urlscan.io logo urlscan.io
SecurityTrails logo

dfile.su Open in urlscan Pro
2606:4700:3031::6818:72ab  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tinyurl.com/winnerredis19
Effective URL: http://dfile.su/d/4ETraRS14C
Submission: On March 23 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3031::6818:72ab, located in United States and belongs to CLOUDFLARENET, US. The main domain is dfile.su.
This is the only time dfile.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
6 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a02:6b8:20::215 13238 (YANDEX)
1 6 2a02:6b8::1:119 13238 (YANDEX)
14 4
1    2606:4700:10::6814:db2a (United States)

ASN13335 (CLOUDFLARENET, US)
tinyurl.com
1    2606:4700:3030::6818:7193 (United States)

ASN13335 (CLOUDFLARENET, US)
redissoft.ru
6    2606:4700:3031::6818:72ab (United States)

ASN13335 (CLOUDFLARENET, US)
dfile.su
3    2a02:6b8:20::215 (Russian Federation)

ASN13238 (YANDEX, RU)
yastatic.net
6    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
Apex Domain
Subdomains		 Transfer
6 yandex.ru
mc.yandex.ru
43 KB
6 dfile.su
dfile.su
143 KB
3 yastatic.net
yastatic.net
28 KB
1 redissoft.ru
redissoft.ru
610 B
1 tinyurl.com
tinyurl.com
821 B
14 5
Domain Requested by
6 mc.yandex.ru 1 redirects yastatic.net
mc.yandex.ru
6 dfile.su dfile.su
3 yastatic.net dfile.su
yastatic.net
1 redissoft.ru 1 redirects
1 tinyurl.com 1 redirects
14 5

This site contains links to these domains. Also see Links.

Domain
vk.com
www.facebook.com
connect.ok.ru
connect.mail.ru
twitter.com
web.skype.com
Subject Issuer Validity Valid
mc.yandex.ru
Yandex CA		 2019-09-23 -
2020-09-22		 a year crt.sh
static.yandex.net
Yandex CA		 2019-09-06 -
2020-09-05		 a year crt.sh

This page contains 2 frames:

Primary Page: http://dfile.su/d/4ETraRS14C
Frame ID: AE480A11F6017A526D10ED21A191E39E
Requests: 19 HTTP requests in this frame

Frame: https://yastatic.net/share2/frame.html?namespace=ya-share2.0.10274358804927863
Frame ID: D413D9634817271B9775A9F51749BFC2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://tinyurl.com/winnerredis19 HTTP 301
    http://redissoft.ru/d/4ETraRS14C HTTP 302
    http://dfile.su/d/4ETraRS14C Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Page Statistics

14
Requests

43 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

213 kB
Transfer

389 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tinyurl.com/winnerredis19 HTTP 301
    http://redissoft.ru/d/4ETraRS14C HTTP 302
    http://dfile.su/d/4ETraRS14C Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://mc.yandex.ru/watch/26812653?wmode=7&page-url=http%3A%2F%2Fdfile.su%2Fd%2F4ETraRS14C%3Ftoken%3DynNccJqSpDZ8O6w%26key%3DudJuyNJHt2K52yMNXq9KH&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%2C%22shareVersion%22%3A2%7D&browser-info=ti%3A10%3Ans%3A1584935311163%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20200323044832%3Aet%3A1584935312%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A873883027%3Ahid%3A104113290%3Ads%3A74%2C5%2C108%2C1%2C787%2C0%2C0%2C114%2C6%2C%2C%2C%2C1091%3Afp%3A1013%3Agdpr%3A14%3Av%3A1816%3Ast%3A1584935312%3Au%3A1584935312390764338%3At%3ADownload%20file%20WINNER%20%2B%20CFG%20FIX%2023.03.rar HTTP 302
  • https://mc.yandex.ru/watch/26812653/1?wmode=7&page-url=http%3A%2F%2Fdfile.su%2Fd%2F4ETraRS14C%3Ftoken%3DynNccJqSpDZ8O6w%26key%3DudJuyNJHt2K52yMNXq9KH&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%2C%22shareVersion%22%3A2%7D&browser-info=ti%3A10%3Ans%3A1584935311163%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20200323044832%3Aet%3A1584935312%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A873883027%3Ahid%3A104113290%3Ads%3A74%2C5%2C108%2C1%2C787%2C0%2C0%2C114%2C6%2C%2C%2C%2C1091%3Afp%3A1013%3Agdpr%3A14%3Av%3A1816%3Ast%3A1584935312%3Au%3A1584935312390764338%3At%3ADownload%20file%20WINNER%20%2B%20CFG%20FIX%2023.03.rar

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set 4ETraRS14C
dfile.su/d/
Redirect Chain
  • https://tinyurl.com/winnerredis19
  • http://redissoft.ru/d/4ETraRS14C
  • http://dfile.su/d/4ETraRS14C
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://dfile.su/d/4ETraRS14C
Protocol
HTTP/1.1
Server
2606:4700:3031::6818:72ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c07a8a4e3dc32d352472c3118d3ab44c2a28b0017a7b049e9b263e09ddfac3f2

Request headers

Host
dfile.su
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Date
Mon, 23 Mar 2020 03:48:32 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=da4382218f0ef00a865cfd15803e5527c1584935312; expires=Wed, 22-Apr-20 03:48:32 GMT; path=/; domain=.dfile.su; HttpOnly; SameSite=Lax
Vary
Accept-Encoding
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
57852d642c87c2bd-FRA
Content-Encoding
gzip

Redirect headers

Date
Mon, 23 Mar 2020 03:48:31 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=ddf7469ef1bc002bde09ee9642aa636681584935311; expires=Wed, 22-Apr-20 03:48:31 GMT; path=/; domain=.redissoft.ru; HttpOnly; SameSite=Lax advanced-frontend=4gqkvm8qfjhasljmgu0pgk286b; path=/; HttpOnly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
http://dfile.su/d/4ETraRS14C
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
57852d6308721f35-FRA
style.css
dfile.su/landings/landing/standard/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://dfile.su/landings/landing/standard/css/style.css
Requested by
Host: dfile.su
URL: http://dfile.su/d/4ETraRS14C
Protocol
HTTP/1.1
Server
2606:4700:3031::6818:72ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7934038ddadd8a0ae78d471d348216900995f5dc7a8d33105c985b38837cf1b3

Request headers

Referer
http://dfile.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Mon, 23 Mar 2020 03:48:32 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Sat, 25 May 2019 05:01:31 GMT
Server
cloudflare
Age
12426809
ETag
W/"5ce8cc2b-7cb"
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
57852d64ed6dc2bd-FRA
Expires
Thu, 31 Dec 2037 23:55:55 GMT
font-awesome.min.css
dfile.su/landings/landing/standard/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://dfile.su/landings/landing/standard/css/font-awesome.min.css
Requested by
Host: dfile.su
URL: http://dfile.su/d/4ETraRS14C
Protocol
HTTP/1.1
Server
2606:4700:3031::6818:72ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
http://dfile.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Mon, 23 Mar 2020 03:48:32 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Sat, 25 May 2019 05:01:31 GMT
Server
cloudflare
Age
11881464
ETag
W/"5ce8cc2b-7918"
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
57852d64edfc9710-FRA
Expires
Thu, 31 Dec 2037 23:55:55 GMT
es5-shims.min.js
yastatic.net/es5-shims/0.0.2/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://yastatic.net/es5-shims/0.0.2/es5-shims.min.js
Requested by
Host: dfile.su
URL: http://dfile.su/d/4ETraRS14C
Protocol
HTTP/1.1
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
40f09dcdb226fb60428bfe107e02f6c50db1561694264b0144e0155f9f3e4140
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://dfile.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 23 Mar 2020 03:48:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Thu, 25 Oct 2018 11:27:00 GMT
Server
nginx/1.17.8
Etag
W/"32e3b4f3a8f6048da9934fec1ca08cea"
X-Nginx-Request-Id
543d8182538243fb
Strict-Transport-Security
max-age=43200000; includeSubDomains;
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=216013
Timing-Allow-Origin
*
Keep-Alive
timeout=5
Expires
Wed, 25 Mar 2020 15:43:48 GMT
share.js
yastatic.net/share2/ 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://yastatic.net/share2/share.js
Requested by
Host: dfile.su
URL: http://dfile.su/d/4ETraRS14C
Protocol
HTTP/1.1
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
97a6c819b850b610dbf983cab5f5ae7e4e14cdfbf24801f7ad912db3ab416204
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://dfile.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 23 Mar 2020 03:48:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 10 Jan 2020 11:19:39 GMT
Server
nginx/1.17.8
Etag
W/"b80b4fcc1d52aa20936d1312222209d6"
X-Nginx-Request-Id
f7da0298497fe275
Strict-Transport-Security
max-age=43200000; includeSubDomains;
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=216009
Timing-Allow-Origin
*
Keep-Alive
timeout=5
Expires
Wed, 25 Mar 2020 15:45:18 GMT
pi_load2.js
dfile.su/landings/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dfile.su/landings/js/pi_load2.js?v=5.0
Requested by
Host: dfile.su
URL: http://dfile.su/d/4ETraRS14C
Protocol
HTTP/1.1
Server
2606:4700:3031::6818:72ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
011b9c1e60f38210d99eb515333fea9731fcebc34cfb57bc58f0be11615eec9f

Request headers

Referer
http://dfile.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Mon, 23 Mar 2020 03:48:32 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Sat, 27 Jul 2019 20:21:19 GMT
Server
cloudflare
Age
3867988
ETag
W/"5d3cb23f-641"
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
57852d64e8839abc-FRA
Expires
Thu, 31 Dec 2037 23:55:55 GMT
map.png
dfile.su/landings/landing/standard/img/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dfile.su/landings/landing/standard/img/map.png
Requested by
Host: dfile.su
URL: http://dfile.su/d/4ETraRS14C
Protocol
HTTP/1.1
Server
2606:4700:3031::6818:72ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd3f69ede927eaf2032884852e070a36a8d603fe5aa237a3e0d1ff876118f5f0

Request headers

Referer
http://dfile.su/landings/landing/standard/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Mon, 23 Mar 2020 03:48:32 GMT
CF-Cache-Status
HIT
Last-Modified
Sat, 25 May 2019 05:01:31 GMT
Server
cloudflare
Age
20898389
ETag
"5ce8cc2b-e008"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
57852d650e089710-FRA
Content-Length
57352
Expires
Thu, 31 Dec 2037 23:55:55 GMT
fontawesome-webfont.woff2
dfile.su/landings/landing/standard/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://dfile.su/landings/landing/standard/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: dfile.su
URL: http://dfile.su/d/4ETraRS14C
Protocol
HTTP/1.1
Server
2606:4700:3031::6818:72ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin
http://dfile.su
Referer
http://dfile.su/landings/landing/standard/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 23 Mar 2020 03:48:32 GMT
CF-Cache-Status
HIT
Last-Modified
Sat, 25 May 2019 05:01:31 GMT
Server
cloudflare
Age
4471
ETag
"5ce8cc2b-12d68"
Vary
Accept-Encoding
Content-Type
font/woff2
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
57852d650d97c2bd-FRA
Content-Length
77160
watch.js
mc.yandex.ru/metrika/ 		135 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: yastatic.net
URL: http://yastatic.net/share2/share.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
34b568eef0657824a10a891e354fa61980da7909f3e35bee2b2d5353371f9687
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://dfile.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 23 Mar 2020 03:48:32 GMT
Content-Encoding
br
Last-Modified
Tue, 10 Mar 2020 15:04:41 GMT
Server
nginx/1.14.2
ETag
"5e67ac89-9ea0"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
40608
Expires
Mon, 23 Mar 2020 04:48:32 GMT
frame.html
yastatic.net/share2/ Frame D413 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/share2/frame.html?namespace=ya-share2.0.10274358804927863
Requested by
Host: yastatic.net
URL: http://yastatic.net/share2/share.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

:method
GET
:authority
yastatic.net
:scheme
https
:path
/share2/frame.html?namespace=ya-share2.0.10274358804927863
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://dfile.su/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
http://dfile.su/

Response headers

status
200
server
nginx/1.17.8
date
Mon, 23 Mar 2020 03:48:32 GMT
content-type
text/html; charset=utf-8
timing-allow-origin
*
vary
Accept-Encoding
x-nginx-request-id
a4a4549a4f76962c
access-control-allow-origin
*
etag
W/"a33dfb238e9cbd15c0816ad716b2a95d"
expires
Wed, 25 Mar 2020 15:48:38 GMT
last-modified
Fri, 10 Jan 2020 11:19:39 GMT
cache-control
public, max-age=216009
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
truncated
/ 		799 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2751eb32e3720b540ff8210d70e6af4c916a255ff05d96130d0125576b14afa5

Request headers

Referer
http://dfile.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		285 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ea8ef6a20a2f7307560b9fee2788613b13492d30582c95b6f57bc53383b68bd

Request headers

Referer
http://dfile.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		595 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e7a754dc68b051e1b18bbf37fc0f5557196bc8db1c5f1c31ce5d242ea5c95ed6

Request headers

Referer
http://dfile.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		603 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9be7e931e5978b27a1428050d2045f7759ae34424b2a60a021d57a7af6d981f6

Request headers

Referer
http://dfile.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		520 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb2b18ff7b82cdbab0ba5f095448f16c159526ff504699042f8069f1a70ae7f4

Request headers

Referer
http://dfile.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae28c4fad713f0365941038ab14753a9488e4c5b31ce36cdc48d8048907e62b0

Request headers

Referer
http://dfile.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
1
mc.yandex.ru/watch/26812653/
Redirect Chain
  • https://mc.yandex.ru/watch/26812653?wmode=7&page-url=http%3A%2F%2Fdfile.su%2Fd%2F4ETraRS14C%3Ftoken%3DynNccJqSpDZ8O6w%26key%3DudJuyNJHt2K52yMNXq9KH&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2...
  • https://mc.yandex.ru/watch/26812653/1?wmode=7&page-url=http%3A%2F%2Fdfile.su%2Fd%2F4ETraRS14C%3Ftoken%3DynNccJqSpDZ8O6w%26key%3DudJuyNJHt2K52yMNXq9KH&charset=utf-8&site-info=%7B%22jquery%22%3Afalse...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/26812653/1?wmode=7&page-url=http%3A%2F%2Fdfile.su%2Fd%2F4ETraRS14C%3Ftoken%3DynNccJqSpDZ8O6w%26key%3DudJuyNJHt2K52yMNXq9KH&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%2C%22shareVersion%22%3A2%7D&browser-info=ti%3A10%3Ans%3A1584935311163%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20200323044832%3Aet%3A1584935312%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A873883027%3Ahid%3A104113290%3Ads%3A74%2C5%2C108%2C1%2C787%2C0%2C0%2C114%2C6%2C%2C%2C%2C1091%3Afp%3A1013%3Agdpr%3A14%3Av%3A1816%3Ast%3A1584935312%3Au%3A1584935312390764338%3At%3ADownload%20file%20WINNER%20%2B%20CFG%20FIX%2023.03.rar
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://dfile.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Mar 2020 03:48:32 GMT
Last-Modified
Mon, 23-Mar-2020 03:48:32 GMT
Server
nginx/1.14.2
Location
/watch/26812653/1?wmode=7&page-url=http%3A%2F%2Fdfile.su%2Fd%2F4ETraRS14C%3Ftoken%3DynNccJqSpDZ8O6w%26key%3DudJuyNJHt2K52yMNXq9KH&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%2C%22shareVersion%22%3A2%7D&browser-info=ti%3A10%3Ans%3A1584935311163%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20200323044832%3Aet%3A1584935312%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A873883027%3Ahid%3A104113290%3Ads%3A74%2C5%2C108%2C1%2C787%2C0%2C0%2C114%2C6%2C%2C%2C%2C1091%3Afp%3A1013%3Agdpr%3A14%3Av%3A1816%3Ast%3A1584935312%3Au%3A1584935312390764338%3At%3ADownload%20file%20WINNER%20%2B%20CFG%20FIX%2023.03.rar
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Origin
http://dfile.su
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Mon, 23-Mar-2020 03:48:32 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 23 Mar 2020 03:48:32 GMT
Last-Modified
Mon, 23-Mar-2020 03:48:32 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
http://dfile.su
Strict-Transport-Security
max-age=31536000
Location
/watch/26812653/1?wmode=7&page-url=http%3A%2F%2Fdfile.su%2Fd%2F4ETraRS14C%3Ftoken%3DynNccJqSpDZ8O6w%26key%3DudJuyNJHt2K52yMNXq9KH&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%2C%22shareVersion%22%3A2%7D&browser-info=ti%3A10%3Ans%3A1584935311163%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20200323044832%3Aet%3A1584935312%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A873883027%3Ahid%3A104113290%3Ads%3A74%2C5%2C108%2C1%2C787%2C0%2C0%2C114%2C6%2C%2C%2C%2C1091%3Afp%3A1013%3Agdpr%3A14%3Av%3A1816%3Ast%3A1584935312%3Au%3A1584935312390764338%3At%3ADownload%20file%20WINNER%20%2B%20CFG%20FIX%2023.03.rar
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Mon, 23-Mar-2020 03:48:32 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://dfile.su/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 23 Mar 2020 03:48:32 GMT
Last-Modified
Fri, 17 Jan 2020 08:05:01 GMT
Server
nginx/1.14.2
ETag
"5e216aad-2b"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Mon, 23 Mar 2020 04:48:32 GMT
1
mc.yandex.ru/watch/26812653/ 		133 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/26812653/1?wmode=7&page-url=http%3A%2F%2Fdfile.su%2Fd%2F4ETraRS14C%3Ftoken%3DynNccJqSpDZ8O6w%26key%3DudJuyNJHt2K52yMNXq9KH&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%2C%22shareVersion%22%3A2%7D&browser-info=ti%3A10%3Ans%3A1584935311163%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20200323044832%3Aet%3A1584935312%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A873883027%3Ahid%3A104113290%3Ads%3A74%2C5%2C108%2C1%2C787%2C0%2C0%2C114%2C6%2C%2C%2C%2C1091%3Afp%3A1013%3Agdpr%3A14%3Av%3A1816%3Ast%3A1584935312%3Au%3A1584935312390764338%3At%3ADownload%20file%20WINNER%20%2B%20CFG%20FIX%2023.03.rar
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
bbe67ad0588e922326644665ef65871314e3495a119a9177f614e3790643658d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://dfile.su/
Origin
http://dfile.su
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Mon, 23 Mar 2020 03:48:32 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 23-Mar-2020 03:48:32 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://dfile.su
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
133
X-XSS-Protection
1; mode=block
Expires
Mon, 23-Mar-2020 03:48:32 GMT
1
mc.yandex.ru/watch/26812653/ 		43 B
530 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/26812653/1?page-url=http%3A%2F%2Fdfile.su%2Fd%2F4ETraRS14C%3Ftoken%3DynNccJqSpDZ8O6w%26key%3DudJuyNJHt2K52yMNXq9KH&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1584935311163%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Az%3A60%3Ai%3A20200323044832%3Aet%3A1584935312%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apa%3A1%3Arn%3A992900720%3Ahid%3A104113290%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Av%3A1816%3Ast%3A1584935313%3Au%3A1584935312390764338%3App%3A3629563401
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://dfile.su/
Origin
http://dfile.su
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 23 Mar 2020 03:48:32 GMT
Last-Modified
Mon, 23-Mar-2020 03:48:32 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
http://dfile.su
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Mon, 23-Mar-2020 03:48:32 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| Ya object| formparams object| yaCounter26812653

3 Cookies

Domain/Path Name / Value
.dfile.su/ Name: _ym_d
Value: 1584935312
.dfile.su/ Name: _ym_uid
Value: 1584935312390764338
.dfile.su/ Name: __cfduid
Value: da4382218f0ef00a865cfd15803e5527c1584935312

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dfile.su
mc.yandex.ru
redissoft.ru
tinyurl.com
yastatic.net
2606:4700:10::6814:db2a
2606:4700:3030::6818:7193
2606:4700:3031::6818:72ab
2a02:6b8:20::215
2a02:6b8::1:119
011b9c1e60f38210d99eb515333fea9731fcebc34cfb57bc58f0be11615eec9f
2751eb32e3720b540ff8210d70e6af4c916a255ff05d96130d0125576b14afa5
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
34b568eef0657824a10a891e354fa61980da7909f3e35bee2b2d5353371f9687
40f09dcdb226fb60428bfe107e02f6c50db1561694264b0144e0155f9f3e4140
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
7934038ddadd8a0ae78d471d348216900995f5dc7a8d33105c985b38837cf1b3
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8ea8ef6a20a2f7307560b9fee2788613b13492d30582c95b6f57bc53383b68bd
97a6c819b850b610dbf983cab5f5ae7e4e14cdfbf24801f7ad912db3ab416204
9be7e931e5978b27a1428050d2045f7759ae34424b2a60a021d57a7af6d981f6
ae28c4fad713f0365941038ab14753a9488e4c5b31ce36cdc48d8048907e62b0
bbe67ad0588e922326644665ef65871314e3495a119a9177f614e3790643658d
c07a8a4e3dc32d352472c3118d3ab44c2a28b0017a7b049e9b263e09ddfac3f2
cb2b18ff7b82cdbab0ba5f095448f16c159526ff504699042f8069f1a70ae7f4
cd3f69ede927eaf2032884852e070a36a8d603fe5aa237a3e0d1ff876118f5f0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a754dc68b051e1b18bbf37fc0f5557196bc8db1c5f1c31ce5d242ea5c95ed6