URL: https://gofile.io/d/tiKDAj
Submission Tags: phishing
Submission: On January 05 via api from AU

Summary

This website contacted 18 IPs in 4 countries across 14 domains to perform 53 HTTP transactions. The main IP is 213.32.73.239, located in France and belongs to OVH, FR. The main domain is gofile.io.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 15th 2020. Valid for: 3 months.
This is the only time gofile.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
28 gofile.io gofile.io
4 fonts.gstatic.com fonts.googleapis.com
3 cdnjs.cloudflare.com gofile.io
3 cdn.jsdelivr.net gofile.io
2 superonclick.com gofile.io
2 matomo.gofile.io gofile.io
2 cdn.datatables.net gofile.io
1 piunikaweb.com
1 discovernative.com gofile.io
1 ufpcdn.com superonclick.com
1 pagead2.googlesyndication.com gofile.io
1 www.onclickalgo.com gofile.io
1 apiv2.gofile.io gofile.io
1 cdn.rawgit.com gofile.io
1 cdn.buymeacoffee.com gofile.io
1 fonts.googleapis.com gofile.io
53 16

This site contains links to these domains. Also see Links.

Domain
www.buymeacoffee.com
www.patreon.com
discovernative.com
Subject Issuer Validity Valid
gofile.io
Let's Encrypt Authority X3
2020-11-15 -
2021-02-13
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-10-26 -
2021-04-17
6 months crt.sh
buymeacoffee.com
Cloudflare Inc ECC CA-3
2020-07-02 -
2021-07-02
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-29 -
2021-07-29
a year crt.sh
cdn.rawgit.com
ZeroSSL RSA Domain Secure Site CA
2020-11-18 -
2021-02-16
3 months crt.sh
matomo.gofile.io
Let's Encrypt Authority X3
2020-11-10 -
2021-02-08
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
apiv2.gofile.io
Let's Encrypt Authority X3
2020-11-08 -
2021-02-06
3 months crt.sh
www.onclickalgo.com
COMODO RSA Domain Validation Secure Server CA
2018-02-13 -
2021-02-12
3 years crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
discovernative.com
Sectigo RSA Domain Validation Secure Server CA
2020-06-01 -
2021-03-21
10 months crt.sh

This page contains 2 frames:

Primary Page: https://gofile.io/d/tiKDAj
Frame ID: 159FE1E4A77636B54710C096BCDA8419
Requests: 53 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: C52BCB63AC9C07C0A8CEA5D3C4A38E17
Requests: 1 HTTP requests in this frame

Screenshot


Page Statistics

53
Requests

100 %
HTTPS

65 %
IPv6

14
Domains

16
Subdomains

18
IPs

4
Countries

2322 kB
Transfer

3321 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request tiKDAj
gofile.io/d/
19 KB
19 KB
Document
General
Full URL
https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.32.73.239 , France, ASN16276 (OVH, FR),
Reverse DNS
gofile.io
Software
/ Express
Resource Hash
30e6686c10a5aa1de40bd7d7cbcf08d137b35820782f11973d51e6df914d9951
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
gofile.io
:scheme
https
:path
/d/tiKDAj
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
phishfarmer
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
phishfarmer

Response headers

accept-ranges
bytes
cache-control
public, max-age=0
content-type
text/html; charset=UTF-8
date
Tue, 05 Jan 2021 22:27:42 GMT
etag
W/"4a16-17659e5c1a9"
last-modified
Sun, 13 Dec 2020 02:19:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-powered-by
Express
x-xss-protection
1; mode=block
content-length
18966
all.min.css
gofile.io/plugins/fontawesome-free/css/
58 KB
58 KB
Stylesheet
General
Full URL
https://gofile.io/plugins/fontawesome-free/css/all.min.css
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.32.73.239 , France, ASN16276 (OVH, FR),
Reverse DNS
gofile.io
Software
/ Express
Resource Hash
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
x-content-type-options
nosniff
last-modified
Wed, 09 Dec 2020 14:08:47 GMT
x-powered-by
Express
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=UTF-8
x-xss-protection
1; mode=block
cache-control
public, max-age=0
accept-ranges
bytes
content-length
59344
etag
W/"e7d0-17647d541f9"
adminlte.min.css
gofile.io/dist/css/
641 KB
642 KB
Stylesheet
General
Full URL
https://gofile.io/dist/css/adminlte.min.css
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.32.73.239 , France, ASN16276 (OVH, FR),
Reverse DNS
gofile.io
Software
/ Express
Resource Hash
b4310e67227d06e29607e04e49ce9d138708d2e3739e8749331d7579667b8c9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Jun 2020 16:52:46 GMT
x-powered-by
Express
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=UTF-8
x-xss-protection
1; mode=block
cache-control
public, max-age=0
accept-ranges
bytes
content-length
656504
etag
W/"a0478-172cd7f37a2"
css
fonts.googleapis.com/
835 B
365 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1a2df0a9c201c609ab0ac2eb1fc78a77e861fdfc9697b05edf796faa88e5ff9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Tue, 05 Jan 2021 22:27:42 GMT
responsive.bootstrap4.min.css
gofile.io/plugins/datatables-responsive/css/
4 KB
4 KB
Stylesheet
General
Full URL
https://gofile.io/plugins/datatables-responsive/css/responsive.bootstrap4.min.css
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.32.73.239 , France, ASN16276 (OVH, FR),
Reverse DNS
gofile.io
Software
/ Express
Resource Hash
42ba549624c73f034d969840fb0355fb3456565b600d3e84834717540074e212
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Jun 2020 16:52:46 GMT
x-powered-by
Express
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=UTF-8
x-xss-protection
1; mode=block
cache-control
public, max-age=0
accept-ranges
bytes
content-length
3993
etag
W/"f99-172cd7f385e"
bootstrap-tagsinput.css
gofile.io/plugins/tags-input/
1 KB
1 KB
Stylesheet
General
Full URL
https://gofile.io/plugins/tags-input/bootstrap-tagsinput.css
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.32.73.239 , France, ASN16276 (OVH, FR),
Reverse DNS
gofile.io
Software
/ Express
Resource Hash
b8a120f6cf7f462a9554e21643cbead0822a7494dd9f10cca24f57862aa70295
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Jun 2020 16:52:46 GMT
x-powered-by
Express
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=UTF-8
x-xss-protection
1; mode=block
cache-control
public, max-age=0
accept-ranges
bytes
content-length
1359
etag
W/"54f-172cd7f3a26"
daterangepicker.css
gofile.io/plugins/daterangepicker/
8 KB
8 KB
Stylesheet
General
Full URL
https://gofile.io/plugins/daterangepicker/daterangepicker.css
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.32.73.239 , France, ASN16276 (OVH, FR),
Reverse DNS
gofile.io
Software
/ Express
Resource Hash
94fdb66ec8fe748981a4f2090fdf4a2a0a3dbe5ace2e65c4ce46e95d692bdac7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Jun 2020 16:52:46 GMT
x-powered-by
Express
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=UTF-8
x-xss-protection
1; mode=block
cache-control
public, max-age=0
accept-ranges
bytes
content-length
8069
etag
W/"1f85-172cd7f3866"
dataTables.bootstrap4.css
gofile.io/plugins/datatables-bs4/css/
6 KB
6 KB
Stylesheet
General
Full URL
https://gofile.io/plugins/datatables-bs4/css/dataTables.bootstrap4.css
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.32.73.239 , France, ASN16276 (OVH, FR),
Reverse DNS
gofile.io
Software
/ Express
Resource Hash
5b001f85bee556197588ea61795ba5862bd95c598d2fa3e5523382cd1056125f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Jun 2020 16:52:46 GMT
x-powered-by
Express
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=UTF-8
x-xss-protection
1; mode=block
cache-control
public, max-age=0
accept-ranges
bytes
content-length
5799
etag
W/"16a7-172cd7f3856"
simplemde.min.css
cdn.jsdelivr.net/simplemde/latest/
11 KB
3 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/simplemde/latest/simplemde.min.css
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
22cd1735f357f0a17fef42769eff107ba056ca25ebb45c4a7c9047a0380d0043
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
4089704
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2766
etag
W/"2ab1-KMUuCsk7y4/K505CCnGCY4+TLfY"
x-served-by
cache-fra19144-FRA
date
Tue, 05 Jan 2021 22:27:42 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
default-orange.png
cdn.buymeacoffee.com/buttons/
6 KB
7 KB
Image
General
Full URL
https://cdn.buymeacoffee.com/buttons/default-orange.png
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a3778ae563dd5b1c69c9ab4d7d2e22a228a9cbd28dac16295d334d67b7e3f57

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
via
1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1386
cf-polished
origFmt=png, origSize=12816
cf-ray
60d0a0ce29843258-FRA
x-cache
Hit from cloudfront
content-disposition
inline; filename="default-orange.webp"
content-length
6232
cf-request-id
077642d4d700003258c30eb000000001
last-modified
Wed, 23 Oct 2019 10:04:08 GMT
server
cloudflare
etag
"e3c2dd8564fe54aeda4092a6c2fbf434"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=skkgUurNFZ0OIkwJMFhoFfBQwEYHXRflKzVZ6QMImxhO8N3JNWBXsJ%2FWEjGa4DLWCHuVvP%2FaHOepqq8WKS4OaRfTkx4BtkuNCiFMC0ORoChg4v0ujwU0AUvWGFYQhA5pLg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
R_VKD0YFD.ooYvnVKQr5PA9Ya7l8iD9I
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/webp
x-amz-cf-id
6WdwDL7OKoTUQwuIUsDQutk_ZyTOUasLV-QzURkL_MNThCADpY471Q==
cf-bgj
imgq:100,h2pri
become_a_patron_button.png
gofile.io/dist/img/
6 KB
6 KB
Image
General
Full URL
https://gofile.io/dist/img/become_a_patron_button.png
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.32.73.239 , France, ASN16276 (OVH, FR),
Reverse DNS
gofile.io
Software
/ Express
Resource Hash
0c68395ad843ce5107774011154103ae8d17d44f3cafc73e6395bdd05da753c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Jun 2020 16:52:46 GMT
x-powered-by
Express
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
x-xss-protection
1; mode=block
cache-control
public, max-age=0
accept-ranges
bytes
content-length
6579
etag
W/"19b3-172cd7f37be"
logo-small.png
gofile.io/dist/img/
7 KB
7 KB
Image
General
Full URL
https://gofile.io/dist/img/logo-small.png
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.32.73.239 , France, ASN16276 (OVH, FR),
Reverse DNS
gofile.io
Software
/ Express
Resource Hash
d01dffdef6c5011e22a9fa1bebd9fcbb6d61f026316e1eaeac15e5da1aa7b2e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Jun 2020 16:52:46 GMT
x-powered-by
Express
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
x-xss-protection
1; mode=block
cache-control
public, max-age=0
accept-ranges
bytes
content-length
7490
etag
W/"1d42-172cd7f37c2"
user2-160x160.jpg
gofile.io/dist/img/
7 KB
7 KB
Image
General
Full URL
https://gofile.io/dist/img/user2-160x160.jpg
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.32.73.239 , France, ASN16276 (OVH, FR),
Reverse DNS
gofile.io
Software
/ Express
Resource Hash
0569e2b43626f349943f5d72e660d400fee87db19566f54debc9b118deb0a1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Jun 2020 16:52:46 GMT
x-powered-by
Express
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
public, max-age=0
accept-ranges
bytes
content-length
7070
etag
W/"1b9e-172cd7f37d6"
jquery.min.js
gofile.io/plugins/jquery/
86 KB
86 KB
Script
General
Full URL
https://gofile.io/plugins/jquery/jquery.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.32.73.239 , France, ASN16276 (OVH, FR),
Reverse DNS
gofile.io
Software
/ Express
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Jun 2020 16:52:46 GMT
x-powered-by
Express
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
x-xss-protection
1; mode=block
cache-control
public, max-age=0
accept-ranges
bytes
content-length
88145
etag
W/"15851-172cd7f391e"
popper.min.js
gofile.io/plugins/popper/umd/
21 KB
21 KB
Script
General
Full URL
https://gofile.io/plugins/popper/umd/popper.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.32.73.239 , France, ASN16276 (OVH, FR),
Reverse DNS
gofile.io
Software
/ Express
Resource Hash
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Jun 2020 16:52:46 GMT
x-powered-by
Express
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
x-xss-protection
1; mode=block
cache-control
public, max-age=0
accept-ranges
bytes
content-length
21257
etag
W/"5309-172cd7f39fe"
bootstrap.bundle.min.js
gofile.io/plugins/bootstrap/js/
77 KB
77 KB
Script
General
Full URL
https://gofile.io/plugins/bootstrap/js/bootstrap.bundle.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.32.73.239 , France, ASN16276 (OVH, FR),
Reverse DNS
gofile.io
Software
/ Express
Resource Hash
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Jun 2020 16:52:46 GMT
x-powered-by
Express
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
x-xss-protection
1; mode=block
cache-control
public, max-age=0
accept-ranges
bytes
content-length
78635
etag
W/"1332b-172cd7f384a"
adminlte.min.js
gofile.io/dist/js/
24 KB
24 KB
Script
General
Full URL
https://gofile.io/dist/js/adminlte.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.32.73.239 , France, ASN16276 (OVH, FR),
Reverse DNS
gofile.io
Software
/ Express
Resource Hash
52d721cf472bf478edf86d2097561b5dbf0fda636e812c686dcf405d47eb7877
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Jun 2020 16:52:46 GMT
x-powered-by
Express
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
x-xss-protection
1; mode=block
cache-control
public, max-age=0
accept-ranges
bytes
content-length
24244
etag
W/"5eb4-172cd7f37da"
moment.min.js
gofile.io/plugins/daterangepicker/
52 KB
52 KB
Script
General
Full URL
https://gofile.io/plugins/daterangepicker/moment.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.32.73.239 , France, ASN16276 (OVH, FR),
Reverse DNS
gofile.io
Software
/ Express
Resource Hash
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Jun 2020 16:52:46 GMT
x-powered-by
Express
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
x-xss-protection
1; mode=block
cache-control
public, max-age=0
accept-ranges
bytes
content-length
53324
etag
W/"d04c-172cd7f3866"
jquery.dataTables.js
gofile.io/plugins/datatables/
438 KB
439 KB
Script
General
Full URL
https://gofile.io/plugins/datatables/jquery.dataTables.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.32.73.239 , France, ASN16276 (OVH, FR),
Reverse DNS
gofile.io
Software
/ Express
Resource Hash
434720b876487ef974cf393af0f175746098de95b6cbac6f1f1e061cb43f960e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Jun 2020 16:52:46 GMT
x-powered-by
Express
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
x-xss-protection
1; mode=block
cache-control
public, max-age=0
accept-ranges
bytes
content-length
448564
etag
W/"6d834-172cd7f3862"
dataTables.bootstrap4.js
gofile.io/plugins/datatables-bs4/js/
5 KB
5 KB
Script
General
Full URL
https://gofile.io/plugins/datatables-bs4/js/dataTables.bootstrap4.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.32.73.239 , France, ASN16276 (OVH, FR),
Reverse DNS
gofile.io
Software
/ Express
Resource Hash
eb67b170f504fc63d5572a9d54c58fb7fd92b66d7c74b652a0f187dcf14f649b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Jun 2020 16:52:46 GMT
x-powered-by
Express
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
x-xss-protection
1; mode=block
cache-control
public, max-age=0
accept-ranges
bytes
content-length
4693
etag
W/"1255-172cd7f385a"
dataTables.responsive.min.js
gofile.io/plugins/datatables-responsive/js/
13 KB
13 KB
Script
General
Full URL
https://gofile.io/plugins/datatables-responsive/js/dataTables.responsive.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.32.73.239 , France, ASN16276 (OVH, FR),
Reverse DNS
gofile.io
Software
/ Express
Resource Hash
ed36e2939292383b8688e2c83857e13f8ee9e542ba875c33c3c085488fd32a17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Jun 2020 16:52:46 GMT
x-powered-by
Express
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
x-xss-protection
1; mode=block
cache-control
public, max-age=0
accept-ranges
bytes
content-length
13031
etag
W/"32e7-172cd7f385e"
datetime-moment.js
cdn.datatables.net/plug-ins/1.10.19/sorting/
2 KB
1 KB
Script
General
Full URL
https://cdn.datatables.net/plug-ins/1.10.19/sorting/datetime-moment.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dba13b16eb87f764a79f5792c4c1862662101c20dfb817bf5392d18575f4cea7

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
content-encoding
gzip
cf-cache-status
HIT
age
5511292
content-length
937
cf-request-id
077642d4b000004a56d9b65000000001
last-modified
Tue, 06 Oct 2020 09:41:18 GMT
server
cloudflare
etag
"1121eb0-828-5b0fd669d84fb-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
60d0a0cdea064a56-FRA
access-control-allow-headers
origin, x-requested-with, content-type
expires
Wed, 03 Nov 2021 03:32:50 GMT
ellipsis.js
cdn.datatables.net/plug-ins/1.10.19/dataRender/
3 KB
2 KB
Script
General
Full URL
https://cdn.datatables.net/plug-ins/1.10.19/dataRender/ellipsis.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7b6ffe29f3a5f9a09d76e0790638819b4dc50b7d0c2d132b7d044a07eff04dc

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4913178
content-length
1209
cf-request-id
077642d4b000004a56d21ed000000001
last-modified
Tue, 06 Oct 2020 09:41:15 GMT
server
cloudflare
etag
"1121db8-ac3-5b0fd6670a0cb-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
60d0a0cdea074a56-FRA
access-control-allow-headers
origin, x-requested-with, content-type
expires
Wed, 10 Nov 2021 01:41:24 GMT
daterangepicker.js
gofile.io/plugins/daterangepicker/
66 KB
66 KB
Script
General
Full URL
https://gofile.io/plugins/daterangepicker/daterangepicker.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.32.73.239 , France, ASN16276 (OVH, FR),
Reverse DNS
gofile.io
Software
/ Express
Resource Hash
7071393d236d9c35f0904907d217b95e42453e2056a452aa06005bf5459df9d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Jun 2020 16:52:46 GMT
x-powered-by
Express
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
x-xss-protection
1; mode=block
cache-control
public, max-age=0
accept-ranges
bytes
content-length
67268
etag
W/"106c4-172cd7f3866"
sha256.min.js
gofile.io/plugins/sha256/
9 KB
9 KB
Script
General
Full URL
https://gofile.io/plugins/sha256/sha256.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.32.73.239 , France, ASN16276 (OVH, FR),
Reverse DNS
gofile.io
Software
/ Express
Resource Hash
7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Jun 2020 16:52:46 GMT
x-powered-by
Express
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
x-xss-protection
1; mode=block
cache-control
public, max-age=0
accept-ranges
bytes
content-length
9017
etag
W/"2339-172cd7f3a0e"
sw2.all.min.js
gofile.io/plugins/sw2/
68 KB
68 KB
Script
General
Full URL
https://gofile.io/plugins/sw2/sw2.all.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.32.73.239 , France, ASN16276 (OVH, FR),
Reverse DNS
gofile.io
Software
/ Express
Resource Hash
7f7dd28dcff49b2dbffcf74d846fc35b2743c033ca4de0646efc5927b9a645dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Jun 2020 16:52:46 GMT
x-powered-by
Express
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
x-xss-protection
1; mode=block
cache-control
public, max-age=0
accept-ranges
bytes
content-length
69814
etag
W/"110b6-172cd7f3a26"
blockies.js
cdn.rawgit.com/alexvandesande/blockies/master/
3 KB
2 KB
Script
General
Full URL
https://cdn.rawgit.com/alexvandesande/blockies/master/blockies.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
BunnyCDN-DE1-481 /
Resource Hash
5283a72342bb29844e9ec7dc11a415a95fca4047af516728a8dd683bd8781873
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
481, 617
access-control-allow-origin
*
cdn-cachedat
2021-01-05 18:52:33
cdn-pullzone
201235
rawgit-cache-status
HIT
link
<https://rawgit.com/>; rel="sunset"; title="RawGit will soon shut down. Please stop using it."
server
BunnyCDN-DE1-481
x-robots-tag
none
vary
Accept-Encoding
sunset
Tue, 01 Oct 2019 00:00:00 GMT
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=2592000
cdn-requestid
90c06c49aa2498b3106b582bdf07ab25
content-type
application/javascript;charset=utf-8
cdn-requestcountrycode
DE
bootstrap-tagsinput.js
gofile.io/plugins/tags-input/
22 KB
22 KB
Script
General
Full URL
https://gofile.io/plugins/tags-input/bootstrap-tagsinput.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.32.73.239 , France, ASN16276 (OVH, FR),
Reverse DNS
gofile.io
Software
/ Express
Resource Hash
4d0aaae6064f5984f89d9669e2adf48701cbefaa8e90bc32532854e05cc5b041
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Jun 2020 16:52:46 GMT
x-powered-by
Express
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
x-xss-protection
1; mode=block
cache-control
public, max-age=0
accept-ranges
bytes
content-length
22284
etag
W/"570c-172cd7f3a26"
prism.js
cdnjs.cloudflare.com/ajax/libs/prism/1.16.0/
24 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prism/1.16.0/prism.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c80f24589f3f8a80ad3d90e42add656c22fd5d70ca53672b968a6bb724c0a3f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
930605
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
6880
cf-request-id
077642d49e00002b22d387c000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:40 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fac-5fa1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9QHoNQ9f47VhZ533%2BHIorasVs54L7KvvIv71pPe3SjG8IB8HUTWMWJkScM1WtXVzNW0dAq5X0v01E2ahzZ9l5Dmw6F%2BfL9ct7r955zBdnTz5Gwv14w2b1RAHJHj%2FUjHXXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
60d0a0cdc94d2b22-FRA
expires
Sun, 26 Dec 2021 22:27:42 GMT
prism-autoloader.js
cdnjs.cloudflare.com/ajax/libs/prism/1.16.0/plugins/autoloader/
7 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prism/1.16.0/plugins/autoloader/prism-autoloader.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a18263aa29a83081be45b86ab90907474422a0cae1c0fb22954b0b09b4e17c6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
930605
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
1969
cf-request-id
077642d49e00002b22cc2e4000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:40 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fac-1be6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8g2kRZPFg0dqbpp%2BL2Z7D4234tbsu3cHb8cHad8dXy%2Br9fOeI0kGwZsq901YeuGj%2Fno7CtSJUzvJXfVuGxI386M%2F6UV6pntg3RJyKvTIxeWRhD9NHQelP%2Bjx5fGe30vWAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
60d0a0cdc9502b22-FRA
expires
Sun, 26 Dec 2021 22:27:42 GMT
qrcode.min.js
gofile.io/plugins/qrcode/
19 KB
20 KB
Script
General
Full URL
https://gofile.io/plugins/qrcode/qrcode.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.32.73.239 , France, ASN16276 (OVH, FR),
Reverse DNS
gofile.io
Software
/ Express
Resource Hash
85bd0e28180f06b7f944d35dd07ef1ce75d6d9b63c2d70cb8e65f8b566c43db4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Jun 2020 16:52:46 GMT
x-powered-by
Express
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
x-xss-protection
1; mode=block
cache-control
public, max-age=0
accept-ranges
bytes
content-length
19930
etag
W/"4dda-172cd7f39fe"
pdf.js
cdnjs.cloudflare.com/ajax/libs/pdf.js/2.2.228/
715 KB
102 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/pdf.js/2.2.228/pdf.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c00139a4964854fccbf5fa54979ad6f7bebba81b0da78b3b433a3786fa89fd2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
930605
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
103376
cf-request-id
077642d49e00002b223405f000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f86-b2a05"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cPUxaTlF8xgT1rjtwaM37t7qzX3rcLVLVRbewVVLZVGxYHHciZeZjMXUb9LMFYeGR3CH1lwWtRnJoXS8mM92JlDE1IveYfbDu8%2F9v1B36B%2FNMyVd9W7%2Fd7wtK3blyPnHhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
60d0a0cdc9512b22-FRA
expires
Sun, 26 Dec 2021 22:27:42 GMT
marked.min.js
cdn.jsdelivr.net/npm/marked/
35 KB
11 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/marked/marked.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ff10f585eb80920dfe882e93d4d55a6daade6d1bea9e322628a23544533dcf27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
28776
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
11267
etag
W/"8cab-GXgR5p7VlqJRXSUsa6MlRhW+p9k"
x-served-by
cache-fra19144-FRA
date
Tue, 05 Jan 2021 22:27:42 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
simplemde.min.js
cdn.jsdelivr.net/simplemde/latest/
263 KB
85 KB
Script
General
Full URL
https://cdn.jsdelivr.net/simplemde/latest/simplemde.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eac66cece18fd14cdc97b503b0b68db32d4ad0a4d9c75fbac8456b449327d883
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
4089708
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
87380
etag
W/"41bfc-wnGoLWGe6pru30ow+mCVpGcRFXY"
x-served-by
cache-fra19144-FRA
date
Tue, 05 Jan 2021 22:27:42 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
dropzone.min.js
gofile.io/plugins/dropZone/
47 KB
47 KB
Script
General
Full URL
https://gofile.io/plugins/dropZone/dropzone.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.32.73.239 , France, ASN16276 (OVH, FR),
Reverse DNS
gofile.io
Software
/ Express
Resource Hash
386ff5d37c1787a5c8355d3a2533eca7336028d6bf8e73f52e33cfe58dd74036
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
x-content-type-options
nosniff
last-modified
Wed, 19 Aug 2020 19:05:52 GMT
x-powered-by
Express
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
x-xss-protection
1; mode=block
cache-control
public, max-age=0
accept-ranges
bytes
content-length
48149
etag
W/"bc15-174081d012c"
piwik.js
matomo.gofile.io/
69 KB
23 KB
Script
General
Full URL
https://matomo.gofile.io/piwik.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.202.184.93 , France, ASN16276 (OVH, FR),
Reverse DNS
mail.gofile.io
Software
Apache/2.4.38 (Debian) /
Resource Hash
0995371a359a4a701d66f8b183de6144de9a042e5bac84b6f920968f51567742

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
content-encoding
gzip
last-modified
Thu, 10 Sep 2020 22:55:10 GMT
server
Apache/2.4.38 (Debian)
etag
"1131c-5aefd75cecf80-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
23691
fa-solid-900.woff2
gofile.io/plugins/fontawesome-free/webfonts/
78 KB
79 KB
Font
General
Full URL
https://gofile.io/plugins/fontawesome-free/webfonts/fa-solid-900.woff2
Requested by
Host: gofile.io
URL: https://gofile.io/plugins/fontawesome-free/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.32.73.239 , France, ASN16276 (OVH, FR),
Reverse DNS
gofile.io
Software
/ Express
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://gofile.io
Referer
https://gofile.io/plugins/fontawesome-free/css/all.min.css
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
x-content-type-options
nosniff
last-modified
Wed, 09 Dec 2020 14:08:47 GMT
x-powered-by
Express
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
x-xss-protection
1; mode=block
cache-control
public, max-age=0
accept-ranges
bytes
content-length
80300
etag
W/"139ac-17647d54219"
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdr.ttf
fonts.gstatic.com/s/sourcesanspro/v14/
40 KB
40 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdr.ttf
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5703c7f23685a6adbea2ea9ffde69d3d8f9fc8085e7f9f00a09c5be9c9a0ad7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://gofile.io
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 04:00:13 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:58 GMT
server
sffe
age
66449
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40600
x-xss-protection
0
expires
Wed, 05 Jan 2022 04:00:13 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7g.ttf
fonts.gstatic.com/s/sourcesanspro/v14/
39 KB
40 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7g.ttf
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed891295d5d4f70182e68bb3fa450a2b0bf22cfc89286c420632639fb6fd3510
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://gofile.io
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700
User-Agent
phishfarmer

Response headers

date
Mon, 04 Jan 2021 00:08:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:09 GMT
server
sffe
age
166745
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40408
x-xss-protection
0
expires
Tue, 04 Jan 2022 00:08:37 GMT
6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDc.ttf
fonts.gstatic.com/s/sourcesanspro/v14/
37 KB
37 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDc.ttf
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dedabcac682b665e87347797ba4ecb42575d62f3b4fd6b8b20cdcec20fc92bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://gofile.io
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700
User-Agent
phishfarmer

Response headers

date
Wed, 30 Dec 2020 18:44:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:36 GMT
server
sffe
age
531789
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37564
x-xss-protection
0
expires
Thu, 30 Dec 2021 18:44:33 GMT
download.html
gofile.io/contents/
40 KB
40 KB
XHR
General
Full URL
https://gofile.io/contents/download.html
Requested by
Host: gofile.io
URL: https://gofile.io/plugins/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.32.73.239 , France, ASN16276 (OVH, FR),
Reverse DNS
gofile.io
Software
/ Express
Resource Hash
1c2cd2f204495b59f6ece1ee0a77c1dd3c02079cc7ca9341e928ce36a4b6ea28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
text/html, */*; q=0.01
Referer
https://gofile.io/d/tiKDAj
X-Requested-With
XMLHttpRequest
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
x-content-type-options
nosniff
last-modified
Fri, 11 Dec 2020 11:36:25 GMT
x-powered-by
Express
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/html; charset=UTF-8
x-xss-protection
1; mode=block
cache-control
public, max-age=0
accept-ranges
bytes
content-length
40720
etag
W/"9f10-17651967b80"
truncated
/
244 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1464944002378da030604daf8748df26e9d131aac4711173d845c9d12f0bd7a1

Request headers

Referer
User-Agent
phishfarmer

Response headers

Content-Type
image/png
piwik.php
matomo.gofile.io/
43 B
105 B
Image
General
Full URL
https://matomo.gofile.io/piwik.php?action_name=Gofile&idsite=1&rec=1&r=445622&h=23&m=27&s=42&url=https%3A%2F%2Fgofile.io%2Fd%2FtiKDAj&_id=19d8b520a2bb9b75&_idts=1609885663&_idvc=1&_idn=1&_refts=0&_viewts=1609885663&send_image=1&cookie=1&res=1600x1200&gt_ms=43&pv_id=7wDFpN
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.202.184.93 , France, ASN16276 (OVH, FR),
Reverse DNS
mail.gofile.io
Software
Apache/2.4.38 (Debian) / PHP/7.4.12
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
cache-control
no-store
server
Apache/2.4.38 (Debian)
x-powered-by
PHP/7.4.12
content-length
43
content-type
image/gif
getUpload
apiv2.gofile.io/
28 B
236 B
XHR
General
Full URL
https://apiv2.gofile.io/getUpload?c=tiKDAj
Requested by
Host: gofile.io
URL: https://gofile.io/plugins/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.182.142.52 , France, ASN16276 (OVH, FR),
Reverse DNS
gofile.io
Software
/ Express
Resource Hash
c0ed2f817b0e1a83aa92c0ba5e39ed5ffad5bd061204c977c8ad2b16d9fce80b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:42 GMT
x-content-type-options
nosniff
x-powered-by
Express
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
content-length
28
etag
W/"1c-80vEiC4Xdc6dRh0hu/J9NyipHIQ"
fa-regular-400.woff2
gofile.io/plugins/fontawesome-free/webfonts/
13 KB
13 KB
Font
General
Full URL
https://gofile.io/plugins/fontawesome-free/webfonts/fa-regular-400.woff2
Requested by
Host: gofile.io
URL: https://gofile.io/plugins/fontawesome-free/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.32.73.239 , France, ASN16276 (OVH, FR),
Reverse DNS
gofile.io
Software
/ Express
Resource Hash
ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://gofile.io
Referer
https://gofile.io/plugins/fontawesome-free/css/all.min.css
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:43 GMT
x-content-type-options
nosniff
last-modified
Wed, 09 Dec 2020 14:08:47 GMT
x-powered-by
Express
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
x-xss-protection
1; mode=block
cache-control
public, max-age=0
accept-ranges
bytes
content-length
13548
etag
W/"34ec-17647d54209"
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdr.ttf
fonts.gstatic.com/s/sourcesanspro/v14/
39 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdr.ttf
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e44186395f92ca92a743b7bfce319e95f8a16705b772ae61fc46e8c00f6842c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://gofile.io
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700
User-Agent
phishfarmer

Response headers

date
Fri, 01 Jan 2021 06:45:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
402149
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20519
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:17 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Jan 2022 06:45:13 GMT
testAff.js
gofile.io/plugins/testAff/
5 KB
5 KB
Script
General
Full URL
https://gofile.io/plugins/testAff/testAff.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.32.73.239 , France, ASN16276 (OVH, FR),
Reverse DNS
gofile.io
Software
/ Express
Resource Hash
6fe202eae27ab562ec9ea2ad3512e8087b256c6a27d7dc9906f6f37dd5c7a10f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:43 GMT
x-content-type-options
nosniff
last-modified
Fri, 11 Dec 2020 11:36:25 GMT
x-powered-by
Express
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
x-xss-protection
1; mode=block
cache-control
public, max-age=0
accept-ranges
bytes
content-length
4700
etag
W/"125c-17651967b80"
display.php
www.onclickalgo.com/a/
0
71 B
Script
General
Full URL
https://www.onclickalgo.com/a/display.php?r=3907327
Requested by
Host: gofile.io
URL: https://gofile.io/d/tiKDAj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.66.189 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
189.66.201.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

access-control-allow-origin
*
date
Tue, 05 Jan 2021 22:27:43 GMT
via
1.1 google
server
openresty
alt-svc
clear
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
133 KB
47 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: gofile.io
URL: https://gofile.io/plugins/testAff/testAff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f796b4788ac33a8a78161d52d24d866e5bf6ba2ae1b0dfdb6760802f6bce86dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
47107
x-xss-protection
0
server
cafe
etag
747895432223612511
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 05 Jan 2021 22:27:43 GMT
native_render.js
superonclick.com/script/
4 KB
2 KB
Script
General
Full URL
https://superonclick.com/script/native_render.js
Requested by
Host: gofile.io
URL: https://gofile.io/plugins/testAff/testAff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681b:ae64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

x-goog-hash
crc32c=rXethw==, md5=i4AdaMb2P574qaeqSEucdQ==
date
Tue, 05 Jan 2021 22:27:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
997
x-guploader-uploadid
ABg5-UyBm2C-2X3BhHO2dCZyRriOttUeLLnhN8B-TH5Mcx3UfWTfKJ6xIOL8HE7REwuWyrFmcrS6bI4i3Sqy7OIXUgE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
application/javascript
cf-request-id
077642d78a00001f151f03a000000001
last-modified
Wed, 13 Feb 2019 10:15:50 GMT
server
cloudflare
etag
W/"8b801d68c6f63f9ef8a9a7aa484b9c75"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=w4bkT6EDGkMz1Dnnqr7sz2GaX3W2ZvmWDEZadqJeFCsCIV7sEPQayfF3gy4hMi32eaqw5RSto6zH%2FA9X4mJ7ebpchYJ7JqKXQkzqntuui5ksLSfjri4ytmdMVF%2B%2F"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1550052950916101
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
4285
cf-ray
60d0a0d278621f15-FRA
expires
Tue, 05 Jan 2021 23:11:06 GMT
native_server.js
superonclick.com/script/
9 KB
4 KB
Script
General
Full URL
https://superonclick.com/script/native_server.js
Requested by
Host: gofile.io
URL: https://gofile.io/plugins/testAff/testAff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681b:ae64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

x-goog-hash
crc32c=RAjq/g==, md5=Udh+nr2DH8yragFgeaYHkw==
date
Tue, 05 Jan 2021 22:27:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2785
x-guploader-uploadid
ABg5-Uwe094c7UyNwvbofmKRxuE8OGzIIj9-ZrsXsQ84opOrW3-kGUgI_YNGgO9RIqaxGi8zTD2il3AO_pYrjZW9RJw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
application/javascript
cf-request-id
077642d78a00001f15162fb000000001
last-modified
Wed, 13 Feb 2019 10:15:52 GMT
server
cloudflare
etag
W/"51d87e9ebd831fccab6a016079a60793"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IQBMAfU%2B2yT8oZ6M%2FiVYVj%2BMuu9pfMUnblv9XQMcYDmi4iICS9eVILlXKIHHY7mi2TRXerJuTeqrL0yS7K9Oukwx4wR%2FWM8DYMpF0hojWfTAXerzCUzgw3VJkHCv"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1550052952705094
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
9260
cf-ray
60d0a0d278651f15-FRA
expires
Tue, 05 Jan 2021 22:34:41 GMT
identify.html
ufpcdn.com/script/ Frame C52B
0
0
Document
General
Full URL
https://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: superonclick.com
URL: https://superonclick.com/script/native_server.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:3747 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
ufpcdn.com
:scheme
https
:path
/script/identify.html?frmt=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
phishfarmer
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://gofile.io/d/tiKDAj
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
phishfarmer
Referer
https://gofile.io/d/tiKDAj

Response headers

date
Tue, 05 Jan 2021 22:27:43 GMT
content-type
text/html
set-cookie
__cfduid=d0f36b5e72f1d1ae0264476d298df13ef1609885663; expires=Thu, 04-Feb-21 22:27:43 GMT; path=/; domain=.ufpcdn.com; HttpOnly; SameSite=Lax __cf_bm=165535224db37cf6b93faad24444ac3216805952-1609885663-1800-AY4Kg9CQEJnlLw9fdr+S5xwvz96vVQH5MJLaa+1y8BrW41Fv7MRcv/mE9diRGg1uECVTYK5dwQxqAsFvT8scvZQ=; path=/; expires=Tue, 05-Jan-21 22:57:43 GMT; domain=.ufpcdn.com; HttpOnly; Secure; SameSite=None
last-modified
Tue, 15 May 2018 06:39:25 GMT
cf-cache-status
DYNAMIC
cf-request-id
077642d887000097ba9d88b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YLW6%2BuqflCF92f4bzeDhv%2BS2qSd4YSdYTqyfraT9y7cJYtLY68QnbxqVGsJa1cvUh9XkjGqESE4d%2Fa5Pti%2F%2FTUrKGoBOV3zTvugbXDhwY1gPhFof67BI"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
60d0a0d40ff097ba-FRA
content-encoding
br
native.php
discovernative.com/script/
0
71 B
Script
General
Full URL
https://discovernative.com/script/native.php?nwpsv=1&r=3852687&cbrandom=0.6773773202206579&cbWidth=1600&cbHeight=1200&cbtitle=Gofile&cbref=&cbdescription=Gofile%20is%20a%20free%20and%20anonymous%20file-sharing%20platform.%20You%20can%20store%20and%20share%20data%20of%20all%20types%20(files%2C%20images%2C%20music%2C%20videos%20etc...).%20There%20is%20no%20limit%2C%20you%20download%20at%20the%20maximum%20speed%20of%20your%20connection%20and%20everything%20is%20free.&cbkeywords=gofile%2Cdownload%2Cupload%2Cfree%2Chost%2Cstorage%2Cshare%2Cbig%2Cfile%2Cvideo%2Cimage%2Caudio&cbiframe=0&&callback=jsonp152342
Requested by
Host: gofile.io
URL: https://gofile.io/plugins/testAff/testAff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.31.231 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.31.211.130.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

access-control-allow-origin
*
date
Tue, 05 Jan 2021 22:27:43 GMT
via
1.1 google
server
openresty
alt-svc
clear
NordVPN-400x200.png
piunikaweb.com/wp-content/uploads/2019/06/
43 KB
44 KB
Image
General
Full URL
https://piunikaweb.com/wp-content/uploads/2019/06/NordVPN-400x200.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:d128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65b6d02e9211b454227756007a805c5dbee9c288b7c36f9153e5893b4c0eae64
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://gofile.io/d/tiKDAj
User-Agent
phishfarmer

Response headers

date
Tue, 05 Jan 2021 22:27:47 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3273
content-length
44012
cf-request-id
077642e95c00002b1e24084000000001
last-modified
Fri, 21 Feb 2020 03:04:26 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"abec-59f0d47782280"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=50ovJEKP2evPGeXxCSSgq1BI8fRtkDHRpGRbXXhB5tlnwDBk4MH4wcbFbxC%2BAefwiE5RRED4TUw3ZX2VqFIlONs4phbJvaJCPwZK9GLhihr5wVnDn5xH7LawUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
60d0a0eefb802b1e-FRA

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _paq function| $ function| jQuery function| Popper object| bootstrap object| adminlte function| moment function| daterangepicker function| sha256 function| sha224 function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| blockies object| _self object| Prism function| QRCode boolean| _pdfjsCompatibilityChecked object| __core-js_shared__ object| core object| regeneratorRuntime object| pdfjsLib object| pdfjs-dist/build/pdf function| marked function| SimpleMDE function| _typeof function| _possibleConstructorReturn function| _getPrototypeOf function| _assertThisInitialized function| _inherits function| _setPrototypeOf function| _classCallCheck function| _defineProperties function| _createClass function| Emitter function| Dropzone function| without function| camelize function| detectVerticalSquash function| drawImageIOSFix function| ExifRestore function| contentLoaded function| __guard__ function| __guardMethod__ string| account string| token string| accountType object| icon string| apiServer function| escapeHtml function| onAjaxLink function| isLogged function| humanFileSize function| sleep function| updateBlockiesAccount function| verifToken function| welcomeVPN object| JSON_PIWIK object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log function| removeUploadByAC function| removeUploadByToken string| code string| server string| zipLink string| fileExtension string| filesArray object| zoneNativeSett object| urls function| acPrefetch object| nativeInit object| nativeForPublishers object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle object| _0x50db function| _0x48ba function| setupAd object| CTABPuNative object| _0x32b6 function| _0xda00 object| CTAHKA function| ufpAttach boolean| wait function| native_request string| zone object| adcashUfp function| jsonp152342

2 Cookies

Domain/Path Name / Value
gofile.io/ Name: _pk_ses.1.8b62
Value: 1
gofile.io/ Name: _pk_id.1.8b62
Value: 19d8b520a2bb9b75.1609885663.1.1609885663.1609885663.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apiv2.gofile.io
cdn.buymeacoffee.com
cdn.datatables.net
cdn.jsdelivr.net
cdn.rawgit.com
cdnjs.cloudflare.com
discovernative.com
fonts.googleapis.com
fonts.gstatic.com
gofile.io
matomo.gofile.io
pagead2.googlesyndication.com
piunikaweb.com
superonclick.com
ufpcdn.com
www.onclickalgo.com
130.211.31.231
149.202.184.93
151.101.14.109
213.32.73.239
217.182.142.52
2606:4700:10::6816:325d
2606:4700:20::681a:a27
2606:4700:3033::681b:ae64
2606:4700:3035::6812:3747
2606:4700:3036::ac43:d128
2606:4700::6810:135e
2a00:1450:4001:802::200a
2a00:1450:4001:819::2002
2a00:1450:4001:81e::2003
2a00:1450:4001:825::2003
2a00:f48:2000:1023::3
35.201.66.189
0569e2b43626f349943f5d72e660d400fee87db19566f54debc9b118deb0a1df
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0995371a359a4a701d66f8b183de6144de9a042e5bac84b6f920968f51567742
0a3778ae563dd5b1c69c9ab4d7d2e22a228a9cbd28dac16295d334d67b7e3f57
0c68395ad843ce5107774011154103ae8d17d44f3cafc73e6395bdd05da753c7
0c80f24589f3f8a80ad3d90e42add656c22fd5d70ca53672b968a6bb724c0a3f
1464944002378da030604daf8748df26e9d131aac4711173d845c9d12f0bd7a1
1a2df0a9c201c609ab0ac2eb1fc78a77e861fdfc9697b05edf796faa88e5ff9d
1c2cd2f204495b59f6ece1ee0a77c1dd3c02079cc7ca9341e928ce36a4b6ea28
22cd1735f357f0a17fef42769eff107ba056ca25ebb45c4a7c9047a0380d0043
30e6686c10a5aa1de40bd7d7cbcf08d137b35820782f11973d51e6df914d9951
386ff5d37c1787a5c8355d3a2533eca7336028d6bf8e73f52e33cfe58dd74036
42ba549624c73f034d969840fb0355fb3456565b600d3e84834717540074e212
434720b876487ef974cf393af0f175746098de95b6cbac6f1f1e061cb43f960e
4d0aaae6064f5984f89d9669e2adf48701cbefaa8e90bc32532854e05cc5b041
4dedabcac682b665e87347797ba4ecb42575d62f3b4fd6b8b20cdcec20fc92bc
5283a72342bb29844e9ec7dc11a415a95fca4047af516728a8dd683bd8781873
52d721cf472bf478edf86d2097561b5dbf0fda636e812c686dcf405d47eb7877
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5703c7f23685a6adbea2ea9ffde69d3d8f9fc8085e7f9f00a09c5be9c9a0ad7f
5b001f85bee556197588ea61795ba5862bd95c598d2fa3e5523382cd1056125f
5c00139a4964854fccbf5fa54979ad6f7bebba81b0da78b3b433a3786fa89fd2
65b6d02e9211b454227756007a805c5dbee9c288b7c36f9153e5893b4c0eae64
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6fe202eae27ab562ec9ea2ad3512e8087b256c6a27d7dc9906f6f37dd5c7a10f
7071393d236d9c35f0904907d217b95e42453e2056a452aa06005bf5459df9d2
7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a
7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
7f7dd28dcff49b2dbffcf74d846fc35b2743c033ca4de0646efc5927b9a645dc
85bd0e28180f06b7f944d35dd07ef1ce75d6d9b63c2d70cb8e65f8b566c43db4
94fdb66ec8fe748981a4f2090fdf4a2a0a3dbe5ace2e65c4ce46e95d692bdac7
a18263aa29a83081be45b86ab90907474422a0cae1c0fb22954b0b09b4e17c6f
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b4310e67227d06e29607e04e49ce9d138708d2e3739e8749331d7579667b8c9e
b8a120f6cf7f462a9554e21643cbead0822a7494dd9f10cca24f57862aa70295
c0ed2f817b0e1a83aa92c0ba5e39ed5ffad5bd061204c977c8ad2b16d9fce80b
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d
d01dffdef6c5011e22a9fa1bebd9fcbb6d61f026316e1eaeac15e5da1aa7b2e1
dba13b16eb87f764a79f5792c4c1862662101c20dfb817bf5392d18575f4cea7
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44186395f92ca92a743b7bfce319e95f8a16705b772ae61fc46e8c00f6842c4
eac66cece18fd14cdc97b503b0b68db32d4ad0a4d9c75fbac8456b449327d883
eb67b170f504fc63d5572a9d54c58fb7fd92b66d7c74b652a0f187dcf14f649b
ed36e2939292383b8688e2c83857e13f8ee9e542ba875c33c3c085488fd32a17
ed891295d5d4f70182e68bb3fa450a2b0bf22cfc89286c420632639fb6fd3510
f796b4788ac33a8a78161d52d24d866e5bf6ba2ae1b0dfdb6760802f6bce86dc
f7b6ffe29f3a5f9a09d76e0790638819b4dc50b7d0c2d132b7d044a07eff04dc
ff10f585eb80920dfe882e93d4d55a6daade6d1bea9e322628a23544533dcf27