GQC4pN5oRRWDiC5RnMUpYCSv5Ig4NcegVveAFxDw==
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
HT8IAhtKEWlQDSkA
asterbiscusys.com/Snp4MDYrGBtdCStHGhZDOBZFFQQMX0p2UnsUDVJOLh0XXQU9CwweVSYVDVRQOBUWRBgkHwwVBAwUG3R8eyMgYWISKAt4ZT0oGnVgMjQqYUYJLD1+YR07IX9xLTsocWAbLjZHRgg3PWFsKwI1XXw9HS1xZDkrLGF8Hj4qZVMcLxB4cxhPKmN... Frame D4C5 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://asterbiscusys.com/Snp4MDYrGBtdCStHGhZDOBZFFQQMX0p2UnsUDVJOLh0XXQU9CwweVSYVDVRQOBUWRBgkHwwVBAwUG3R8eyMgYWISKAt4ZT0oGnVgMjQqYUYJLD1+YR07IX9xLTsocWAbLjZHRgg3PWFsKwI1XXw9HS1xZDkrLGF8Hj4qZVMcLxB4cxhPKmNwCCk9Zm8SIj1yYRgCKlNxGEMxeHd6Iz1iUgIwSHZTCxY6ZGQMEj54d3IrMABjDSg9ancSOz51ZCE7PGJjcz8uYXN5KD1qdxgoD2BnISsgYl8EKClXfwQsSHJsDEocYnAbODt3Zxs+PmZ3Lzk5cmALPlV+YxhKG1NkJh4qYVEAHjtYQQ8iAFxzGBA1aGR7PyF3YCErKnVsCywqcXUCAkBSYww0PXUHJTI8WF0cPEhTWBgvPXRhezwZYmcuPi1cRg04FHJiGDs2ZHM9Oz93ZC4yMgBwDjguRGUbFiJ4ZQw7XlpFJRQIDUJ/HT8IAhtKEWlQDSkA
Requested by
Host: d1nubxdgom3wqt.cloudfront.net
URL: https://d1nubxdgom3wqt.cloudfront.net/?xbund=958756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-47.fra60.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
6659bf3dcedb0cfe1c2f88316220c259d17b92b92d469e5c19a2283ca05e7bf9

Request headers

Referer
https://nofile.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1213
content-type
text/html
date
Wed, 15 Mar 2023 17:04:17 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
x-amz-cf-id
SRjLHrKq1hD3B8S631Lktyw3J9PRUTR9Iapc5T9GTchWzPt3EUDE8g==
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
Eh0XFAMcW1sBEzM9ARs+OT0lAnMFAwd+bERSVHZjVxoKJ2hATBA3NAUfEH5kVwMNJTpMTBV+ZF9ZV21mQ0RRZSBMW0U3JRANXnJzAR4XL2hAXFR7bUhTW3ZiR1hW
oionsglearned.com/Y0NVcWpMfDYCVzQoJgszNBk/ 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oionsglearned.com/Y0NVcWpMfDYCVzQoJgszNBk/Eh0XFAMcW1sBEzM9ARs+OT0lAnMFAwd+bERSVHZjVxoKJ2hATBA3NAUfEH5kVwMNJTpMTBV+ZF9ZV21mQ0RRZSBMW0U3JRANXnJzAR4XL2hAXFR7bUhTW3ZiR1hW
Requested by
Host: nofile.org
URL: https://nofile.org/v/9c6cd5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nofile.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:04:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxWV8ueI5B7al9O1w09o0spIVFLwoAxMzwLqRp%2B5jq3wfTYbH64dyopcnSM0nkm0XpFeU%2Bd8lt3FWFK2JaLqq5upRrHTNeg5a6QFgH1511TWVUjXnR5M%2Fd6RwMxWV3vi2SxwAA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7a8655aece8c889e-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: nofile.org
URL: https://nofile.org/v/9c6cd5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nofile.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AWnogHfPI73e65896GzKcMo5DzQvEimajqrbvO9yLNojiwc6tYTGkO0L0RKizzN...
  • https://accounts.google.com/v3/signin/identifier?dsh=S-1089575451%3A1678899857823087&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AWnogHeBMLKXP8YUnOC6Mz4l2j3ZoyXrJIJLEwcXE2Xt18MKE...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S-1089575451%3A1678899857823087&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AWnogHeBMLKXP8YUnOC6Mz4l2j3ZoyXrJIJLEwcXE2Xt18MKEGi1qKIp42We2QTFO71E83GRkYZskg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by
Host: nofile.org
URL: https://nofile.org/v/9c6cd5
Protocol
H3
Server
2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nofile.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Redirect headers

date
Wed, 15 Mar 2023 17:04:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-1BZa8wrRfirRmzMS7vf_iQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S-1089575451%3A1678899857823087&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AWnogHeBMLKXP8YUnOC6Mz4l2j3ZoyXrJIJLEwcXE2Xt18MKEGi1qKIp42We2QTFO71E83GRkYZskg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AWnogHc5U5-uFHp68QfyXcg2q_lctsVMNDtPoLfToSVIHEzC7w_iMblNCpC...
  • https://accounts.google.com/v3/signin/identifier?dsh=S-83771543%3A1678899857798904&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AWnogHflCC4ZpmipQHuX0aFn3CLsJUf2-fZmlo5ELDc013C7wO...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S-83771543%3A1678899857798904&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AWnogHflCC4ZpmipQHuX0aFn3CLsJUf2-fZmlo5ELDc013C7wOy5bZ3cYe2QAfwkYliYYZcu2q6g-A&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by
Host: nofile.org
URL: https://nofile.org/v/9c6cd5
Protocol
H3
Server
2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nofile.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Redirect headers

date
Wed, 15 Mar 2023 17:04:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-XG-Q4MQjqPL5suzJx5r-Nw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
393
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S-83771543%3A1678899857798904&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AWnogHflCC4ZpmipQHuX0aFn3CLsJUf2-fZmlo5ELDc013C7wOy5bZ3cYe2QAfwkYliYYZcu2q6g-A&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
aTN5cVpGDBoCZycDSAcMAnY9FwwBVBwwEFBkPiNrKGsJKDgHfl8FMw0OQERiXgZOVyoAV0RAYk9ADRAuHEBEQHwAXR8eZ09FREB0WR1LX2lPRkRAfB1DGBZnWBUJBS4FDkhHbVELQEhiXARPRWM
oionsglearned.com/ 		0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oionsglearned.com/aTN5cVpGDBoCZycDSAcMAnY9FwwBVBwwEFBkPiNrKGsJKDgHfl8FMw0OQERiXgZOVyoAV0RAYk9ADRAuHEBEQHwAXR8eZ09FREB0WR1LX2lPRkRAfB1DGBZnWBUJBS4FDkhHbVELQEhiXARPRWM
Requested by
Host: nofile.org
URL: https://nofile.org/v/9c6cd5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nofile.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:04:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mfi5KWrMeVIFgmv28wFkLFVOsRzMtCJUOunAe6ou%2FtT0Azoot9u%2F1NkWcGSKMZjSqaSHK7o0YsouNWpnNEOls9hDkJ8kpGizHNXxJ%2BURWWafSJUh6PMAv%2BiMFnVFUfr6Gd1XFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7a8655aede8e889e-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
eHNNBnxudlMdISMwDllveQdGB3onLQhQb3l0BFApICtKEHh7JwtHJSYhRgcMenVSG3plcVYDeWVyVxB4ezcCUys5LUYHDH53VBt5fWIWCHs
d1nubxdgom3wqt.cloudfront.net/BNUpLRGNWJSUiXEEjL3laAHJ8cVUTIDgrDUV3MhIPUBoAMgEMDSkDNwMGP2IXTy52dEVZKyUjXhMvJSdeBGwqIAEIfm0wE1ohdiwCQjInKwBQOiRiFlR3JisZXCYnJUYHDH5qUxB4e2wUXCQvKxRGb3l0DUFveXRSBWR7YV... Frame 58A4 		776 B
838 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d1nubxdgom3wqt.cloudfront.net/BNUpLRGNWJSUiXEEjL3laAHJ8cVUTIDgrDUV3MhIPUBoAMgEMDSkDNwMGP2IXTy52dEVZKyUjXhMvJSdeBGwqIAEIfm0wE1ohdiwCQjInKwBQOiRiFlR3JisZXCYnJUYHDH5qUxB4e2wUXCQvKxRGb3l0DUFveXRSBWR7YVB3b3l0FFwkfXBGBghudlNNfH-9tRgd6KjQTWS88IQFeIz9hUXN/eHNNBnxudlMdISMwDllveQdGB3onLQhQb3l0BFApICtKEHh7JwtHJSYhRgcMenVSG3plcVYDeWVyVxB4ezcCUys5LUYHDH53VBt5fWIWCHs
Requested by
Host: asterbiscusys.com
URL: https://asterbiscusys.com/TXZJOEYsFCpVeSxLKx4zPxp0HXQLU3t+InwYPFo+KREmVXU6Bz0WJSEZPFwgPxknTGgjEz0ddAs0B202ASQOdhEHJRxRHggzI3R1IRcIcAx1FR9tEgQyLkoCGCB6dS4EJhx6KQw7Ln0LCSUifAg6Ow5odAQuHUFzfxIMbhwGDxxSHiU7P3IVKRMLfzE8Pwh9DysbeU8DfBkhXC86NRhSDyM9PnoXAh8bUQAhJHpyLz4sEXsfIzwcYQ4JPnxJEzU0fV10OiMRexc7PTFqAS9FJQgCGDA/XR4fJQtvFHovH3p1L0UlCAALASJeHg8xC18uOBIldggrPmQBMh8RLQ4NJycdbxV1TgBpACg/MwEuGC4HHXQLEwF2CA8YMU0iITstcRUAAQ1UKjsTGFwBD0UmVgocHhhadSFGC34HPT8KTA0IPiEPDDoCAXIVFB4bXyUAEyduFQpFOVQlGy8NXREbDx9ABHkTM1sFGA86DQoYLwF8DnhFH3oyeBAecREOPjoeLD4ZJ0h7NCAlXRYGACsBAS8xHQ4KOQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-203.fra2.r.cloudfront.net
Software
/
Resource Hash
b8326a60991be7e3c049ef0a5cdf4f5559e391dd2fff26317e0f183f70d8b2b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://asterbiscusys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:04:17 GMT
content-encoding
gzip
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
562
x-amz-cf-id
YKRz0WeWdyWTn5g_3Tmqcn-S3Ht64KjJu9FEHhbYeOqtYW2DFAzpBA==
ncDJ1YXQTXRsHSwRbEVxNRQpCVENWWAYOGgAPAVQTNwpBMEQZaxMmJwgUARsQTQJTDRUeVUhHER5RSFBSEVYXXEBWRxRcGR9IHA0YERdHJ0FeAlBTRFhFHA8QH0UGREZAXAFERkADRU9EVQE3REZARRwPQkQXRiNRQgINV0BZF0dRFQBCGQQDFVAeCABVAD-NUR0c...
d1nubxdgom3wqt.cloudfront.net/ Frame D4C5 		198 B
469 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d1nubxdgom3wqt.cloudfront.net/ncDJ1YXQTXRsHSwRbEVxNRQpCVENWWAYOGgAPAVQTNwpBMEQZaxMmJwgUARsQTQJTDRUeVUhHER5RSFBSEVYXXEBWRxRcGR9IHA0YERdHJ0FeAlBTRFhFHA8QH0UGREZAXAFERkADRU9EVQE3REZARRwPQkQXRiNRQgINV0BZF0dRFQBCGQQDFVAeCABVAD-NUR0ccRldRQgJdChwEXxlERjMXR1EYGVkQREZAVRACHx8bUFNEE1oHDhkVF0cnRUEDW1FaRQdDUlpGBlBTRANTEwAGGRdHJ0FDBVtSQlZHSFA
Requested by
Host: asterbiscusys.com
URL: https://asterbiscusys.com/Snp4MDYrGBtdCStHGhZDOBZFFQQMX0p2UnsUDVJOLh0XXQU9CwweVSYVDVRQOBUWRBgkHwwVBAwUG3R8eyMgYWISKAt4ZT0oGnVgMjQqYUYJLD1+YR07IX9xLTsocWAbLjZHRgg3PWFsKwI1XXw9HS1xZDkrLGF8Hj4qZVMcLxB4cxhPKmNwCCk9Zm8SIj1yYRgCKlNxGEMxeHd6Iz1iUgIwSHZTCxY6ZGQMEj54d3IrMABjDSg9ancSOz51ZCE7PGJjcz8uYXN5KD1qdxgoD2BnISsgYl8EKClXfwQsSHJsDEocYnAbODt3Zxs+PmZ3Lzk5cmALPlV+YxhKG1NkJh4qYVEAHjtYQQ8iAFxzGBA1aGR7PyF3YCErKnVsCywqcXUCAkBSYww0PXUHJTI8WF0cPEhTWBgvPXRhezwZYmcuPi1cRg04FHJiGDs2ZHM9Oz93ZC4yMgBwDjguRGUbFiJ4ZQw7XlpFJRQIDUJ/HT8IAhtKEWlQDSkA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-203.fra2.r.cloudfront.net
Software
/
Resource Hash
d49e9907166d95ef1dd2fa7de329784de48964517cf3e6140154596585550d17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://asterbiscusys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:04:17 GMT
content-encoding
gzip
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
193
x-amz-cf-id
qKwWh1OWl3SCkfsvGoFKiTFpDPDanSdRCWPDDFFgMs9n2HKecBrM9A==
popunder.gif
oionsglearned.com/ 		35 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oionsglearned.com/popunder.gif
Requested by
Host: nofile.org
URL: https://nofile.org/v/9c6cd5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nofile.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
public
date
Wed, 15 Mar 2023 17:04:18 GMT
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 17:46:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
83843
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJoJ4iXQ8WdykRGX8s54FPbpOb5u9ACpt4dBk8Qe1hPq6Zy%2BBIQ6AEVScEzpV62czvj22DTMfS%2BZeMZtl6x3skjKbeJ523PnwBIbROGM1%2FvC9tUyeJx1KWxU6ey84%2FxgfNn4cA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
7a8655b0c9d4889e-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| jwplayer function| $ function| jQuery object| jQuery111109181867172689058 object| Raven object| hcaptcha number| LAST_CORRECT_EVENT_TIME object| utr_958756 number| userTrackingInterval number| _3334662655 object| grecaptcha number| iinf

3 Cookies

Domain/Path Name / Value
.nofile.org/ Name: __ddg1_
Value: uaK8ash3tHYWvfrQimVr
nofile.org/ Name: PHPSESSID
Value: vust8s7qrtlihnn5a6iu3kjh03
pogothere.xyz/ Name: csu
Value: 867508992400724@1@1678899857

2 Console Messages

Source Level URL
Text
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S-1089575451%3A1678899857823087&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AWnogHeBMLKXP8YUnOC6Mz4l2j3ZoyXrJIJLEwcXE2Xt18MKEGi1qKIp42We2QTFO71E83GRkYZskg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S-83771543%3A1678899857798904&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AWnogHflCC4ZpmipQHuX0aFn3CLsJUf2-fZmlo5ELDc013C7wOy5bZ3cYe2QAfwkYliYYZcu2q6g-A&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ad.a-ads.com
ajax.googleapis.com
asterbiscusys.com
d1nubxdgom3wqt.cloudfront.net
malsup.github.io
maxcdn.bootstrapcdn.com
nofile.org
oionsglearned.com
pogothere.xyz
rawcdn.githack.com
ssl.p.jwpcdn.com
static.a-ads.com
www.facebook.com
www.hcaptcha.com
104.16.168.131
13.224.194.203
148.251.155.232
172.64.173.27
172.67.140.164
18.66.147.47
185.178.208.138
2606:4700:3038::6815:eae7
2606:4700::6812:bcf
2606:50c0:8002::153
2a00:1450:4001:810::200a
2a00:1450:4001:831::200d
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:200::626
1a968da5239d18e4a93355914ee610321f788db57efb32b65d47c430e8d71735
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
2e31c9bab999580b0a194dccb45a2f79378237ef53082e01ea3f539976c8780f
3a16fd80d67008f1c947cf93ebb20e2af2ed1a6317e194d35ed15046076c4211
4427923da322857532c03d0895a18faca5964e7b649cfd75ae21d64671b83525
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
55e8b904ad883620452aba4c984b3d489d13078645db0da58647e50ed7e83e24
5a4c91700885389761b5aeb54e09d483816610aa5ea7b0d11fe953e9c4a0a1f8
6659bf3dcedb0cfe1c2f88316220c259d17b92b92d469e5c19a2283ca05e7bf9
7b02a0afc65349107c8f3b68cab8a15ff96499d52b627d9bef7df4320a4ae9a0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
864216b9c3fb45897e03c85a3e1966eafcf8ffac293e5f1267984a2e19a675f7
8aca2158ffba4d335017abc99fa87b343dd130da12869ffa9a4d180f0366a016
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732
b8326a60991be7e3c049ef0a5cdf4f5559e391dd2fff26317e0f183f70d8b2b5
c1170b83dab1a0d7b672925cc3883b8ab6560240ac09a605860f060b61aa022e
c7d136b706b41fa7e80008fcb5c96bd7fca9e1776fd2bb6aa8776220a21738f7
d49e9907166d95ef1dd2fa7de329784de48964517cf3e6140154596585550d17
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
e16b9edaf0a11ba29ed22b735e882d2e34c1e0a22e4adf6db1cf54fd7fa600a8
e1d2808af292e35c478ea024c0ee3a7bb8c4fe1baf788b094e472fd98d1699f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
fa567ea63c532d43e2f5e3e3962ff8b5fa0366f3c62ee0585fa6fe4be4c70f60
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e